Report - contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=

Report Overview

Submitted URL
contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=
IP
54.91.59.199
ASN
#14618 AMAZON-AES
Submitted
2023-01-31 12:38:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
www.dropbox.com	1994	2012-05-21T22:31:28Z	2023-03-13T07:55:48Z	3.6 kB	40 kB	162.125.71.18
d.dropbox.com	1300	2012-11-25T21:07:07Z	2023-03-12T18:12:06Z	1.2 kB	1.1 kB	162.125.8.20
consent.dropbox.com	27413	2021-06-16T17:13:58Z	2023-03-12T23:42:49Z	657 B	1.3 kB	54.230.111.63
c.evidon.com	1097	2017-03-09T22:38:50Z	2023-03-13T07:50:56Z	1.9 kB	51 kB	23.32.100.208
nexus-websocket-a.intercom.io	2137	2015-06-26T12:17:57Z	2023-03-13T05:38:27Z	742 B	281 B	35.174.127.31
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.189.58.221
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	74 kB	34.120.237.76
cfl.dropboxstatic.com	13598	2017-01-30T05:53:29Z	2023-03-13T05:51:24Z	433 B	69 kB	104.16.100.29
widget.intercom.io	2417	2020-07-20T14:16:46Z	2023-03-13T07:32:58Z	378 B	6.8 kB	54.230.111.53
js.intercomcdn.com	2440	2020-02-19T12:43:00Z	2023-03-13T07:32:58Z	761 B	141 kB	54.230.111.62
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.4 kB	3.8 kB	54.230.245.100
contentcrowd.docsend.com	unknown	2017-10-13T12:51:08Z	2023-03-06T08:16:35Z	9.8 kB	48 kB	3.220.57.224
l.evidon.com	8143	2020-08-25T21:57:20Z	2023-03-13T07:50:57Z	1.0 kB	382 B	3.230.223.229
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	2.2 kB	93.184.220.29
d2qvtfnm75xrxf.cloudfront.net	unknown	2015-07-20T12:03:28Z	2023-03-12T17:13:45Z	7.2 kB	3.8 MB	54.230.245.210
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	104.18.32.68
d5doxliz2zm8u.cloudfront.net	unknown	2021-11-04T18:17:10Z	2023-03-12T17:13:45Z	1.2 kB	91 kB	54.230.245.153
api-iam.intercom.io	2892	2018-08-02T22:07:54Z	2023-03-13T07:27:25Z	996 B	2.0 kB	54.81.202.145
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	435 B	630 B	142.250.74.106
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 12:38:15	high	162.125.71.18	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use
2023-01-31 12:38:17	high	162.125.8.20	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	c.evidon.com/sitenotice/evidon-banner.js	13 kB	2023-03-09	2023-03-26
Pretty URL c.evidon.com/sitenotice/evidon-banner.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:10:59 Last Seen2023-03-26 13:12:38 Times Seen50 Hash 953f08dcce4b8af3f743056f673c8514 4e8acdae78b9b5f1c228cb28de23cca6ad5b3c4e f82f137e8e73611fa376c19abe5d768d8880cfce9082c8cb8a5819d3350bc881 Loading...

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=	3.3 kB	2023-03-13	2023-03-13
Pretty URL contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:18:33 Last Seen2023-03-13 13:18:33 Times Seen1 Hash e8133b3b7632c3a8b8f0d7a6ad3460cb 4d4084565f6dff476698e32b278bdcea74f041ee 2802f1e25b299054f2cd50b660525632213a43b06f0249e4ceb0d1021afd3dce Loading...

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=	587 B	2023-03-13	2023-03-13
Pretty URL contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:18:33 Last Seen2023-03-13 13:18:33 Times Seen1 Hash b93818cda4ae0851a22aee154bb78655 6ce32ad25b54707c5063e1f14a2a487c9be3d68b 64904de7ee424a09474863df1393e595a5545712310d3690ee74790a2b99c5c8 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 15:29:32 Times Seen37064958 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.dropbox.com/pithos/privacy_consent	8.4 kB	2023-03-13	2023-03-13
Pretty URL www.dropbox.com/pithos/privacy_consent IP 162.125.71.18 ASN #19679 DROPBOX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:18:33 Last Seen2023-03-13 13:18:33 Times Seen1 Hash e5f76e5aa1bff8556c359a2857958012 46ab6d89c0815cd951c29e2495e8047bc41a8ea3 738aa399665191c84359c506abcc56c49f3ed2ce396f995da20f5154c57ef7c6 Loading...

	c.evidon.com/sitenotice/evidon-sitenotice-tag.js	75 kB	2023-03-09	2023-03-13
Pretty URL c.evidon.com/sitenotice/evidon-sitenotice-tag.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:15:50 Last Seen2023-03-13 19:09:27 Times Seen1 Hash b9539a2e77d15a946ad29fbada55c14c 01b157a8436cb78c9ff3364c629b5390429b0308 973e0be9ad095c6bea8d2a9b22df3acbc368ecb234823059ddac700ed103c593 Loading...

	c.evidon.com/sitenotice/3401/snthemes.js	125 kB	2023-03-07	2023-04-02
Pretty URL c.evidon.com/sitenotice/3401/snthemes.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2023-04-02 21:30:48 Times Seen64 Hash 0e8f664fca39681028b4b07b5be34f2d 7298f430eb83f9116df80423cf956d09d0e6f8c4 4f71436a97288b116c8b61d62030fa6549acb42827ca7f7aeaacab78132190a8 Loading...

	c.evidon.com/sitenotice/3401/dropbox/settings.js	5.1 kB	2023-03-07	2023-03-14
Pretty URL c.evidon.com/sitenotice/3401/dropbox/settings.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:27 Last Seen2023-03-14 06:57:53 Times Seen1 Hash 7119db14253f426ac1ed52da3fd5d054 9377f384c543a5211174e97b4cec458e2a801d34 4a01a147c430ebeffa841da984db9622de37957eed294ed3dcf4fa4deb7422df Loading...

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js	9.6 kB	2023-03-13	2023-03-13
Pretty URL d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js IP 54.230.245.210 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:21 Last Seen2023-03-13 14:18:16 Times Seen1 Hash b43afc413a3d2b171ebed756526da932 3e8ead26a98d769e1e39170122c27053fe4c678b 0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7 Loading...

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=	31 B	2023-03-07	2024-04-20
Pretty URL contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-04-20 22:15:48 Times Seen468 Hash 997bc267a126a1af0b147e52ee2274ec 283f5eea465445d4a02d6b006954adabe6ae86b1 f37819c0a8f3d5b4aefb1c1a91f921d9b7b5f9377e136614329bc495b993087a Loading...

	widget.intercom.io/widget/lv6lji7h	19 kB	2023-03-13	2023-03-13
Pretty URL widget.intercom.io/widget/lv6lji7h IP 54.230.111.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:14:40 Last Seen2023-03-13 13:30:01 Times Seen1 Hash cb12e8f7e1db1635d6f3239764bb4467 bb8ccaaf7764209b999a19e7612c988f13885af3 35842fa039b7bda4882c3d0dc3c6c2979c4cdf357eed37a4845931842349a24c Loading...

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fcontentcrowd.docsend.com&sandbox_redirect=false	569 B	2023-03-07	2023-04-05
Pretty URL consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fcontentcrowd.docsend.com&sandbox_redirect=false IP 54.230.111.63 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:27 Last Seen2023-04-05 02:11:39 Times Seen83 Hash 61b81b2411a67a89aad55835c4e864f2 623c4e487131583d402815eb75cfced9b694017d 929203495e37db6972ddc172e9664002093c6bb973da2ca7a5001c26d680d2de Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vfllph1M9.js	108 kB	2023-03-13	2023-03-13
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vfllph1M9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:25:48 Last Seen2023-03-13 15:11:09 Times Seen1 Hash 96987533d4700e38006e30ad8fad9edb 3b784dec2308460a9f40585423936c4e54fc93ff fc677b17157c0d63f0f8a552aab9080d73c07aa4b1da0b5db178dc7e67ada14b Loading...

	c.evidon.com/sitenotice/3401/translations/en.js	41 kB	2023-03-08	2023-03-14
Pretty URL c.evidon.com/sitenotice/3401/translations/en.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:03:09 Last Seen2023-03-14 06:57:53 Times Seen1 Hash 92ddb3e3355b422d8513e225548bbf64 0d9a331620a7153aa3c70f20fbda54bdc7ed2b8c 83798cc9c57adec03a4547e9cec6a563696f0318ec6e0f885d325e226c34fe06 Loading...

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=	777 B	2023-03-07	2024-04-20
Pretty URL contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-04-20 22:15:48 Times Seen487 Hash eed47e70bb30c26af1d2b05cb6cbb36e a6280e737500da85f94d5dd1b4bcf53e8ab7ebb6 33f828b1c1cc8d01a5365dda26f42257988e5ab755e9d1c9c06c8b650564b612 Loading...

	www.dropbox.com/pithos/privacy_consent_service	12 kB	2023-03-13	2023-03-13
Pretty URL www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18 ASN #19679 DROPBOX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:18:33 Last Seen2023-03-13 13:24:18 Times Seen1 Hash 86bc0be3c58bc6a6d30b2f62f26777d1 fdbe611d6261f46cbe643aebd463ff44b9125fbb 1dbae4d9c0bc4a87a9a4f6de3965d4957af1145b97d394903bd4f955bc407bd3 Loading...

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js	45 kB	2023-03-13	2023-03-13
Pretty URL d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js IP 54.230.245.210 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:58:02 Last Seen2023-03-13 14:18:16 Times Seen1 Hash 731be23cbc182ae5344d2a383563dea9 41d66bc6378e5c3d35bb1f9be5612dc650cec81b 0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d Loading...

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=	292 B	2023-03-12	2023-03-13
Pretty URL contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:23:38 Last Seen2023-03-13 19:45:45 Times Seen1 Hash dd2d086a0c37ecbc9497ae2d2ad4f4d5 ceab8107721d747ee65a763f3ca99ab197f8f0a6 76450dd61645b78669c536ed1182e5951d2eeb7dc7c2bf18d172ad9b8bba3aef Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js	218 kB	2023-03-13	2023-03-13
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js IP 104.16.100.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:46:02 Last Seen2023-03-13 15:11:50 Times Seen1 Hash c09157ad4df79ea30313688e19981ac2 2284f9ce2b52b5e356c96351ded93ce38627507a 84edf4212bc1a17eec7b00aaf7fcd3e36c62c47864fef0135067851724dadcbf Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-25 15:29:32 Times Seen14303 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (80)

	URL	IP	Response	Size
	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=	3.220.57.224	301 Moved Permanently	0 B
URL HTTP/1.1 contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /view/cxhrnq3ehwbae8cu?email= HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:37:56 GMT Content-Type: text/html Transfer-Encoding: chunked Location: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Via: 1.1 vegur`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5eb7c9bc996a0ff420e58af45526f053 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9534 Expires: Tue, 31 Jan 2023 15:16:51 GMT Date: Tue, 31 Jan 2023 12:37:57 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11084 Expires: Tue, 31 Jan 2023 15:42:41 GMT Date: Tue, 31 Jan 2023 12:37:57 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 31 Jan 2023 11:43:17 GMT content-type: application/json age: 3280 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a8d45deaa7ebfcd996c2055dae592ab8 55befe074589fe7b39757c145968058162a8fc6b 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7" Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4092 Expires: Tue, 31 Jan 2023 13:46:09 GMT Date: Tue, 31 Jan 2023 12:37:57 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: niw9lgDY8Q2Nkt0v0eGrGA8YkA+W4p+7f7ucG8vQ5FPF4d1NYFE4sfxqGvsS2gCiZdufZ/S7Bobrtg+RnwfNMQ== x-amz-request-id: XMCYG6M6X52NC93A content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 31 Jan 2023 12:22:13 GMT age: 944 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 31 Jan 2023 12:37:57 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 31 Jan 2023 11:41:42 GMT age: 3375 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9736 Expires: Tue, 31 Jan 2023 15:20:13 GMT Date: Tue, 31 Jan 2023 12:37:57 GMT Connection: keep-alive`

	push.services.mozilla.com/	54.189.58.221	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.189.58.221:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: szI48t1FmCHTAbLWafeh4g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: tlp2bzYyv7+ry1TDrLvnNJlZnlE=`

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email=	3.220.57.224	200 OK	12 kB
URL HTTP/1.1 contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3293) Size 12 kB (11895 bytes) Hash 3420e63f55c6fae76c59395e40557d64 6f5ddee2809464c02e660eaa75c2454633e50491 518f7ec9a168e24ed7052de88b581b18d4b46d9856adf6ab8d025d925c23aff7 HTTP Headers `GET /view/cxhrnq3ehwbae8cu?email= HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:37:58 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"6a6997d2353ab8ee6ecca25a7b2afc5d" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-uOyShXHCXuDGFY+cApZt8g=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=%2BW1IyFVZ8XPtn1LkPoPchXbMioL5Au3rq5Y3rQaLaTt6K1Chn7vqgkZ7fzunphtrZLdrIj%2FJ9YHsHAXi3Z2BLApIfQwdX1v0fdL8%2FjM%3D--UCXUtHwgQTe2fVZm--oUHAHHCgD4iDwWYYkp%2FSlg%3D%3D; domain=.docsend.com; path=/; expires=Wed, 31 Jan 2024 12:37:58 GMT; SameSite=None; secure _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; domain=.docsend.com; path=/; expires=Sat, 31 Jan 2043 12:37:58 GMT; SameSite=None; secure _dss_=42c56a24ad0a86bac68e29bf1f3578f5; domain=.docsend.com; path=/; secure; HttpOnly; SameSite=None X-Request-Id: c05b6c7c-f880-41eb-a0fa-1e285c100f60 X-Runtime: 0.100847 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash df53466ef1fd7c7520ffe94078aa544d b409909b1240f84949ff3935181258007fa64113 247bd8028207606c0863aab9c3afecaba62178b877691db1bd0c023c901c90d6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1840 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 12:37:58 GMT Last-Modified: Tue, 31 Jan 2023 12:07:18 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 12:37:58 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css	54.230.245.210	200 OK	948 B
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type exported SGML document, ASCII text Size 948 B (948 bytes) Hash a7ace942f4f580ee5902c36fed888af9 ca1c01b03c6763b0f458af9eea82b8f00b430141 514da21f8d0805b785cf184f4beaa6bc62f6c6de58fd489f7d9f52e9087b62e0 HTTP Headers `GET /assets/ie_specific_hacks_v2.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 06:50:23 GMT Last-Modified: Mon, 30 Jan 2023 19:02:21 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 0OuI65M52qqE6MtlHzUI2JPEbzYueNdUJ3SLDfLAeWFz_rJidyCf-g== Age: 20855

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js	54.230.245.210	200 OK	14 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (14736) Size 14 kB (13825 bytes) Hash ed9204d670692e09b867117540c8acd3 e516b64ff05a746bf06fb7b383265da4f1a5ebc3 2f11a68bf2582dc6168f2cb79b8ae7f9dc98c6baa4899f82fa7c46c9208145b2 HTTP Headers `GET /assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Wed, 25 Jan 2023 19:30:47 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront) Content-Encoding: br Date: Mon, 30 Jan 2023 16:37:20 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: Jyonkpns2kFVU-nbj8-K8hM-4A-LZWEW1iuIUWwbPsfZ8OS12jUBEw== Age: 72038

	d2qvtfnm75xrxf.cloudfront.net/assets/stylesheets/presentation-4f12bfe5843f84f521b88f361f82c590c862049524a9b697dd7b6ab8449d6680.css	54.230.245.210	200 OK	93 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/stylesheets/presentation-4f12bfe5843f84f521b88f361f82c590c862049524a9b697dd7b6ab8449d6680.css IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 93 kB (92784 bytes) Hash d5029e24fae28a1fd2a11dc7c9576df9 882c69a458fb009ee2f3e95aa9c7f784025d18f3 7cbce7a666f0b82fcb7944d76468245b8961f7d8b79806bd1e4e36c7b8eba28f HTTP Headers `GET /assets/stylesheets/presentation-4f12bfe5843f84f521b88f361f82c590c862049524a9b697dd7b6ab8449d6680.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 19:51:25 GMT Last-Modified: Thu, 26 Jan 2023 18:57:14 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: wDlIWC7PkFi4xhrzWOWhB_D2BYoh7m8qmo-XenzWIeEy5nIJbbrS_Q== Age: 60392

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0eb66930e11b4cee549c0ab39439df6513d5aab8c0554402d08fcf628af4cba3.css	54.230.245.210	200 OK	23 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0eb66930e11b4cee549c0ab39439df6513d5aab8c0554402d08fcf628af4cba3.css IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 23 kB (22857 bytes) Hash 0cf1324419417bc9bc7bc3cb4a50201d 92caf4d9d337524c8954362002d2ebbc64923050 1375205f11e083337fdcdaa5ac87d54cc0f5586978431f2a56aafd9950f414d7 HTTP Headers `GET /assets/javascripts/presentation-0eb66930e11b4cee549c0ab39439df6513d5aab8c0554402d08fcf628af4cba3.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 19:51:26 GMT Last-Modified: Mon, 30 Jan 2023 18:31:00 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 7YygzAkiUquoI2f1gruITioDUsHp3jj4rIBQncQj0wD5p6CD1tONog== Age: 60392

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js	54.230.245.210	200 OK	3.2 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (9565) Size 3.2 kB (3193 bytes) Hash f622f0a92703633048ac20c369455647 59f57af8ddca36af55e8cb3dabeafeae2fec3099 5f10b8439e0a87914cd07a4cc66cfdd549e4e6ae15c275dbf6011851bb344f5e HTTP Headers `GET /assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Wed, 25 Jan 2023 19:30:47 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) Content-Encoding: gzip Date: Tue, 31 Jan 2023 10:46:23 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: EtfQu8C4LnwGu9oQJ6ucGxJZsxcGJPoYdek58Fp3Y-1fVzeotQy3rg== Age: 6695

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 12:37:58 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js	54.230.245.210	200 OK	2.0 MB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 2.0 MB (1991991 bytes) Hash b1931a6824e322c6a196c0a11455fe70 74884ff6a5de58d47a9d5c854e5554a39ceec0a3 28c81aa3925cb831fa6d6789c2b1c782b713bb231cabe245c0d4bc01d66b6a84 HTTP Headers `GET /assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 20:09:26 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Mon, 30 Jan 2023 19:28:06 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: ACvzpMUyuTYg0sVdo0PrmFlDEQmNN1OeBbUcFbd8UMaTDGsmDg4FQA== Age: 59312

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash e9aaa3c00d662e2f6b3c2ea9102c4775 7770c94dc1924906c9c4c7545734a78b3ae17e70 8f98804254dc781f74845e9b3a12592320b7d9bf4eab9dc1b7a1495b9c5805bc HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 12:37:59 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 31 Jan 2023 03:57:44 GMT Expires: Tue, 07 Feb 2023 03:57:43 GMT Etag: "7770c94dc1924906c9c4c7545734a78b3ae17e70" Cache-Control: max-age=572984,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 79228069b896b4f3-OSL`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash fafc8df8c0a9442a92997b0f7b090917 cb30fbb4aa19ec9cc4613e7401be6fa1fd0afaca 08b541e6a0b5e9adbfdf7662ea953e0cf96b69eb76e7a52975bad1f3ae7365d3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1375 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 12:37:59 GMT Last-Modified: Tue, 31 Jan 2023 12:15:04 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 471`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash fafc8df8c0a9442a92997b0f7b090917 cb30fbb4aa19ec9cc4613e7401be6fa1fd0afaca 08b541e6a0b5e9adbfdf7662ea953e0cf96b69eb76e7a52975bad1f3ae7365d3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1375 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 12:37:59 GMT Last-Modified: Tue, 31 Jan 2023 12:15:04 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3017 Expires: Tue, 31 Jan 2023 13:28:16 GMT Date: Tue, 31 Jan 2023 12:37:59 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3017 Expires: Tue, 31 Jan 2023 13:28:16 GMT Date: Tue, 31 Jan 2023 12:37:59 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3017 Expires: Tue, 31 Jan 2023 13:28:16 GMT Date: Tue, 31 Jan 2023 12:37:59 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3017 Expires: Tue, 31 Jan 2023 13:28:16 GMT Date: Tue, 31 Jan 2023 12:37:59 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3017 Expires: Tue, 31 Jan 2023 13:28:16 GMT Date: Tue, 31 Jan 2023 12:37:59 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10898 bytes) Hash 4a2d26da68a313cc65958fc2692351c2 798c3538f3147ca77d317676ddd1bf040bd0f93b 76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10898 x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zxGshIAMFw5Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:48:21 GMT age: 53378 etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11129 bytes) Hash 2797bfd35b7ec24888de84be14f7f2ec 8e315ac5856967286eaa8769e081d827fb4ca39e b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11129 x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffDBZGRPoAMFedg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:50:52 GMT age: 31627 etag: "8e315ac5856967286eaa8769e081d827fb4ca39e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (9987 bytes) Hash 2c4934be94898028e2ab696561b51462 6cf734e2d29938688913daacfb75506d8e004a94 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9987 x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flYlPF9uIAMFXMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:56:35 GMT age: 38484 etag: "6cf734e2d29938688913daacfb75506d8e004a94" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8558 bytes) Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5 04577ad69ee9749b14382254eb5bbf0e1edcd7fa 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8558 x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffB_BFA8IAMFyvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:24:36 GMT age: 33203 etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13853 bytes) Hash d957012d3e2b8c3bc0eefe11d66e8554 1959fdd94846fa3791c4890578dd15336b909dcc a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13853 x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zzF4hIAMFwWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:48:17 GMT age: 53382 etag: "1959fdd94846fa3791c4890578dd15336b909dcc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13639 bytes) Hash 63486f2a937aa8fd013fc2c2d1b32f2d e8868de34c2f79348c1edad764259eb70bebd7a6 fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13639 x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fYcJSF0SIAMFe1g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: L6MnX0h8Bn9-ufqI6yOzQAPhqc4SoJKySgzlm756NaiVrfJpnftIWQ== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 06:29:38 GMT age: 22101 etag: "e8868de34c2f79348c1edad764259eb70bebd7a6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2	54.230.245.153	200 OK	46 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 IP 54.230.245.153:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 46188, version 1.66\012- data Size 46 kB (46188 bytes) Hash dfc5e24cbc1b134e0c00c61e84ec999a d3b1a8ef1d0f6f9162986479252570525719f203 b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3 HTTP Headers GET /assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 46188 Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:37:59 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) Vary: Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: XaVrvG-vvudEevg4rVYQPlcC7eGcIbCgYD7E8FqI4x5QwPUYEANFPA==

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2	54.230.245.153	200 OK	43 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 IP 54.230.245.153:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 43308, version 1.66\012- data Size 43 kB (43308 bytes) Hash 93b6f18ec99bcb7c3fa7ea570a75e240 60b9e3062fe532cbc18b897fac542c56a03544c7 43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db HTTP Headers GET /assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 43308 Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:37:59 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) Vary: Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: rxNLQSh4EiB3p5sp5IqYO_FLYISJpWmEigf_H08_dkqYHE0ILjnQjA==

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4055 Origin: https://contentcrowd.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-ePAM1FRJUCW7raR8O87+' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-ePAM1FRJUCW7raR8O87+' 'nonce-DtfXfn38JgYCzT4/gv2x' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MjQ5ODg2ODMwNDQ3OTExNjc2NTE3MDIwOTczODA0NDUzMzczNzA1; expires=Sun, 30 Jan 2028 12:38:00 GMT; HttpOnly; Path=/; SameSite=None; Secure t=pMM08bl5C9Qkdv_Iy0vAlzKO; Domain=dropbox.com; expires=Fri, 30 Jan 2026 12:38:00 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=pMM08bl5C9Qkdv_Iy0vAlzKO; expires=Fri, 30 Jan 2026 12:38:00 GMT; Path=/; SameSite=None; Secure __Host-ss=wO6SeHIB2E; expires=Fri, 30 Jan 2026 12:38:00 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 12:38:00 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 31 Jan 2023 12:37:59 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 9b111d8cd88a4fbfad86b763bb60e6ed X-Firefox-Spdy: h2

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4090 Origin: https://contentcrowd.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-qzuBH9eYDh3MYZKJZHfr' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-qzuBH9eYDh3MYZKJZHfr' 'nonce-FvXoYNJhM2E4kTtfzRkv' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MjYyMTY4NTYwMDA4NzE2ODk3OTY3NDIxNDY3Nzg0MTIzMjQxMjgx; expires=Sun, 30 Jan 2028 12:38:00 GMT; HttpOnly; Path=/; SameSite=None; Secure t=ejzionZ4W8HG7DU8cL4IBsh4; Domain=dropbox.com; expires=Fri, 30 Jan 2026 12:38:00 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=ejzionZ4W8HG7DU8cL4IBsh4; expires=Fri, 30 Jan 2026 12:38:00 GMT; Path=/; SameSite=None; Secure __Host-ss=HsI0AF1Ws4; expires=Fri, 30 Jan 2026 12:38:00 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 12:38:00 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 31 Jan 2023 12:37:59 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: a7b37889ad9c40d0883d5a9b32be08df X-Firefox-Spdy: h2

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js	104.16.100.29	200 OK	68 kB
URL HTTP/2 cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js IP 104.16.100.29:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (43532), with LF, NEL line terminators Size 68 kB (68481 bytes) Hash 19e008f96d156e1bbf16db8defa0f891 10dc26ae0d85af9c473299edd8cbac959006a2c1 0c43e74dafc6fe9b273028c55bd1fa6ed6de47a1423ee6a86dc494c6af25128c HTTP Headers `GET /static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js HTTP/1.1 Host: cfl.dropboxstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://contentcrowd.docsend.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 31 Jan 2023 12:37:59 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding last-modified: Wed, 18 Jan 2023 04:57:33 GMT x-dropbox-request-id: ec456f95d53725edb88a560cd9b26fca x-content-type-options: nosniff x-cached: HIT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public, immutable access-control-allow-origin: * timing-allow-origin: https://www.dropbox.com cf-cache-status: HIT age: 1106993 server: cloudflare cf-ray: 7922807578871bfe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	d2qvtfnm75xrxf.cloudfront.net/public/blank.gif	54.230.245.210	200 OK	43 B
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/public/blank.gif IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash f837aa60b6fe83458f790db60d529fc9 14af87ccec7f81bb28d53c84da2fd5a9d5925cda dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b HTTP Headers `GET /public/blank.gif HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 43 Connection: keep-alive Last-Modified: Sat, 12 Apr 2014 01:42:38 GMT Accept-Ranges: bytes Server: AmazonS3 Date: Mon, 30 Jan 2023 13:58:48 GMT ETag: "f837aa60b6fe83458f790db60d529fc9" X-Cache: Hit from cloudfront Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: vrlauhSFdDThYodm2cXKyXC2sIUTTX2-YNfWAwizd3MNlsdzPvbzWw== Age: 81553`

	d2qvtfnm75xrxf.cloudfront.net/public/loading_images/large-loader.gif	54.230.245.210	200 OK	49 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/public/loading_images/large-loader.gif IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type GIF image data, version 89a, 144 x 144\012- data Size 49 kB (48903 bytes) Hash ceb150ad0df5017df3c4f3599cd61779 e61e9bbd8a97d9b544b131e0340e371b9f9bf2d8 216a694fc417dce27076f118e45ca73ead42a1be5004a8550eeca3e99af3ea02 HTTP Headers `GET /public/loading_images/large-loader.gif HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 48903 Connection: keep-alive Last-Modified: Mon, 23 May 2016 23:39:27 GMT Accept-Ranges: bytes Server: AmazonS3 Date: Tue, 31 Jan 2023 05:19:41 GMT ETag: "ceb150ad0df5017df3c4f3599cd61779" X-Cache: Hit from cloudfront Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: d-2S-KdBBUragPoPgL-pel2nlD2iHuyGEXNjZs0pKYJMdkbxuosTgw== Age: 26300`

	d2qvtfnm75xrxf.cloudfront.net/companies%2Flogos%2F6995%2F87c755d2-f233-4125-8ee1-2736b8b55ad8%2FydZrKISuTQmulOkaxRMK_1wcc.png?Expires=1675168738&Signature=RjH1EkpJktYg-UH29HFwBQk8dSQRusWQEx8Oxn1D3Zi2AN5b8Wz1apC~jqzCQCMUUw4CfZNp8BAxeuaStHHNXvq-Xs7lOcncFWRUNumQnlq~kZPCMKAcndXvIxDYoRjbATYL-OWQb~sPAwv0CMqTsog4BcumuNrAAOL~4yhRtiutZRH3NIYAtqoTE8BIl9YA05pVV~1cIAo6yAmZZCxUDqz2CiGNC~wOa4wWiRIuThwkhmRVJ-EwaU1sAFwakqXLNwgz6BxKmzPdAQcV9GS62I9FR8rMVzQJvgfGlMjAHPV1dsnsnmooOgsayJrRYlQhXfdB2jij8mDH7AczDVTIng__&Key-Pair-Id=K3IVFO0KFGPSF4	54.230.245.210	200 OK	12 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/companies%2Flogos%2F6995%2F87c755d2-f233-4125-8ee1-2736b8b55ad8%2FydZrKISuTQmulOkaxRMK_1wcc.png?Expires=1675168738&Signature=RjH1EkpJktYg-UH29HFwBQk8dSQRusWQEx8Oxn1D3Zi2AN5b8Wz1apC~jqzCQCMUUw4CfZNp8BAxeuaStHHNXvq-Xs7lOcncFWRUNumQnlq~kZPCMKAcndXvIxDYoRjbATYL-OWQb~sPAwv0CMqTsog4BcumuNrAAOL~4yhRtiutZRH3NIYAtqoTE8BIl9YA05pVV~1cIAo6yAmZZCxUDqz2CiGNC~wOa4wWiRIuThwkhmRVJ-EwaU1sAFwakqXLNwgz6BxKmzPdAQcV9GS62I9FR8rMVzQJvgfGlMjAHPV1dsnsnmooOgsayJrRYlQhXfdB2jij8mDH7AczDVTIng__&Key-Pair-Id=K3IVFO0KFGPSF4 IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type PNG image data, 212 x 60, 8-bit/color RGBA, non-interlaced\012- data Size 12 kB (11601 bytes) Hash 0f801108776586870259316a9ac2ed2d 22716a1e02b1da685e4b218bb83d330eea6b223b 4dc51f12aa57c5fd3bea0f79655e7773bced2c86234a30996837efc7eb723086 HTTP Headers GET /companies%2Flogos%2F6995%2F87c755d2-f233-4125-8ee1-2736b8b55ad8%2FydZrKISuTQmulOkaxRMK_1wcc.png?Expires=1675168738&Signature=RjH1EkpJktYg-UH29HFwBQk8dSQRusWQEx8Oxn1D3Zi2AN5b8Wz1apC~jqzCQCMUUw4CfZNp8BAxeuaStHHNXvq-Xs7lOcncFWRUNumQnlq~kZPCMKAcndXvIxDYoRjbATYL-OWQb~sPAwv0CMqTsog4BcumuNrAAOL~4yhRtiutZRH3NIYAtqoTE8BIl9YA05pVV~1cIAo6yAmZZCxUDqz2CiGNC~wOa4wWiRIuThwkhmRVJ-EwaU1sAFwakqXLNwgz6BxKmzPdAQcV9GS62I9FR8rMVzQJvgfGlMjAHPV1dsnsnmooOgsayJrRYlQhXfdB2jij8mDH7AczDVTIng__&Key-Pair-Id=K3IVFO0KFGPSF4 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11601 Connection: keep-alive Last-Modified: Wed, 10 Jul 2019 12:33:08 GMT x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Date: Tue, 31 Jan 2023 11:07:01 GMT ETag: "0f801108776586870259316a9ac2ed2d" X-Cache: Hit from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: LIAcPw3t7XSSRkKf1wnSXUZMOcQJt7E5TX_fymUBxaRUmf95lpuaUA== Age: 5460`

	contentcrowd.docsend.com/favicon-196x196.png	3.220.57.224	200 OK	4.1 kB
URL HTTP/1.1 contentcrowd.docsend.com/favicon-196x196.png IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data Size 4.1 kB (4131 bytes) Hash 6664c3890e329c7609151e0081f5e7cb 6216d5de79d8b245676a86f8b862880837345e2a 8a5ec44c12b172efd970c30a7414ccb37bbb09a2932816826111dfa36509e568 HTTP Headers GET /favicon-196x196.png HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=%2BW1IyFVZ8XPtn1LkPoPchXbMioL5Au3rq5Y3rQaLaTt6K1Chn7vqgkZ7fzunphtrZLdrIj%2FJ9YHsHAXi3Z2BLApIfQwdX1v0fdL8%2FjM%3D--UCXUtHwgQTe2fVZm--oUHAHHCgD4iDwWYYkp%2FSlg%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:00 GMT Content-Type: image/png Content-Length: 4131 Last-Modified: Mon, 30 Jan 2023 19:02:21 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur`

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/1?viewLoadTime=1675168678&timezoneOffset=0	3.220.57.224	200 OK	711 B
URL HTTP/1.1 contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/1?viewLoadTime=1675168678&timezoneOffset=0 IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type JSON data\012- , ASCII text, with very long lines (971), with no line terminators Size 711 B (711 bytes) Hash bc87f4cc2d94f2e2c302a34ef527b901 9f8db362cde2573386e886f52555672161f90c03 e4fbd838cacd54ff27c7ea9405670e35b37dda41db90a067ba9bd6ed529478fd HTTP Headers GET /view/cxhrnq3ehwbae8cu/page_data/1?viewLoadTime=1675168678&timezoneOffset=0 HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: NZdBmL+FWKTP4/U3lwMGuTsZnTr1pIe7FHlvAaMhUPsQBNsd9IoDDyYwzCIA3CO802z266eYQoIeXqbuKgPFaQ== X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=%2BW1IyFVZ8XPtn1LkPoPchXbMioL5Au3rq5Y3rQaLaTt6K1Chn7vqgkZ7fzunphtrZLdrIj%2FJ9YHsHAXi3Z2BLApIfQwdX1v0fdL8%2FjM%3D--UCXUtHwgQTe2fVZm--oUHAHHCgD4iDwWYYkp%2FSlg%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:00 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"9d2ad28a9763e8bc102b71e10d917a0b" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-k/+TY+pp1TfESBuD+KbzCg=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=oFb2YM%2FLHKTyy32vFDJvk8UpUR8SvN3SC36sHNIabFwbWqcSXC088Xmq2AjER1wF1j55AYtn99RbyXFuodVRbwBDwptIVtOkw0x9IKQ%3D--pRvC%2Bvg0l56kIbCc--gbA7McmrP1wP%2F%2BcDatE9tA%3D%3D; domain=.docsend.com; path=/; expires=Wed, 31 Jan 2024 12:38:00 GMT; SameSite=None; secure X-Request-Id: 704bf1aa-08ab-4cff-b3f0-597cc3d06c91 X-Runtime: 0.049459 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	contentcrowd.docsend.com/favicon-16x16.png	3.220.57.224	200 OK	393 B
URL HTTP/1.1 contentcrowd.docsend.com/favicon-16x16.png IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 393 B (393 bytes) Hash a8c678babc40c4ac6d8c70fc560094d4 66002c0719ddbd75c837f5a939689ea6df13b6dc a3a247c77537c4c4fd58b68212a30df836bd05efa48d280d9c20b187f7ef7fb1 HTTP Headers GET /favicon-16x16.png HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=%2BW1IyFVZ8XPtn1LkPoPchXbMioL5Au3rq5Y3rQaLaTt6K1Chn7vqgkZ7fzunphtrZLdrIj%2FJ9YHsHAXi3Z2BLApIfQwdX1v0fdL8%2FjM%3D--UCXUtHwgQTe2fVZm--oUHAHHCgD4iDwWYYkp%2FSlg%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:00 GMT Content-Type: image/png Content-Length: 393 Last-Modified: Mon, 30 Jan 2023 19:02:21 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur`

	contentcrowd.docsend.com/metrics/events	3.220.57.224	204 No Content	0 B
URL HTTP/1.1 contentcrowd.docsend.com/metrics/events IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/events HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-data; boundary=---------------------------78458251640562858971667515249 Content-Length: 1100 Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=%2BW1IyFVZ8XPtn1LkPoPchXbMioL5Au3rq5Y3rQaLaTt6K1Chn7vqgkZ7fzunphtrZLdrIj%2FJ9YHsHAXi3Z2BLApIfQwdX1v0fdL8%2FjM%3D--UCXUtHwgQTe2fVZm--oUHAHHCgD4iDwWYYkp%2FSlg%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:00 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-wp1zu+5K/3MgTAIys6iNCw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: 44535f38-22f2-4c2b-91f1-0e977ec4331b X-Runtime: 0.016295 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	contentcrowd.docsend.com/metrics/events	3.220.57.224	204 No Content	0 B
URL HTTP/1.1 contentcrowd.docsend.com/metrics/events IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/events HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-data; boundary=---------------------------7280517534023859842628249811 Content-Length: 782 Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=%2BW1IyFVZ8XPtn1LkPoPchXbMioL5Au3rq5Y3rQaLaTt6K1Chn7vqgkZ7fzunphtrZLdrIj%2FJ9YHsHAXi3Z2BLApIfQwdX1v0fdL8%2FjM%3D--UCXUtHwgQTe2fVZm--oUHAHHCgD4iDwWYYkp%2FSlg%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:00 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-JOf1j+MmdaVXmKITPSbAbw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: 076958bf-3e8c-490b-8cc1-02b988092c67 X-Runtime: 0.018373 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	contentcrowd.docsend.com/metrics/properties	3.220.57.224	204 No Content	0 B
URL HTTP/1.1 contentcrowd.docsend.com/metrics/properties IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/properties HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: NZdBmL+FWKTP4/U3lwMGuTsZnTr1pIe7FHlvAaMhUPsQBNsd9IoDDyYwzCIA3CO802z266eYQoIeXqbuKgPFaQ== X-Requested-With: XMLHttpRequest Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=%2BW1IyFVZ8XPtn1LkPoPchXbMioL5Au3rq5Y3rQaLaTt6K1Chn7vqgkZ7fzunphtrZLdrIj%2FJ9YHsHAXi3Z2BLApIfQwdX1v0fdL8%2FjM%3D--UCXUtHwgQTe2fVZm--oUHAHHCgD4iDwWYYkp%2FSlg%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Content-Length: 0 HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:00 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-13a1prOn+p1FpGZoSfLy9w=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: 1bc7bfc4-8852-478f-b9fd-73c649d42835 X-Runtime: 0.008416 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	d.dropbox.com/crashdash/proxy/sessions	162.125.8.20	200 OK	0 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.8.20:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Referer: https://contentcrowd.docsend.com/ Origin: https://contentcrowd.docsend.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods: POST access-control-allow-origin: * content-length: 0 date: Tue, 31 Jan 2023 12:38:00 GMT server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: 7b52cb77fe8a4a95870da19aafbec735 X-Firefox-Spdy: h2`

	widget.intercom.io/widget/lv6lji7h	54.230.111.53	200 OK	6.0 kB
URL HTTP/2 widget.intercom.io/widget/lv6lji7h IP 54.230.111.53:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (18637), with no line terminators Size 6.0 kB (6044 bytes) Hash 3c7f6b06f8974a6386351744b8ccd81a 724dbc567b82963326ff979ff9c42dec4683239a 23dd043d09449f2291ad894bbb220843d497199d0265764bb5bbbac06ae0932f HTTP Headers `GET /widget/lv6lji7h HTTP/1.1 Host: widget.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 6044 last-modified: Tue, 31 Jan 2023 10:39:33 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: itVFiApEso19Z36e8typcYk1a17.jbQt accept-ranges: bytes server: AmazonS3 date: Tue, 31 Jan 2023 12:19:54 GMT cache-control: max-age=900, s-maxage=900, public etag: "3c7f6b06f8974a6386351744b8ccd81a" x-cache: Error from cloudfront via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: kbC9sOKN5oQHYRIdWxww4JO6k2RyeRdQgp3bXimnAQkGxn27RFwmsA== age: 1085 vary: Accept-Encoding, Origin X-Firefox-Spdy: h2

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fcontentcrowd.docsend.com&sandbox_redirect=false	54.230.111.63	200 OK	854 B
URL HTTP/2 consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fcontentcrowd.docsend.com&sandbox_redirect=false IP 54.230.111.63:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text Size 854 B (854 bytes) Hash dc63fb23d6563676b3090bae3f02ccde dd6c4202705f760dd5744caee7ccb31f703fc880 c8bce4b4bc1b212ffc445ae939680990a6f4b23eed318c8b9a7f1e21facd1ab1 HTTP Headers GET /?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fcontentcrowd.docsend.com&sandbox_redirect=false HTTP/1.1 Host: consent.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://contentcrowd.docsend.com/ Connection: keep-alive Cookie: t=cz1U4_ZTSB7t--2veXV2y--W; locale=en Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/html content-length: 854 date: Tue, 31 Jan 2023 11:48:04 GMT last-modified: Tue, 06 Sep 2022 19:00:36 GMT x-amz-version-id: jF1fSWiqtJx.5E0VeuXfyr4mbqFqvdbZ etag: "dc63fb23d6563676b3090bae3f02ccde" server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 4tcaIv075jI7JXvXj4I8yT7nizC0W9hlUftrQCb12KEnTk2co1-15g== age: 2997 X-Firefox-Spdy: h2`

	js.intercomcdn.com/frame.a3b52be1.js	54.230.111.62	200 OK	140 kB
URL HTTP/2 js.intercomcdn.com/frame.a3b52be1.js IP 54.230.111.62:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 140 kB (139558 bytes) Hash 82ec1d6e91fbb6e6fd4c4122540d565c acc8c144af048cd5c789ab9ad1ce8a6b0bdd7969 a8cbd6579b3e839e4e47a35215f0cbbc47c26a19f70bc91bde4e4f4743c0a8f3 HTTP Headers `GET /frame.a3b52be1.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 139558 date: Tue, 31 Jan 2023 10:40:06 GMT last-modified: Tue, 31 Jan 2023 10:38:01 GMT etag: "82ec1d6e91fbb6e6fd4c4122540d565c" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000, s-maxage=7200, public content-encoding: gzip x-amz-version-id: xqlEnc3d.xlgh0L6qJK79C9VyGpryi1E accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: A6rn4-BJfUwzIGwvr8uVICNpzh6vQvR7nyP_TOVfs4y-0G9TLcWV6Q== age: 7076 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash d0c88d4ca0a601b2a09197abd6faba67 be41920cbed1fe45a7f1e4047278822b3d15d05a ab16af78775ccd03ed01485d1d5c1ca3da0ce922ee78d552fd2cd6d741ed3138 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=100427 Date: Tue, 31 Jan 2023 12:38:00 GMT Etag: "63d7ef66-1d7" Expires: Wed, 01 Feb 2023 16:31:47 GMT Last-Modified: Mon, 30 Jan 2023 16:25:10 GMT Server: ECS (bsa/EB19) X-Cache: Miss from cloudfront Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: vU1jVhXqfV9IGPX53He1E7VcdurYuW-Kl1OrQku4ftS3Cc-TBgwrYw== Age: 397

	d.dropbox.com/crashdash/proxy/sessions	162.125.8.20	202 Accepted	21 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.8.20:0 ASN #19679 DROPBOX File type JSON data\012- , ASCII text, with no line terminators Size 21 B (21 bytes) Hash 1807ffa1d44e667592a0f91c668ba65b 4d48849fa0f6917c9c57ed958680e9a1e722382b 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a HTTP Headers POST /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Bugsnag-Api-Key: 0bca6a0a-c303-4b27-84cb-60ebe421858a Bugsnag-Payload-Version: 1 Bugsnag-Sent-At: 2023-01-31T12:38:15.624Z Content-Length: 514 Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 202 Accepted access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 bugsnag-session-uuid: 2513a021-408a-45eb-be84-224aed35c538 content-security-policy: sandbox; default-src 'none'; frame-ancestors 'none' content-type: application/json date: Tue, 31 Jan 2023 12:38:01 GMT referrer-policy: strict-origin-when-cross-origin via: 1.1 google x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 21 server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: 0262bd5975c547f3a6fbff8615ceda65 X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash a10b4d6efd392f7496c01bf8dcf1a2c9 d9b769fa00661017084066a565de26256a9fe8e8 93b9bcab6e0618f3db648ec825c8fd8d6de67d804533fbf1d8d97f8c6c0eb194 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 12:38:01 GMT Last-Modified: Tue, 31 Jan 2023 11:37:04 GMT Server: ECS (nyb/1D0C) X-Cache: Miss from cloudfront Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: KYlAo9isGpSGdkZWe2ioaFNHXFMwBVmgBZZJp-Y5CGRp3qtrBkM-JQ== Age: 3657`

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4090 Origin: https://contentcrowd.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-9Gg7YFO5xK5T9FbRsnfx' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-9Gg7YFO5xK5T9FbRsnfx' 'nonce-Tdqzk0e76uc/hodqsHGt' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=Mjg5MjQ4NTQ1NDA1NTU4MDE5MjAxNjMzODc4MDQ0NzI1NDU2MTAx; expires=Sun, 30 Jan 2028 12:38:01 GMT; HttpOnly; Path=/; SameSite=None; Secure t=hJBpPQl0NS5SyVfpY5xhw7Gm; Domain=dropbox.com; expires=Fri, 30 Jan 2026 12:38:01 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=hJBpPQl0NS5SyVfpY5xhw7Gm; expires=Fri, 30 Jan 2026 12:38:01 GMT; Path=/; SameSite=None; Secure __Host-ss=NiB_xp_cWk; expires=Fri, 30 Jan 2026 12:38:01 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 12:38:01 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 31 Jan 2023 12:38:00 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 226b33bf3aba4c67ad0ba3ff8675ee3a X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/translations/en.js	23.32.100.208	200 OK	6.4 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/translations/en.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (41349), with no line terminators Size 6.4 kB (6406 bytes) Hash 7cdb0408336768c3c8697de7fe062fed 455d1237f3256aba83c5102b10212f8bc767bf22 f5c051f3693f6e0a92a0576bbdc74de8c243ec02c5232e49c919999fe1c79ece HTTP Headers `GET /sitenotice/3401/translations/en.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "92ddb3e3355b422d8513e225548bbf64:1664899591.798772" last-modified: Tue, 04 Oct 2022 16:06:31 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 12:38:01 GMT date: Tue, 31 Jan 2023 12:38:01 GMT content-length: 6406 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service	162.125.71.18	200 OK	23 kB
URL HTTP/2 www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service IP 162.125.71.18:0 ASN #19679 DROPBOX File type ASCII text, with very long lines (53605) Size 23 kB (23309 bytes) Hash d4bff1522948755293661b65eed6955d 0f41c56645851ca694025b2857d85faee90999c2 bafe10c13b79e811c5e5caf420664f7fb97efd8ebd7a7f999cd82f874278f4c7 HTTP Headers GET /pithos/host%3Aconsent.dropbox.com/privacy_consent_service HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Cookie: gvc=MTMwODA2MzMyNjM5NjEyOTM0ODY3NDM1NzkxMjQ0NTkxNzU1OTU4; t=cz1U4_ZTSB7t--2veXV2y--W; __Host-js_csrf=cz1U4_ZTSB7t--2veXV2y--W; locale=en; __Host-logged-out-session=ChAWe9jKZek3QOM2V7flzFA2EKeX5J4GGi5BRmtZRTZncVl1YTdRU2dMX2llcHNoNFdlVHNnNG5kcHNhSUdNUFJIaXdaaGx3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK cache-control: no-cache,no-cache, no-store content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-//4JkRlCexMt2RhF/oEJ' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-//4JkRlCexMt2RhF/oEJ' 'nonce-FaeJc48P16FKYyvshdKn' referrer-policy: strict-origin-when-cross-origin set-cookie: t=cz1U4_ZTSB7t--2veXV2y--W; Domain=dropbox.com; expires=Fri, 30 Jan 2026 12:38:01 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=cz1U4_ZTSB7t--2veXV2y--W; expires=Fri, 30 Jan 2026 12:38:01 GMT; Path=/; SameSite=None; Secure __Host-ss=JxeJWPAdOI; expires=Fri, 30 Jan 2026 12:38:01 GMT; HttpOnly; Path=/; SameSite=Strict; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-server-response-time: 39 x-xss-protection: 1; mode=block content-type: text/javascript; charset=UTF-8 date: Tue, 31 Jan 2023 12:38:01 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 13672501cea849388487fcbb30fdc100 X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/dropbox/settings.js	23.32.100.208	301 Moved Permanently	31 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settings.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type data Size 31 kB (31164 bytes) Hash 7061002c547c962be19e8061ee927649 1244afc36a5537b014b273c4447c481fab9f1608 9d6a197108e4f5b2ee07acd8c62334137e2ae4a961c554347778a3e94ec621f1 HTTP Headers `GET /sitenotice/3401/dropbox/settings.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 301 Moved Permanently server: AkamaiGHost content-length: 0 location: https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js date: Tue, 31 Jan 2023 12:38:01 GMT vary: Origin cache-control: max-age=432000, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2`

	c.evidon.com/sitenotice/3401/snthemes.js	23.32.100.208	200 OK	5.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/snthemes.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (65536), with no line terminators Size 5.7 kB (5695 bytes) Hash 9a975aa3305c4011b3e07119d2376913 4545dc0986810ba851360f910219b34ce7c4446d 400f7ad9cb8378b5839d4f3449381d936f37fd0762f8507d283304c82068d122 HTTP Headers `GET /sitenotice/3401/snthemes.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "0e8f664fca39681028b4b07b5be34f2d:1659131785.898398" last-modified: Fri, 29 Jul 2022 21:56:25 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 12:38:01 GMT date: Tue, 31 Jan 2023 12:38:01 GMT content-length: 5695 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	d2qvtfnm75xrxf.cloudfront.net/docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F1?Expires=1675168740&Signature=WxNxM7wfeVUERkcP3manN4Vmfl531LbELlvetTAca4q2xIopFNUy4S9ywx2ET5Y~Xld4xAh1tO8HmY7jz8rmaq3RO~TvBwZAyttcCs1KHrFe1mUklGoYbcLlZCOcntfpiAi81S8RIfqgJri-6wWvCG-NDT7LkSI1HpBhuMSM8QlIYZyhJbiElhb8sFA~SNS2CZUqLD5lDHvhOK5MswG9abEU2YakDt1scKwDO~FcigyJTmfFt3AYEAJDQQ3DxD1BOKLgXRBdvpT3WWcyJl4RBk1jdt-0crPdnvA794K6U8zm4CgBxkRy8PnOQuhk0x4fm9NmDWXwghzo0TcaZa3Xlg__&Key-Pair-Id=K3IVFO0KFGPSF4	54.230.245.210	200 OK	550 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F1?Expires=1675168740&Signature=WxNxM7wfeVUERkcP3manN4Vmfl531LbELlvetTAca4q2xIopFNUy4S9ywx2ET5Y~Xld4xAh1tO8HmY7jz8rmaq3RO~TvBwZAyttcCs1KHrFe1mUklGoYbcLlZCOcntfpiAi81S8RIfqgJri-6wWvCG-NDT7LkSI1HpBhuMSM8QlIYZyhJbiElhb8sFA~SNS2CZUqLD5lDHvhOK5MswG9abEU2YakDt1scKwDO~FcigyJTmfFt3AYEAJDQQ3DxD1BOKLgXRBdvpT3WWcyJl4RBk1jdt-0crPdnvA794K6U8zm4CgBxkRy8PnOQuhk0x4fm9NmDWXwghzo0TcaZa3Xlg__&Key-Pair-Id=K3IVFO0KFGPSF4 IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 1783x2756, components 3\012- data Size 550 kB (549649 bytes) Hash 52b5c47b6fdf9cc11df6be40d3a6d900 724e8e56c0897db8b4d957aa3f66a44f0a19c4c5 7fcc00a4c7ecf3ebb8e7b45ce75802e3c4e5289b373b472cf63fbd5fad7991aa HTTP Headers GET /docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F1?Expires=1675168740&Signature=WxNxM7wfeVUERkcP3manN4Vmfl531LbELlvetTAca4q2xIopFNUy4S9ywx2ET5Y~Xld4xAh1tO8HmY7jz8rmaq3RO~TvBwZAyttcCs1KHrFe1mUklGoYbcLlZCOcntfpiAi81S8RIfqgJri-6wWvCG-NDT7LkSI1HpBhuMSM8QlIYZyhJbiElhb8sFA~SNS2CZUqLD5lDHvhOK5MswG9abEU2YakDt1scKwDO~FcigyJTmfFt3AYEAJDQQ3DxD1BOKLgXRBdvpT3WWcyJl4RBk1jdt-0crPdnvA794K6U8zm4CgBxkRy8PnOQuhk0x4fm9NmDWXwghzo0TcaZa3Xlg__&Key-Pair-Id=K3IVFO0KFGPSF4 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 549649 Connection: keep-alive Date: Tue, 31 Jan 2023 12:38:02 GMT Last-Modified: Mon, 09 Jan 2023 14:37:55 GMT ETag: "52b5c47b6fdf9cc11df6be40d3a6d900" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 0mEke9iGYvqDO4anRNkYSKKoCczkbYRcsV13QbJ36psxYwXBgFPVCg==`

	c.evidon.com/sitenotice/3401/dropbox/settingsV2.js	23.32.100.208	200 OK	1.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settingsV2.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (5082), with no line terminators Size 1.7 kB (1691 bytes) Hash 181b62cb4ca1877b5952d8864d1ddb04 ebae59485369852733c2648e907227b2a7666bc5 425ce9a30e4efd92bce6af1d1c99a07a276691e091e66dccb9c50746a1830e0f HTTP Headers `GET /sitenotice/3401/dropbox/settingsV2.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "7119db14253f426ac1ed52da3fd5d054:1662485692.434043" last-modified: Tue, 06 Sep 2022 17:34:52 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 12:38:01 GMT date: Tue, 31 Jan 2023 12:38:01 GMT content-length: 1691 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/evidon-banner.js	23.32.100.208	200 OK	3.5 kB
URL HTTP/2 c.evidon.com/sitenotice/evidon-banner.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (12607), with no line terminators Size 3.5 kB (3535 bytes) Hash 304674456118422bd448366f7bb05879 c6549199a4fb419c05a3513238a89002307034b9 29f57f0aeee0a530b881df6908e653f58c6d570b05174b2e1a6bba2a75c4e068 HTTP Headers `GET /sitenotice/evidon-banner.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "953f08dcce4b8af3f743056f673c8514:1671558610.744236" last-modified: Tue, 20 Dec 2022 17:50:10 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 12:38:01 GMT date: Tue, 31 Jan 2023 12:38:01 GMT content-length: 3535 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 711e853a200253c8956910d282e33eb3 4d9bccb4a8987e4674f8d6f9fcc2165c5e8c64aa f2b1bf68b7ce62f781d12a35642d7916b4d9ac759748a57095a72d4f0ddfea08 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 12:38:02 GMT Last-Modified: Tue, 31 Jan 2023 11:11:55 GMT Server: ECS (nyb/1D0C) X-Cache: Miss from cloudfront Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 2TqhL_kMqh8NGt4K7bN_BLDMcihYiG74RX-n8Qk7Q918neoDnXU8Cg== Age: 5167`

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 711e853a200253c8956910d282e33eb3 4d9bccb4a8987e4674f8d6f9fcc2165c5e8c64aa f2b1bf68b7ce62f781d12a35642d7916b4d9ac759748a57095a72d4f0ddfea08 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 12:38:02 GMT Last-Modified: Tue, 31 Jan 2023 11:05:17 GMT Server: ECS (nyb/1D0B) X-Cache: Miss from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: B3iP--Mq3jc8EdcvASKsMhWvq08rA_N8JI7ya2FxeRFWog6SCxcQvQ== Age: 5565`

	l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fcontentcrowd.docsend.com%2F	3.230.223.229	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fcontentcrowd.docsend.com%2F IP 3.230.223.229:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fcontentcrowd.docsend.com%2F HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Tue, 31 Jan 2023 12:38:02 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fcontentcrowd.docsend.com%2F	3.230.223.229	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fcontentcrowd.docsend.com%2F IP 3.230.223.229:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fcontentcrowd.docsend.com%2F HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Tue, 31 Jan 2023 12:38:02 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	nexus-websocket-a.intercom.io/pubsub/5-XCrKih6tRAvml9uoV1CO5MqrwDbiuzKmlv4xdY6-xqSQsh2GUaLlLeXxfc2VM3LNEoLx6C8yWn4ghA2i_KabpoIcPaP8I_Iwbxn9?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined	35.174.127.31	101 Switching Protocols	0 B
URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-XCrKih6tRAvml9uoV1CO5MqrwDbiuzKmlv4xdY6-xqSQsh2GUaLlLeXxfc2VM3LNEoLx6C8yWn4ghA2i_KabpoIcPaP8I_Iwbxn9?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined IP 35.174.127.31:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /pubsub/5-XCrKih6tRAvml9uoV1CO5MqrwDbiuzKmlv4xdY6-xqSQsh2GUaLlLeXxfc2VM3LNEoLx6C8yWn4ghA2i_KabpoIcPaP8I_Iwbxn9?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1 Host: nexus-websocket-a.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://contentcrowd.docsend.com Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: vIz6bQrrXE3ohQIRIIY0LA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Server: nginx Date: Tue, 31 Jan 2023 12:38:02 GMT Connection: upgrade Upgrade: websocket Sec-WebSocket-Accept: spq3uZQjl/pNrO/b9qk38sY8/9g= Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover`

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/2?viewLoadTime=1675168678&timezoneOffset=0	3.220.57.224	200 OK	708 B
URL HTTP/1.1 contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/2?viewLoadTime=1675168678&timezoneOffset=0 IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type JSON data\012- , ASCII text, with very long lines (971), with no line terminators Size 708 B (708 bytes) Hash 4f73b9f2130c39b33579e3d44b7bd4d4 abe5e09946130a9904ff5734a0c384d971ae623c d7c03e54ac9172d850c3fb7fbc8219c463d1a7f614e186d048efcd43878fd11b HTTP Headers GET /view/cxhrnq3ehwbae8cu/page_data/2?viewLoadTime=1675168678&timezoneOffset=0 HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: NZdBmL+FWKTP4/U3lwMGuTsZnTr1pIe7FHlvAaMhUPsQBNsd9IoDDyYwzCIA3CO802z266eYQoIeXqbuKgPFaQ== X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=oFb2YM%2FLHKTyy32vFDJvk8UpUR8SvN3SC36sHNIabFwbWqcSXC088Xmq2AjER1wF1j55AYtn99RbyXFuodVRbwBDwptIVtOkw0x9IKQ%3D--pRvC%2Bvg0l56kIbCc--gbA7McmrP1wP%2F%2BcDatE9tA%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5; __Secure-dbx_consent={"consentType":1,"consentDate":"2023-01-31T12:38:18.521Z","expireDate":"2023-07-31T12:38:18.521Z","consentMonths":6,"categories":{},"userInteracted":false,"numDots":2}; intercom-id-lv6lji7h=bfd1dcb6-0952-4763-aee9-9ca183845881; intercom-session-lv6lji7h=; intercom-device-id-lv6lji7h=8e32415e-33b5-4042-af8c-91faaf0eba0d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:02 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"4721779cb9123c3dc8d117b301a43f15" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-fNMRQjvkRP4aQYFHuCVjSg=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=yL8AUk2JGHmvHyDVfpkXASS%2B3uD1zqoAQYxGXc12cr8oa6XYAWufcnJQb6Kd7EaB12uQV%2FUA1%2BY9baASNS%2BpAnwOngathNUPsXPCp4s%3D--jqQfXvkspIbaksfI--PfScKUAsXbJZu3Bu%2Flm2YQ%3D%3D; domain=.docsend.com; path=/; expires=Wed, 31 Jan 2024 12:38:02 GMT; SameSite=None; secure X-Request-Id: f02a36b6-e289-4cdc-b225-b5b40f4deed8 X-Runtime: 0.044822 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	d2qvtfnm75xrxf.cloudfront.net/docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F2?Expires=1675168742&Signature=Wmj9OUftG0eUNUu97gm4UwHaaFTTNtDUqSxG~jONowSWUgNV2DpiQ0ad-7noGIMSjC8d-x~5H~518bQLF1WpaUUb~2LK1TNhOfGTPIiJj3KQGaYytMD2AHf8i3tsrCdm2g56y484et~3VYDhgjhAfD~f8IxZtPX9bThx5PasMO9pD77iIWT2azoJYwmrw7jN3HF0sqiulnq7wEyTt9QTFRp1wCGd4LnqdE8yr1f~UG-SruK1bOJNox8OwBQvpGG82gnnMYawVeyJ8a77OrtI~ACLRn1JQbRQlMFeBop-Kvgk~Q8tgRk09RyKLustZ5CVOcnWCQxUSGCr9fkuMO6V5w__&Key-Pair-Id=K3IVFO0KFGPSF4	54.230.245.210	200 OK	175 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F2?Expires=1675168742&Signature=Wmj9OUftG0eUNUu97gm4UwHaaFTTNtDUqSxG~jONowSWUgNV2DpiQ0ad-7noGIMSjC8d-x~5H~518bQLF1WpaUUb~2LK1TNhOfGTPIiJj3KQGaYytMD2AHf8i3tsrCdm2g56y484et~3VYDhgjhAfD~f8IxZtPX9bThx5PasMO9pD77iIWT2azoJYwmrw7jN3HF0sqiulnq7wEyTt9QTFRp1wCGd4LnqdE8yr1f~UG-SruK1bOJNox8OwBQvpGG82gnnMYawVeyJ8a77OrtI~ACLRn1JQbRQlMFeBop-Kvgk~Q8tgRk09RyKLustZ5CVOcnWCQxUSGCr9fkuMO6V5w__&Key-Pair-Id=K3IVFO0KFGPSF4 IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type PNG image data, 1783 x 2756, 8-bit/color RGBA, non-interlaced\012- data Size 175 kB (175298 bytes) Hash e8940779b75429785fae770f18736423 a48193dfe32253b7c084778771981a2cd26aac73 2c6127d537369e80501db2767efd2632d97531182aa9c6a7befd41c80cc9d12f HTTP Headers GET /docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F2?Expires=1675168742&Signature=Wmj9OUftG0eUNUu97gm4UwHaaFTTNtDUqSxG~jONowSWUgNV2DpiQ0ad-7noGIMSjC8d-x~5H~518bQLF1WpaUUb~2LK1TNhOfGTPIiJj3KQGaYytMD2AHf8i3tsrCdm2g56y484et~3VYDhgjhAfD~f8IxZtPX9bThx5PasMO9pD77iIWT2azoJYwmrw7jN3HF0sqiulnq7wEyTt9QTFRp1wCGd4LnqdE8yr1f~UG-SruK1bOJNox8OwBQvpGG82gnnMYawVeyJ8a77OrtI~ACLRn1JQbRQlMFeBop-Kvgk~Q8tgRk09RyKLustZ5CVOcnWCQxUSGCr9fkuMO6V5w__&Key-Pair-Id=K3IVFO0KFGPSF4 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 175298 Connection: keep-alive Date: Tue, 31 Jan 2023 12:38:03 GMT Last-Modified: Mon, 09 Jan 2023 14:37:55 GMT ETag: "e8940779b75429785fae770f18736423" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: -O5uJv2hkNwoiLQxDdXegeq6puoWb5Aw7wYG028698Rx47fYJLfPRA==`

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4090 Origin: https://contentcrowd.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-D695ZNzbyjwW4wq1x6ef' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-D695ZNzbyjwW4wq1x6ef' 'nonce-oxEOHaHl/hUqPyMOdEKi' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MjkwMjY2OTMzMjI4NjMyNzIwOTI0MTI1MDUxMDc5MTA3Nzc2Nzkx; expires=Sun, 30 Jan 2028 12:38:03 GMT; HttpOnly; Path=/; SameSite=None; Secure t=3XQqlhm2x8DjGwevTudhSJiw; Domain=dropbox.com; expires=Fri, 30 Jan 2026 12:38:03 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=3XQqlhm2x8DjGwevTudhSJiw; expires=Fri, 30 Jan 2026 12:38:03 GMT; Path=/; SameSite=None; Secure __Host-ss=EVnNrbZ48w; expires=Fri, 30 Jan 2026 12:38:03 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 12:38:03 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 31 Jan 2023 12:38:02 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 6c70467b97014a8bab9dab21f37d2f67 X-Firefox-Spdy: h2

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/3?viewLoadTime=1675168678&timezoneOffset=0	3.220.57.224	200 OK	1.2 kB
URL HTTP/1.1 contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/3?viewLoadTime=1675168678&timezoneOffset=0 IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type JSON data\012- , ASCII text, with very long lines (2866), with no line terminators Size 1.2 kB (1185 bytes) Hash 3bea642547c95e2e2b66a399695be983 def9eff6dad879d4e7245db47963d031e88b12ba 962e7906d278f1cbbaff5dc48876e87b5bb3352453430e72e7f89ff86bff00f5 HTTP Headers GET /view/cxhrnq3ehwbae8cu/page_data/3?viewLoadTime=1675168678&timezoneOffset=0 HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: NZdBmL+FWKTP4/U3lwMGuTsZnTr1pIe7FHlvAaMhUPsQBNsd9IoDDyYwzCIA3CO802z266eYQoIeXqbuKgPFaQ== X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=yL8AUk2JGHmvHyDVfpkXASS%2B3uD1zqoAQYxGXc12cr8oa6XYAWufcnJQb6Kd7EaB12uQV%2FUA1%2BY9baASNS%2BpAnwOngathNUPsXPCp4s%3D--jqQfXvkspIbaksfI--PfScKUAsXbJZu3Bu%2Flm2YQ%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5; __Secure-dbx_consent={"consentType":1,"consentDate":"2023-01-31T12:38:18.521Z","expireDate":"2023-07-31T12:38:18.521Z","consentMonths":6,"categories":{},"userInteracted":false,"numDots":2}; intercom-id-lv6lji7h=bfd1dcb6-0952-4763-aee9-9ca183845881; intercom-session-lv6lji7h=; intercom-device-id-lv6lji7h=8e32415e-33b5-4042-af8c-91faaf0eba0d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:03 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"876b5e1ae400d79eaa81fa748ca7ba76" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-PaIO8xgaYjPYpqYyZ/O3vQ=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=QC6MbHUWUgOD06LyKjEppI7kxDLqfJeMhMkWfFrtiAzzPW1mfwJ%2B1T4ZoLcDEPKB9M0Jot%2B0dLsatVGAe6HreZV87cj%2BgribozUp5zw%3D--yfkNUYq7MVug4zna--oe2ragt9NpgjmIiZJsZ17A%3D%3D; domain=.docsend.com; path=/; expires=Wed, 31 Jan 2024 12:38:03 GMT; SameSite=None; secure X-Request-Id: a0e28111-ece2-4aa4-8f22-8138f809b603 X-Runtime: 0.039385 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	d2qvtfnm75xrxf.cloudfront.net/docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F3?Expires=1675168743&Signature=c2L8RFQ2JWXt~HPrXKgCRLqsWuyqlD~rvvzuZrULwqCdY5aduiGbuysIbK-mLzrdouPNtiQ0JlXEFQCXHRmPMi~uaetIcGr0ecbYaQrWHl2DS7SCFyX3bKsDC270eZIoH81Y2xSFHyGcpwOIVyK91VSAIdfnMbnnJAAm6dtXdG5o50UaljiCmj7w-j~D-yWcb99TJ~1vxdLTSQC9Z2ivu6WpiqgQKQ2O0idRs4wqv4hEzi-VjphwrABLfaLHwdbvJkYCAmgirZRwKqBfhDLdoZX6PbWwgK0zPNqpfHXn5Ljd4iMHQzVJF1xQZw5UD4C1T-pGAwO5PvIR8lrvpwpJqQ__&Key-Pair-Id=K3IVFO0KFGPSF4	54.230.245.210	200 OK	839 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F3?Expires=1675168743&Signature=c2L8RFQ2JWXt~HPrXKgCRLqsWuyqlD~rvvzuZrULwqCdY5aduiGbuysIbK-mLzrdouPNtiQ0JlXEFQCXHRmPMi~uaetIcGr0ecbYaQrWHl2DS7SCFyX3bKsDC270eZIoH81Y2xSFHyGcpwOIVyK91VSAIdfnMbnnJAAm6dtXdG5o50UaljiCmj7w-j~D-yWcb99TJ~1vxdLTSQC9Z2ivu6WpiqgQKQ2O0idRs4wqv4hEzi-VjphwrABLfaLHwdbvJkYCAmgirZRwKqBfhDLdoZX6PbWwgK0zPNqpfHXn5Ljd4iMHQzVJF1xQZw5UD4C1T-pGAwO5PvIR8lrvpwpJqQ__&Key-Pair-Id=K3IVFO0KFGPSF4 IP 54.230.245.210:0 ASN #16509 AMAZON-02 File type PNG image data, 1783 x 2756, 8-bit/color RGBA, non-interlaced\012- data Size 839 kB (839338 bytes) Hash 67605efb481cd5a5d300495e80882644 fc9087a46bdc425a10ed93a070ab16249376ab89 7293d375cf0f37a878c0f3deb95a75b25fe966ac527dd1e484719d15409dbf0a HTTP Headers GET /docs%2F50ae5be2-4d21-49c7-8423-844d813773b2%2Fv2_images%2F3?Expires=1675168743&Signature=c2L8RFQ2JWXt~HPrXKgCRLqsWuyqlD~rvvzuZrULwqCdY5aduiGbuysIbK-mLzrdouPNtiQ0JlXEFQCXHRmPMi~uaetIcGr0ecbYaQrWHl2DS7SCFyX3bKsDC270eZIoH81Y2xSFHyGcpwOIVyK91VSAIdfnMbnnJAAm6dtXdG5o50UaljiCmj7w-j~D-yWcb99TJ~1vxdLTSQC9Z2ivu6WpiqgQKQ2O0idRs4wqv4hEzi-VjphwrABLfaLHwdbvJkYCAmgirZRwKqBfhDLdoZX6PbWwgK0zPNqpfHXn5Ljd4iMHQzVJF1xQZw5UD4C1T-pGAwO5PvIR8lrvpwpJqQ__&Key-Pair-Id=K3IVFO0KFGPSF4 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 839338 Connection: keep-alive Date: Tue, 31 Jan 2023 12:38:05 GMT Last-Modified: Mon, 09 Jan 2023 14:37:55 GMT ETag: "67605efb481cd5a5d300495e80882644" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 7d7WQr3Ec_gHaOSJjYvzgKCYsF4kuyBFgJS2v75c90XVfQ5xaOWg4A==`

	contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/4?viewLoadTime=1675168678&timezoneOffset=0	3.220.57.224	200 OK	1.5 kB
URL HTTP/1.1 contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu/page_data/4?viewLoadTime=1675168678&timezoneOffset=0 IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type JSON data\012- , ASCII text, with very long lines (8256), with no line terminators Size 1.5 kB (1478 bytes) Hash b91f5f1d127962defb5e4e8533bf78c9 1cb06728f3b54f85552ae4aab0e8c666a276b9a6 ddf7c0a683ee50fb25c20f7e3d0e7edcaa1070000b8f90e001dd236bfd2e31f3 HTTP Headers GET /view/cxhrnq3ehwbae8cu/page_data/4?viewLoadTime=1675168678&timezoneOffset=0 HTTP/1.1 Host: contentcrowd.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: NZdBmL+FWKTP4/U3lwMGuTsZnTr1pIe7FHlvAaMhUPsQBNsd9IoDDyYwzCIA3CO802z266eYQoIeXqbuKgPFaQ== X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://contentcrowd.docsend.com/view/cxhrnq3ehwbae8cu?email= Cookie: _v_=QC6MbHUWUgOD06LyKjEppI7kxDLqfJeMhMkWfFrtiAzzPW1mfwJ%2B1T4ZoLcDEPKB9M0Jot%2B0dLsatVGAe6HreZV87cj%2BgribozUp5zw%3D--yfkNUYq7MVug4zna--oe2ragt9NpgjmIiZJsZ17A%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=42c56a24ad0a86bac68e29bf1f3578f5; __Secure-dbx_consent={"consentType":1,"consentDate":"2023-01-31T12:38:18.521Z","expireDate":"2023-07-31T12:38:18.521Z","consentMonths":6,"categories":{},"userInteracted":false,"numDots":2}; intercom-id-lv6lji7h=bfd1dcb6-0952-4763-aee9-9ca183845881; intercom-session-lv6lji7h=; intercom-device-id-lv6lji7h=8e32415e-33b5-4042-af8c-91faaf0eba0d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 12:38:05 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"1c0ca020780cffcc4bd0ebc418310f31" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-JDRMwK1EIBTxbmxb9/82dQ=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=O2d3zTas6SJKPKs2urIob3AoNwMqWzeOahB4Adhvt9k7fQi5GWn%2FM84uEdU4EtqK13QvUr7qpPsUKfuC8j9Jr9i0T3s71o8QPRyKw2A%3D--AE3uXGPORz%2FeUugs--5CeGMkKGdCwLgCiqQYVjuA%3D%3D; domain=.docsend.com; path=/; expires=Wed, 31 Jan 2024 12:38:05 GMT; SameSite=None; secure X-Request-Id: 0813d7fb-9ebf-4ffc-8eb1-e0e43c7199dc X-Runtime: 0.044380 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	js.intercomcdn.com/vendor.093ba5d6.js	54.230.111.62	200 OK	0 B
URL HTTP/2 js.intercomcdn.com/vendor.093ba5d6.js IP 54.230.111.62:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /vendor.093ba5d6.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 108273 date: Tue, 31 Jan 2023 10:52:11 GMT last-modified: Tue, 31 Jan 2023 10:38:01 GMT etag: "b07617332a2da4edc9e0f73e8c835864" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000, s-maxage=7200, public content-encoding: gzip x-amz-version-id: ZtmHMeMh0oZaefn37djTEKS3S5dvMBs5 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: at1ZeNjqotm0LulDETnFkIn4rKdIkIbNz9QqbLq9MP5XgrAp42AiBQ== age: 6350 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	www.dropbox.com/pithos/privacy_consent	162.125.71.18	307 Temporary Redirect	0 B
URL HTTP/2 www.dropbox.com/pithos/privacy_consent IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers `GET /pithos/privacy_consent HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 307 Temporary Redirect cache-control: no-cache,no-cache, no-store content-security-policy: sandbox location: https://www.dropbox.com/pithos/host%3Acontentcrowd.docsend.com/privacy_consent referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MTMwODA2MzMyNjM5NjEyOTM0ODY3NDM1NzkxMjQ0NTkxNzU1OTU4; expires=Sun, 30 Jan 2028 12:37:58 GMT; HttpOnly; Path=/; SameSite=None; Secure t=cz1U4_ZTSB7t--2veXV2y--W; Domain=dropbox.com; expires=Fri, 30 Jan 2026 12:37:58 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=cz1U4_ZTSB7t--2veXV2y--W; expires=Fri, 30 Jan 2026 12:37:58 GMT; Path=/; SameSite=None; Secure __Host-ss=JxeJWPAdOI; expires=Fri, 30 Jan 2026 12:37:58 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 12:37:58 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/html; charset=utf-8 date: Tue, 31 Jan 2023 12:37:58 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 6679a70297884f019603b43da6c197e0 X-Firefox-Spdy: h2

	www.dropbox.com/pithos/privacy_consent_service	162.125.71.18	307 Temporary Redirect	0 B
URL HTTP/2 www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers GET /pithos/privacy_consent_service HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Cookie: gvc=MTMwODA2MzMyNjM5NjEyOTM0ODY3NDM1NzkxMjQ0NTkxNzU1OTU4; t=cz1U4_ZTSB7t--2veXV2y--W; __Host-js_csrf=cz1U4_ZTSB7t--2veXV2y--W; locale=en; __Host-logged-out-session=ChAWe9jKZek3QOM2V7flzFA2EKeX5J4GGi5BRmtZRTZncVl1YTdRU2dMX2llcHNoNFdlVHNnNG5kcHNhSUdNUFJIaXdaaGx3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 307 Temporary Redirect cache-control: no-cache,no-cache, no-store content-security-policy: sandbox location: https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service referrer-policy: strict-origin-when-cross-origin set-cookie: t=cz1U4_ZTSB7t--2veXV2y--W; Domain=dropbox.com; expires=Fri, 30 Jan 2026 12:38:01 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=cz1U4_ZTSB7t--2veXV2y--W; expires=Fri, 30 Jan 2026 12:38:01 GMT; Path=/; SameSite=None; Secure __Host-ss=JxeJWPAdOI; expires=Fri, 30 Jan 2026 12:38:01 GMT; HttpOnly; Path=/; SameSite=Strict; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/html; charset=utf-8 date: Tue, 31 Jan 2023 12:38:01 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 880117af4d55439c845f82f4a121c248 X-Firefox-Spdy: h2

	api-iam.intercom.io/messenger/web/ping	54.81.202.145	200 OK	0 B
URL HTTP/2 api-iam.intercom.io/messenger/web/ping IP 54.81.202.145:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers `POST /messenger/web/ping HTTP/1.1 Host: api-iam.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 378 Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 31 Jan 2023 12:38:01 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate x-ratelimit-limit: 13333 x-ratelimit-reset: 1675168690 strict-transport-security: max-age=31556952; includeSubDomains; preload x-ratelimit-remaining: 13322 access-control-allow-origin: https://contentcrowd.docsend.com vary: Accept,Accept-Encoding x-intercom-version: 9f1f027b3586c6430e21b5ac31dc80f7a25a1133 x-xss-protection: 1; mode=block content-encoding: gzip x-request-id: 0003vfaami2911fc6p7g access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA access-control-allow-credentials: true access-control-allow-methods: POST, GET, OPTIONS etag: W/"95dcb8dd0d9e0148da739cf4e2116025" x-runtime: 0.324425 x-frame-options: SAMEORIGIN x-content-type-options: nosniff server: nginx x-ami-version: ami-0c75d874912a7b35f X-Firefox-Spdy: h2

	api-iam.intercom.io/messenger/web/ping	54.81.202.145	200 OK	0 B
URL HTTP/2 api-iam.intercom.io/messenger/web/ping IP 54.81.202.145:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers `POST /messenger/web/ping HTTP/1.1 Host: api-iam.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 491 Origin: https://contentcrowd.docsend.com Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 12:38:02 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate x-ratelimit-limit: 13333 x-ratelimit-reset: 1675168690 strict-transport-security: max-age=31556952; includeSubDomains; preload x-ratelimit-remaining: 13317 access-control-allow-origin: https://contentcrowd.docsend.com vary: Accept,Accept-Encoding x-intercom-version: 9f1f027b3586c6430e21b5ac31dc80f7a25a1133 x-xss-protection: 1; mode=block content-encoding: gzip x-request-id: 0006uonkg7j40frg7j00 access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA access-control-allow-credentials: true access-control-allow-methods: POST, GET, OPTIONS etag: W/"9c15ca5f681a0efd87ebdf857a3ee5dc" x-runtime: 0.240150 x-frame-options: SAMEORIGIN x-content-type-options: nosniff server: nginx x-ami-version: ami-0c75d874912a7b35f X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Open+Sans:700,600,400,400italic,300,300italic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://contentcrowd.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 31 Jan 2023 12:37:58 GMT date: Tue, 31 Jan 2023 12:37:58 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL