Overview

URLdsepost.web.app/r9sar0h3linF4AB12ABCDEFGHIJKLMNOPQd07r9s0h3nW1
IP 199.36.158.100 (United States)
ASN#54113 FASTLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 23:16:28 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
aadcdn.msauth.net (1) 1421 No data No data 13.107.237.53
account.docusign.com (3) 11561 2019-01-24 02:27:41 UTC 2020-03-27 06:57:45 UTC 185.81.100.37
www.docusign.net (1) 23829 2012-08-07 15:51:05 UTC 2020-04-27 11:13:27 UTC 162.248.184.27
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:53:26 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
dse.vytob.com (1) 0 2022-11-28 16:08:49 UTC 2022-11-28 16:08:49 UTC 45.138.74.27 Unknown ranking
dsepost.web.app (2) 0 2022-11-22 21:02:01 UTC 2022-11-28 10:25:15 UTC 199.36.158.100 Unknown ranking
docucdn-a.akamaihd.net (3) 10361 2014-04-10 18:55:33 UTC 2020-03-12 22:26:23 UTC 23.36.76.243
login.live.com (1) 79 2012-05-21 07:00:20 UTC 2020-04-15 21:10:08 UTC 40.126.32.135
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.70.121
eaglelodgealaska.com (1) 0 2015-09-14 02:39:56 UTC 2022-11-06 12:51:47 UTC 69.194.236.160 Unknown ranking
www.docusign.com (1) 21972 2012-10-04 12:14:07 UTC 2020-04-27 11:13:27 UTC 151.101.86.133
r3.o.lencr.org (8) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (1) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
aadcdn.msftauth.net (6) 1455 No data No data 152.199.23.37

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-28 2 dsepost.web.app/r9sar0h3linF4AB12ABCDEFGHIJKLMNOPQd07r9s0h3nW1 Phishing
2022-11-28 2 dsepost.web.app/r9sar0h3linF4AB12ABCDEFGHIJKLMNOPQd07r9s0h3nW1 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.36.158.100
Date UQ / IDS / BL URL IP
2023-01-31 12:47:18 +0000 0 - 0 - 2 xqjatsazuk.web.app/ 199.36.158.100
2023-01-31 12:42:37 +0000 4 - 0 - 4 dnbauth2.firebaseapp.com/ 199.36.158.100
2023-01-31 11:55:31 +0000 0 - 0 - 2 business-meta-page-1098692137.web.app/ 199.36.158.100
2023-01-31 11:12:30 +0000 0 - 0 - 6 cms-thingslabo.web.app/ 199.36.158.100
2023-01-31 09:22:25 +0000 0 - 0 - 6 track-id8982.web.app/ 199.36.158.100


Last 5 reports on ASN: FASTLY
Date UQ / IDS / BL URL IP
2023-01-31 13:32:55 +0000 0 - 0 - 0 rgp.com 23.185.0.3
2023-01-31 13:09:21 +0000 0 - 0 - 0 cohesity.com 23.185.0.4
2023-01-31 12:47:18 +0000 0 - 0 - 2 xqjatsazuk.web.app/ 199.36.158.100
2023-01-31 12:42:37 +0000 4 - 0 - 4 dnbauth2.firebaseapp.com/ 199.36.158.100
2023-01-31 12:41:19 +0000 0 - 1 - 0 raw.githubusercontent.com/0fflineDocs/Defende (...) 185.199.109.133


Last 3 reports on domain: dsepost.web.app
Date UQ / IDS / BL URL IP
2022-12-18 08:41:00 +0000 0 - 0 - 2 dsepost.web.app/jihoona51hyundai-s5kQF4zF4zld (...) 199.36.158.100
2022-11-29 06:26:25 +0000 0 - 0 - 2 dsepost.web.app/nW1arr9siAB12ABCDEFGHIJKLMNOP (...) 199.36.158.100
2022-11-28 23:16:28 +0000 0 - 0 - 2 dsepost.web.app/r9sar0h3linF4AB12ABCDEFGHIJKL (...) 199.36.158.100


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-27 13:44:59 +0000 0 - 0 - 2 docusigning.net/about.php?url=concursolutions (...) 191.101.79.171
2022-12-17 06:44:48 +0000 0 - 0 - 2 bs.serving-sys.com/Serving/adServer.bs?cn=brd (...) 18.157.136.100
2022-12-15 23:47:52 +0000 0 - 0 - 2 bs.serving-sys.com/Serving/adServer.bs?cn=brd (...) 3.65.106.29
2022-12-15 23:33:59 +0000 0 - 0 - 3 mynetid23.web.app/jakF4zd07hwanga51h0h3nW1F4z (...) 199.36.158.100
2022-12-07 17:49:32 +0000 0 - 0 - 0 eu.docusign.net 185.81.100.28

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (46)


Request Response
                                        
                                            GET /r9sar0h3linF4AB12ABCDEFGHIJKLMNOPQd07r9s0h3nW1 HTTP/1.1 
Host: dsepost.web.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.36.158.100
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://dsepost.web.app/r9sar0h3linF4AB12ABCDEFGHIJKLMNOPQd07r9s0h3nW1
Accept-Ranges: bytes
Date: Mon, 28 Nov 2022 23:16:16 GMT
X-Served-By: cache-bma1668-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1669677377.797312,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4356
Expires: Tue, 29 Nov 2022 00:28:53 GMT
Date: Mon, 28 Nov 2022 23:16:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4421
Cache-Control: max-age=131325
Date: Mon, 28 Nov 2022 23:16:17 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:45:02 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7999
Expires: Tue, 29 Nov 2022 01:29:36 GMT
Date: Mon, 28 Nov 2022 23:16:17 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 22:17:50 GMT
cache-control: public,max-age=3600
age: 3507
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 2042
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /r9sar0h3linF4AB12ABCDEFGHIJKLMNOPQd07r9s0h3nW1 HTTP/1.1 
Host: dsepost.web.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.36.158.100
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=3600
content-encoding: gzip
etag: "aedd9a82dd4ea6dcd15ca36c1200bfdb193fce148911cb896c0cff2663a213d8"
last-modified: Sun, 27 Nov 2022 09:20:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 28 Nov 2022 23:16:17 GMT
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669677377.088907,VS0,VE57
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9127
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1101)
Size:   9127
Md5:    1a4d324f5b57cda4dce7dca42fbd60e1
Sha1:   cef7810a0e4c1e024973fb51a56ee69ea59e756f
Sha256: aedd9a82dd4ea6dcd15ca36c1200bfdb193fce148911cb896c0cff2663a213d8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 23:16:17 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /s/gts1d4int/8EklPeV1cd0 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:16:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js HTTP/1.1 
Host: aadcdn.msftauth.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dsepost.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         152.199.23.37
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 3046644
cache-control: public, max-age=31536000
content-md5: xAmVJ4UrtXATagLD0tDXoQ==
date: Mon, 28 Nov 2022 23:16:17 GMT
etag: 0x8D9942E72241B02
last-modified: Thu, 21 Oct 2021 01:02:25 GMT
server: ECAcc (ska/F6E6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f8241864-001e-000b-50c9-e70aca000000
x-ms-version: 2009-09-19
content-length: 26117
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (49529)
Size:   26117
Md5:    c4099527852bb570136a02c3d2d0d7a1
Sha1:   b07b674fb73ddddc9bff08b48b6b147505cb2965
Sha256: a3c764080babe34837f4141640fa646aa98a6963a2dcf0abfb482b6007c9fa5b
                                        
                                            GET /ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css HTTP/1.1 
Host: aadcdn.msftauth.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dsepost.web.app
Connection: keep-alive
Referer: https://dsepost.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         152.199.23.37
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 4862109
cache-control: public, max-age=31536000
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
date: Mon, 28 Nov 2022 23:16:17 GMT
etag: 0x8D982C8F03AF4D4
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (ska/F769)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c56d37c1-b01e-0053-3746-d76e6f000000
x-ms-version: 2009-09-19
content-length: 19877
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (61177)
Size:   19877
Md5:    d0ed87f63b8660bd339337185abd0d22
Sha1:   eab58f2ada552aaaa64115714a53911b808e9960
Sha256: 7de61e0e2dc500867def43564fd1e74e44e81659d37017f4a2805de625b0ec0d
                                        
                                            GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js HTTP/1.1 
Host: aadcdn.msftauth.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dsepost.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         152.199.23.37
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 15220082
cache-control: public, max-age=31536000
content-md5: +lZRrDLGp8Gp/hURw2aXyQ==
date: Mon, 28 Nov 2022 23:16:17 GMT
etag: 0x8D99FD65BAB30A3
last-modified: Thu, 04 Nov 2021 21:02:05 GMT
server: ECAcc (ska/F7BE)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d636d6ac-c01e-000a-7c12-79f4c7000000
x-ms-version: 2009-09-19
content-length: 5386
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14442)
Size:   5386
Md5:    fa5651ac32c6a7c1a9fe1511c36697c9
Sha1:   192e13ecd4892c62f4c01deb684759620812d152
Sha256: dd4ea852b98a6e5085f81a4b34914684c0d700180c1bbeec08e37bc953ea22ed
                                        
                                            GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js HTTP/1.1 
Host: aadcdn.msftauth.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dsepost.web.app
Connection: keep-alive
Referer: https://dsepost.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         152.199.23.37
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 3018897
cache-control: public, max-age=31536000
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
date: Mon, 28 Nov 2022 23:16:17 GMT
etag: 0x8D992B5E417004E
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (ska/F73C)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 503482f5-501e-0089-330a-e8ffe2000000
x-ms-version: 2009-09-19
content-length: 12608
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32002)
Size:   12608
Md5:    1986d215d2c4f176fda42cd283b709e8
Sha1:   84d1de151fdccfc0d79291df554d284f79797f9a
Sha256: 19ea4555f2964e2375d07b1fd46e7e655ca5acbea84ade244bbe415ba9c4f416
                                        
                                            GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1 
Host: aadcdn.msftauth.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dsepost.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         152.199.23.37
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 8978821
cache-control: public, max-age=31536000
content-md5: DhdidjYrlCeaRJJRG/y9mA==
date: Mon, 28 Nov 2022 23:16:17 GMT
etag: 0x8D7B007297AE131
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F795)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 82e0eb20-701e-0011-72d5-b19fa0000000
x-ms-version: 2009-09-19
content-length: 673
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Size:   673
Md5:    0e176276362b94279a4492511bfcbd98
Sha1:   389fe6b51f62254bb98939896b8c89ebeffe2a02
Sha256: 9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 23:08:55 GMT
cache-control: public,max-age=3600
age: 442
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 
Host: aadcdn.msauth.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dsepost.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.237.53
HTTP/2 200 OK
content-type: image/x-icon
                                        
cache-control: public, max-age=31536000
content-length: 17174
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 2c693574-a01e-005d-05d4-028b5b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0/RmFYwAAAABfeblPbiDvQIeirDmDMHUdRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0QUGFYwAAAAAxUTPwvFZ5TZ92gIoGix3bQ1BIMzBFREdFMDQwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 28 Nov 2022 23:16:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size:   17174
Md5:    12e3dac858061d088023b2bd48e2fa96
Sha1:   e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
Sha256: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
                                        
                                            GET /Me.htm?v=3 HTTP/1.1 
Host: login.live.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dsepost.web.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         40.126.32.135
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: max-age=315360000
Content-Encoding: gzip
Expires: Thu, 25 Nov 2032 23:16:17 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: f77d1275-1c5e-4da7-b344-8e56a7583b35
PPServer: PPV: 30 H: BL02EPF00006719 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=15724ab827e8421689c304e8b0fd0600; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=N&lt=1669677377&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Mon, 28 Nov 2022 23:16:17 GMT
Content-Length: 1132


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
Size:   1132
Md5:    9c08f0f5b411918572bb176b56d4b747
Sha1:   12814f1ffd1c414337cfc57da7561f4386ec8b67
Sha256: d9f196403747ff4bbf6c3d61c7319f51e33be05825ac3b5200665e6e5ee26c0e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6210
Cache-Control: max-age=128048
Date: Mon, 28 Nov 2022 23:16:17 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:50:25 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AM1VZn/ED1/dQsY9z9UWAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.70.121
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B0cCjHYJ28WcD0p3g+3BasveHmQ=

                                        
                                            GET /wp-xmlrpc.php?url=https://dsepost.web.app/r9sar0h3linF4AB12ABCDEFGHIJKLMNOPQd07r9s0h3nW1 HTTP/1.1 
Host: eaglelodgealaska.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dsepost.web.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         69.194.236.160
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 28 Nov 2022 23:16:18 GMT
Server: Apache
Location: https://dse.vytob.com/?username=carolinf4ab12abcdefghijklmnopq.com#/docusign/oauth/authorize?client_id=0.021675648177823-0ff1-0.6848258505039&auth=10.644228187224-0.78805047310332
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4718EE2DA70081FB519012F4DA3A7592E103651E7C476E0FF7672516CD2AD49E"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Tue, 29 Nov 2022 05:16:01 GMT
Date: Mon, 28 Nov 2022 23:16:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7360
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:16:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7360
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:16:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7360
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:16:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7360
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:16:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7360
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:16:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9015
x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnbGLToAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 5656
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9015
Md5:    ae2e2986caa15a90b615147f229b51ec
Sha1:   c6dfd277cdbd057472e6df6ad1a200f50684d442
Sha256: ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 5171
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:02:53 GMT
age: 33206
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10445
Md5:    c76e3c4cc159bda9b9e887fcd449ba51
Sha1:   12d90c36bd455b3b859fdb761b6ed49ea9f98f80
Sha256: fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mFiEmh1axlMNuIBb1YSzcciCdHzHGG7q0f3lQOuHJmjugWgdZKKiSg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:27:11 GMT
age: 42548
etag: "3348f081a3357490a704592d105d02e81886df89"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6037
Md5:    b5e2bc1651b37b8e0467c2a6cb860fb3
Sha1:   3348f081a3357490a704592d105d02e81886df89
Sha256: 751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8106
x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnQEhQoAMFbLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sYK4SFsG-No3Bd-CyGIKSWh4sUokwaHa20tc8zvbqUpxkplJOiASIA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 5656
etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8106
Md5:    5ab97acd46d3380fa12711c96b3c2d35
Sha1:   b703ea2cc2fcd68e60135ff77d5a5f1b93fac128
Sha256: aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:31:58 GMT
age: 71061
etag: "433061bbb226048765a711deca3026ee3e52372f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9203
Md5:    5d574c4db20a68295dbd06cb08f5990b
Sha1:   433061bbb226048765a711deca3026ee3e52372f
Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 587
Cache-Control: max-age=94372
Date: Mon, 28 Nov 2022 23:16:19 GMT
Etag: "63840c9c-1d7"
Expires: Wed, 30 Nov 2022 01:29:11 GMT
Last-Modified: Mon, 28 Nov 2022 01:19:24 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=162871
Date: Mon, 28 Nov 2022 23:16:19 GMT
Etag: "63851a7a-1d7"
Expires: Wed, 30 Nov 2022 20:30:50 GMT
Last-Modified: Mon, 28 Nov 2022 20:30:50 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET /?username=carolinf4ab12abcdefghijklmnopq.com HTTP/1.1 
Host: dse.vytob.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dsepost.web.app/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         45.138.74.27
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Mon, 28 Nov 2022 23:16:18 GMT
location: https://www.docusign.net/Member/EmailStart.aspx?m=c220ef5d-cb80-41ed-b0ab-3120c5e203c2&dl=1
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   210
Md5:    40d6a029029868df908f70ebc544f030
Sha1:   404b334324537cbd74fbae8755d9ecde6d2ad159
Sha256: 2cd57c86d9d6ef85c6f84c59a596dbe69a260e9073ed3530c97a808352ea4b78
                                        
                                            GET /Member/EmailStart.aspx?m=c220ef5d-cb80-41ed-b0ab-3120c5e203c2&dl=1&cookiecheck=1 HTTP/1.1 
Host: www.docusign.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dsepost.web.app/
Connection: keep-alive
Cookie: pvm=SE5FE17_8812; ASP.NET_SessionId=n5fgs3b3mzwgm3t3hl4u2fb4; __AntiXsrfMemberToken=89c13196cf484134bcc98d14baab4a3d; DocuSignCookieCheck=1; BIGipDocuSign_NA1=!qmouQDkBfJoswD+0bOlB09wl7VsgfwqEBkJfRV4QZ5XMZ8e569gr2OhYphmFErfr8WsVXB4fR12/RQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         162.248.184.27
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: https://account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiI3OWI2NDIyMS1jNWFlLTQyOWItYjNhMC00MmQ1YTQ3NTNkMGQiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: pvm=SE5FE17_8812; path=/; secure; HttpOnly; SameSite=None MemberConsoleMobile=; path=/; secure; HttpOnly; SameSite=None Branding=DistributorCode=DocuSign&ProductName=DocuSign; expires=Mon, 01-Jan-2024 08:00:00 GMT; path=/; secure; HttpOnly; SameSite=None ssoEnvelope=c220ef5d-cb80-41ed-b0ab-3120c5e203c2; expires=Mon, 28-Nov-2022 23:26:19 GMT; path=/; secure; HttpOnly; SameSite=None acctLogin=True; expires=Tue, 28-Nov-2023 23:16:19 GMT; path=/; secure; HttpOnly; SameSite=None BIGipDocuSign_NA1=!hmGz133bDjqdTjK0bOlB09wl7Vsgf28xBXCDQxs6eJT0iYvZLAt/Rq8TJbdneAvQ8KZ58OA3B4Z9gA==; path=/; Httponly; Secure; Samesite=None
X-DocuSign-Node: SE5FE17
Date: Mon, 28 Nov 2022 23:16:19 GMT
Content-Length: 818


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (746), with CRLF line terminators
Size:   818
Md5:    4275de920c566293f8c59f1059666989
Sha1:   1dc882e8087f7e3d68c985c7e9cff44455429357
Sha256: 3097c3b607b5e4ab00de231629871ccad01f320d91d4415779ce44725826c9f7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 588
Cache-Control: max-age=94372
Date: Mon, 28 Nov 2022 23:16:20 GMT
Etag: "63840c9c-1d7"
Expires: Wed, 30 Nov 2022 01:29:12 GMT
Last-Modified: Mon, 28 Nov 2022 01:19:24 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6095
Cache-Control: max-age=125797
Date: Mon, 28 Nov 2022 23:16:20 GMT
Etag: "638471da-1d7"
Expires: Wed, 30 Nov 2022 10:12:57 GMT
Last-Modified: Mon, 28 Nov 2022 08:31:22 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiI3OWI2NDIyMS1jNWFlLTQyOWItYjNhMC00MmQ1YTQ3NTNkMGQiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true HTTP/1.1 
Host: account.docusign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dsepost.web.app/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.81.100.37
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
X-DocuSign-TraceToken: be920836-0379-4dbf-9bf7-b8f39578679c
X-Frame-Options: SAMEORIGIN
Content-Security-Policy-Report-Only: default-src 'self' https:;script-src 'unsafe-inline' 'self';style-src 'unsafe-inline' 'self';img-src data: https://docucdn-a.akamaihd.net 'self' https://*.docusign.com https://*.docusign.net https://www.docusign.com.au https://www.docusign.co.uk https://www.docusign.ca;font-src 'self' https://* data:;connect-src 'self' data: https://api-js.mixpanel.com https://docucdn-a.akamaihd.net https://telemetry.dev.docusign.net https://telemetry-s.docusign.net https://telemetry-d.docusign.net https://telemetry.docusign.net https://www.docusign.com https://account.docusign.com;object-src 'none';media-src 'none';frame-src 'self' https://docusign.sjv.io; report-uri /client-errors/csp/report
Content-Security-Policy: default-src 'self' https:;script-src 'unsafe-inline' 'self';style-src 'unsafe-inline' 'self';img-src data: https://docucdn-a.akamaihd.net 'self' https://*.docusign.com https://*.docusign.net https://www.docusign.com.au https://www.docusign.co.uk https://www.docusign.ca;font-src 'self' https://* data:;connect-src 'self' data: https://api-js.mixpanel.com https://docucdn-a.akamaihd.net https://telemetry.dev.docusign.net https://telemetry-s.docusign.net https://telemetry-d.docusign.net https://telemetry.docusign.net https://www.docusign.com https://account.docusign.com;object-src 'none';media-src 'none';frame-src 'self' https://docusign.sjv.io; report-uri /client-errors/csp/enforce
X-XSS-Protection: 1; mode=block; report=/client-errors/xss
Set-Cookie: __RequestVerificationToken=AahSIWyLfPeOi9JERt3xPz0B0; path=/; secure; HttpOnly
X-DocuSign-Node: FR1FE22
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer,strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 23:16:20 GMT
Content-Length: 9269


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7136), with CRLF line terminators
Size:   9269
Md5:    2b439fa2111ee3b3c03e800cddf08b6a
Sha1:   80dafeeca1d1dd392b4e0f05e4009f0920e07a85
Sha256: 4d21b3f5ac2715076e76cb2ff39f700f687520927a3fcd6e8d1e86a4a8e9a42f
                                        
                                            GET /ReactApp/src/vendor/html-domparser.js HTTP/1.1 
Host: account.docusign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiI3OWI2NDIyMS1jNWFlLTQyOWItYjNhMC00MmQ1YTQ3NTNkMGQiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
Connection: keep-alive
Cookie: __RequestVerificationToken=AahSIWyLfPeOi9JERt3xPz0B0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.81.100.37
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public
Expires: Tue, 29 Nov 2022 00:54:54 GMT
Last-Modified: Sat, 05 Nov 2022 21:09:29 GMT
Accept-Ranges: bytes
ETag: "1D8F15AE47A4A80"
X-DocuSign-Node: FR2FE22
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer,strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 23:16:19 GMT
Content-Length: 1103


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1103
Md5:    3df93052c874fab3c7d48b4e25b927a2
Sha1:   d71db5b307735280048c30d2b693b2fdf20d647e
Sha256: 8a062190dacef122be3bdc0411d765f75c1c9ce63cd5a3e51ad53857a1ffebad
                                        
                                            GET /ReactApp/dist/bundle.js?version=22.3.200.36559 HTTP/1.1 
Host: account.docusign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiI3OWI2NDIyMS1jNWFlLTQyOWItYjNhMC00MmQ1YTQ3NTNkMGQiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
Connection: keep-alive
Cookie: __RequestVerificationToken=AahSIWyLfPeOi9JERt3xPz0B0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         185.81.100.37
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=86400
Content-Encoding: gzip
Last-Modified: Sat, 05 Nov 2022 21:28:05 GMT
Accept-Ranges: bytes
ETag: "8060aa7d5df1d81:0"
Vary: Accept-Encoding
X-DocuSign-Node: FR1FE22
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer,strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 23:16:20 GMT
Content-Length: 516258


--- Additional Info ---
Magic:  ASCII text, with very long lines (65472)
Size:   516258
Md5:    bb39fead37c82f54d423dc84fea168b8
Sha1:   688524310bbe8fc410e07a0192cd626e8e90f675
Sha256: 8ab4dc4a8bd5cd43cef2e018af58a2b2ec62ff3ee7354f2cb57eeaa6199cf203
                                        
                                            GET /olive/fonts/2.8.0/maven_pro_bold.woff HTTP/1.1 
Host: docucdn-a.akamaihd.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://account.docusign.com/
Origin: https://account.docusign.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.243
HTTP/2 200 OK
content-type: font/woff
                                        
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
etag: "4de7535f6f5df8d5437c21c068ddb0ec:1603842502.445065"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
content-length: 33752
cache-control: max-age=3628800
date: Mon, 28 Nov 2022 23:16:21 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, CFF, length 33752, version 0.0\012- data
Size:   33752
Md5:    4de7535f6f5df8d5437c21c068ddb0ec
Sha1:   3553204b4624ca41cf1c4f3bd9b37d8c968cba23
Sha256: 8f6a520a392ff62149e5fc5aa87bfab9b3816cd6010d4d4fca194e8683ca498b
                                        
                                            GET /olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff HTTP/1.1 
Host: docucdn-a.akamaihd.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://account.docusign.com/
Origin: https://account.docusign.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.243
HTTP/2 200 OK
content-type: font/woff
                                        
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
etag: "4a573fac9111d6adcb3994983539bd75:1603842490.434411"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
content-length: 47748
cache-control: max-age=3628800
date: Mon, 28 Nov 2022 23:16:21 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 47748, version 1.0\012- data
Size:   47748
Md5:    4a573fac9111d6adcb3994983539bd75
Sha1:   69bebefe9edeac85cc27516dbe0ea176c1c2c25c
Sha256: dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
                                        
                                            GET /olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff HTTP/1.1 
Host: docucdn-a.akamaihd.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://account.docusign.com/
Origin: https://account.docusign.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.243
HTTP/2 200 OK
content-type: font/woff
                                        
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
etag: "b9d0556a2c620a939d54c63be3df6c6c:1603842491.763499"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
content-length: 37560
cache-control: max-age=3628800
date: Mon, 28 Nov 2022 23:16:21 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 37560, version 1.0\012- data
Size:   37560
Md5:    b9d0556a2c620a939d54c63be3df6c6c
Sha1:   97968884d4c5a93c46ab1334ce9e9156c694ea4d
Sha256: 90973db3f26fe86b648ec735f3183b44902e5cedf2b1a042402bac39da70404f
                                        
                                            GET /sites/all/themes/custom/docusign/favicons/favicon.ico HTTP/1.1 
Host: www.docusign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.docusign.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         151.101.86.133
HTTP/2 200 OK
content-type: image/x-icon
                                        
cache-control: max-age=31622400
etag: "6370729e-3c2e"
expires: Wed, 15 Nov 2023 16:12:43 GMT
last-modified: Sun, 13 Nov 2022 04:29:18 GMT
server: nginx
x-pantheon-styx-hostname: styx-fe3-b-77b587f5fd-sgvlk
x-styx-req-id: 2b778156-6437-11ed-b62a-62e27c1c8989
content-encoding: gzip
x-timer: S1668474430.148757,VS0,VE201
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 28 Nov 2022 23:16:21 GMT
age: 1235018
x-served-by: cache-chi-klot8100148-CHI, cache-bma1639-BMA, cache-bma1652-BMA
x-cache: HIT, MISS, HIT
x-cache-hits: 1, 0, 3
vary: Accept-Encoding, X-Original-Host
strict-transport-security: max-age=31557600; includeSubDomains; preload
content-length: 1362
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   1362
Md5:    113270506f7c8b653254e5cfce14f032
Sha1:   1b56c09f371328400696a22ddd04e61bce460000
Sha256: dfdf0fb52b9da3ac655b57f60027763e68b8ab0b199d5f13e2f6fb034efc5dca
                                        
                                            GET /shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js HTTP/1.1 
Host: aadcdn.msftauth.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dsepost.web.app
Connection: keep-alive
Referer: https://dsepost.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         152.199.23.37
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 1833169
cache-control: public, max-age=31536000
content-md5: e+GEpArZIh9idGnWSOj0zg==
date: Mon, 28 Nov 2022 23:16:17 GMT
etag: 0x8D99FD6608B3F3E
last-modified: Thu, 04 Nov 2021 21:02:14 GMT
server: ECAcc (ska/F7A6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ee0683d1-f01e-0014-0cd3-f28a01000000
x-ms-version: 2009-09-19
content-length: 128665
X-Firefox-Spdy: h2


--- Additional Info ---