Report - docsend.com/presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect

Report Overview

Submitted URL
docsend.com/presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=docsend.com/view/nkbutbsbr9kvm9q4
IP
3.220.57.224
ASN
#14618 AMAZON-AES
Submitted
2023-01-31 02:44:58
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
l.evidon.com	8143	2020-08-25T21:57:20Z	2023-03-13T07:50:57Z	976 B	382 B	54.84.70.3
api-iam.intercom.io	2892	2018-08-02T22:07:54Z	2023-03-13T07:27:25Z	944 B	3.4 kB	44.195.164.63
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	343 B	699 B	142.250.74.131
cfl.dropboxstatic.com	13598	2017-01-30T05:53:29Z	2023-03-13T05:51:24Z	420 B	67 kB	104.16.99.29
www.dropbox.com	1994	2012-05-21T22:31:28Z	2023-03-13T07:55:48Z	2.4 kB	66 kB	162.125.71.18
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.1 kB	3.0 kB	54.230.245.110
c.evidon.com	1097	2017-03-09T22:38:50Z	2023-03-13T07:50:56Z	1.9 kB	20 kB	104.88.23.136
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	104.18.32.68
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.6 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	66 kB	34.120.237.76
consent.dropbox.com	27413	2021-06-16T17:13:58Z	2023-03-12T23:42:49Z	631 B	1.4 kB	54.230.111.120
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
d2qvtfnm75xrxf.cloudfront.net	unknown	2015-07-20T12:03:28Z	2023-03-12T17:13:45Z	2.8 kB	2.0 MB	54.230.245.17
d5doxliz2zm8u.cloudfront.net	unknown	2021-11-04T18:17:10Z	2023-03-10T09:06:18Z	1.7 kB	136 kB	54.230.245.153
d.dropbox.com	1300	2012-11-25T21:07:07Z	2023-03-12T18:12:06Z	1.1 kB	1.1 kB	162.125.7.20
docsend.com	58938	2014-04-04T12:48:39Z	2023-03-13T08:14:34Z	4.6 kB	25 kB	3.220.57.224
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.39.110.92
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	422 B	2.0 kB	142.250.74.106
widget.intercom.io	2417	2020-07-20T14:16:46Z	2023-03-13T07:32:58Z	365 B	6.8 kB	54.230.111.86
js.intercomcdn.com	2440	2020-02-19T12:43:00Z	2023-03-13T07:32:58Z	735 B	249 kB	54.230.111.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 02:45:01	high	162.125.71.18	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use
2023-01-31 02:45:03	high	162.125.7.20	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	docsend.com/view/nkbutbsbr9kvm9q4	31 B	2023-03-07	2024-04-25
Pretty URL docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-04-25 15:42:24 Times Seen469 Hash 997bc267a126a1af0b147e52ee2274ec 283f5eea465445d4a02d6b006954adabe6ae86b1 f37819c0a8f3d5b4aefb1c1a91f921d9b7b5f9377e136614329bc495b993087a Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 22:58:45 Times Seen37103964 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.dropbox.com/pithos/privacy_consent_service	12 kB	2023-03-13	2023-03-13
Pretty URL www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18 ASN #19679 DROPBOX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:26:02 Last Seen2023-03-13 12:54:21 Times Seen1 Hash d7ca4624e9b4c399e52c2dc72887d9ee 7e7725bc169b595a301935fc8b1fc6f28a9691d3 86992fe46dda8337168b949ac9f10ea5d6c3b6d072b953a371a2ad9e842bbb3f Loading...

	c.evidon.com/sitenotice/3401/snthemes.js	125 kB	2023-03-07	2023-04-02
Pretty URL c.evidon.com/sitenotice/3401/snthemes.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2023-04-02 21:30:48 Times Seen64 Hash 0e8f664fca39681028b4b07b5be34f2d 7298f430eb83f9116df80423cf956d09d0e6f8c4 4f71436a97288b116c8b61d62030fa6549acb42827ca7f7aeaacab78132190a8 Loading...

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js	9.6 kB	2023-03-13	2023-03-13
Pretty URL d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js IP 54.230.245.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:21 Last Seen2023-03-13 14:18:16 Times Seen1 Hash b43afc413a3d2b171ebed756526da932 3e8ead26a98d769e1e39170122c27053fe4c678b 0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7 Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vfllph1M9.js	108 kB	2023-03-13	2023-03-13
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vfllph1M9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:25:48 Last Seen2023-03-13 15:11:09 Times Seen1 Hash 96987533d4700e38006e30ad8fad9edb 3b784dec2308460a9f40585423936c4e54fc93ff fc677b17157c0d63f0f8a552aab9080d73c07aa4b1da0b5db178dc7e67ada14b Loading...

	c.evidon.com/sitenotice/3401/dropbox/settings.js	5.1 kB	2023-03-07	2023-03-14
Pretty URL c.evidon.com/sitenotice/3401/dropbox/settings.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:27 Last Seen2023-03-14 06:57:53 Times Seen1 Hash 7119db14253f426ac1ed52da3fd5d054 9377f384c543a5211174e97b4cec458e2a801d34 4a01a147c430ebeffa841da984db9622de37957eed294ed3dcf4fa4deb7422df Loading...

	c.evidon.com/sitenotice/evidon-banner.js	13 kB	2023-03-09	2023-03-26
Pretty URL c.evidon.com/sitenotice/evidon-banner.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:10:59 Last Seen2023-03-26 13:12:38 Times Seen50 Hash 953f08dcce4b8af3f743056f673c8514 4e8acdae78b9b5f1c228cb28de23cca6ad5b3c4e f82f137e8e73611fa376c19abe5d768d8880cfce9082c8cb8a5819d3350bc881 Loading...

	widget.intercom.io/widget/lv6lji7h	19 kB	2023-03-13	2023-03-13
Pretty URL widget.intercom.io/widget/lv6lji7h IP 54.230.111.86 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:32:21 Last Seen2023-03-13 13:12:40 Times Seen1 Hash 653061b5953e2926bbdd4366032db78b 4221f304c9d503c8c7dae3c7bc755e1306f0a742 a855d9dbf70ceb2931b112ee3f179b7153a8caeee9acad488f2c10794fbe3090 Loading...

	docsend.com/view/nkbutbsbr9kvm9q4	292 B	2023-03-12	2023-03-13
Pretty URL docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:23:38 Last Seen2023-03-13 19:45:45 Times Seen1 Hash dd2d086a0c37ecbc9497ae2d2ad4f4d5 ceab8107721d747ee65a763f3ca99ab197f8f0a6 76450dd61645b78669c536ed1182e5951d2eeb7dc7c2bf18d172ad9b8bba3aef Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js	218 kB	2023-03-13	2023-03-13
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js IP 104.16.99.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:46:02 Last Seen2023-03-13 15:11:50 Times Seen1 Hash c09157ad4df79ea30313688e19981ac2 2284f9ce2b52b5e356c96351ded93ce38627507a 84edf4212bc1a17eec7b00aaf7fcd3e36c62c47864fef0135067851724dadcbf Loading...

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false	569 B	2023-03-07	2023-04-05
Pretty URL consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false IP 54.230.111.120 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:27 Last Seen2023-04-05 02:11:39 Times Seen83 Hash 61b81b2411a67a89aad55835c4e864f2 623c4e487131583d402815eb75cfced9b694017d 929203495e37db6972ddc172e9664002093c6bb973da2ca7a5001c26d680d2de Loading...

	c.evidon.com/sitenotice/evidon-sitenotice-tag.js	75 kB	2023-03-09	2023-03-13
Pretty URL c.evidon.com/sitenotice/evidon-sitenotice-tag.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:15:50 Last Seen2023-03-13 19:09:27 Times Seen1 Hash b9539a2e77d15a946ad29fbada55c14c 01b157a8436cb78c9ff3364c629b5390429b0308 973e0be9ad095c6bea8d2a9b22df3acbc368ecb234823059ddac700ed103c593 Loading...

	docsend.com/view/nkbutbsbr9kvm9q4	3.3 kB	2023-03-13	2023-03-13
Pretty URL docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:21 Last Seen2023-03-13 12:54:21 Times Seen1 Hash 0a4139f28985e08cfdb05c282d67d19b 38e18ed2bd7d646dd599d449d9fa3b21604c302f 22e820d72ff13db412424a57bcb300ca4afd2357273f17751af3ff590f00c051 Loading...

	docsend.com/view/nkbutbsbr9kvm9q4	777 B	2023-03-07	2024-04-25
Pretty URL docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-04-25 15:42:22 Times Seen488 Hash eed47e70bb30c26af1d2b05cb6cbb36e a6280e737500da85f94d5dd1b4bcf53e8ab7ebb6 33f828b1c1cc8d01a5365dda26f42257988e5ab755e9d1c9c06c8b650564b612 Loading...

	docsend.com/view/nkbutbsbr9kvm9q4	588 B	2023-03-13	2023-03-13
Pretty URL docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:21 Last Seen2023-03-13 12:54:21 Times Seen1 Hash 9553ebba1bf721cc5e1b7780428527ae a7e3b4f38a140d955a6ff924fc7b5df017a6a49b 0c1a3c3d9f9ff394538dc5b963dfdc1cf8b0553376ca70b07187e660b05d57a0 Loading...

	www.dropbox.com/pithos/privacy_consent	8.4 kB	2023-03-13	2023-03-13
Pretty URL www.dropbox.com/pithos/privacy_consent IP 162.125.71.18 ASN #19679 DROPBOX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:48:46 Last Seen2023-03-13 15:11:50 Times Seen1 Hash 1109f4067f063577f565304b2de41396 c2fec2f18baebb58501776b0111f64d897d5fb6d 19ec4d569b1a5d307dcdc90fc97df9ebb45b865fac6e254f11fa64c5eafbe68d Loading...

	js.intercomcdn.com/frame.fbb34ef6.js	529 kB	2023-03-13	2023-03-13
Pretty URL js.intercomcdn.com/frame.fbb34ef6.js IP 54.230.111.62 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:34:10 Last Seen2023-03-13 13:12:25 Times Seen1 Hash 06b508c20e337fb92ce909e21f092a3a 86237fd5fa3b1443731a47ba33077634e5f779a0 235b654f9df1ffb35a1e2be64d1023c0f40204cc248a528f2190a960d5f8cd06 Loading...

	c.evidon.com/sitenotice/3401/translations/en.js	41 kB	2023-03-08	2023-03-14
Pretty URL c.evidon.com/sitenotice/3401/translations/en.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:03:09 Last Seen2023-03-14 06:57:53 Times Seen1 Hash 92ddb3e3355b422d8513e225548bbf64 0d9a331620a7153aa3c70f20fbda54bdc7ed2b8c 83798cc9c57adec03a4547e9cec6a563696f0318ec6e0f885d325e226c34fe06 Loading...

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js	6.7 MB	2023-03-13	2023-03-13
Pretty URL d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js IP 54.230.245.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:54:21 Last Seen2023-03-13 12:58:02 Times Seen1 Hash 541499a7c6232962f0ee58eb3f3b2636 fa6b7ef27a31f7022297703b9b9ad163b827edf2 0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-26 21:39:39 Times Seen14334 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (65)

	URL	IP	Response	Size
	docsend.com/presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=https://docsend.com/view/nkbutbsbr9kvm9q4	3.220.57.224	301 Moved Permanently	0 B
URL HTTP/1.1 docsend.com/presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=https://docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=https://docsend.com/view/nkbutbsbr9kvm9q4 HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 02:44:45 GMT Content-Type: text/html Transfer-Encoding: chunked Location: https://docsend.com/presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=https://docsend.com/view/nkbutbsbr9kvm9q4 Via: 1.1 vegur`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5702 Expires: Tue, 31 Jan 2023 04:19:47 GMT Date: Tue, 31 Jan 2023 02:44:45 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7828 Expires: Tue, 31 Jan 2023 04:55:13 GMT Date: Tue, 31 Jan 2023 02:44:45 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3155 Expires: Tue, 31 Jan 2023 03:37:20 GMT Date: Tue, 31 Jan 2023 02:44:45 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 31 Jan 2023 02:43:15 GMT content-type: application/json age: 90 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: fDNh5GMZeECxc0ckvTsT00MPbCc3jsGRthMxbm2xZ3dh+NbS/EM5GLMrm1tQ7iqRWSMAvbl6GTk= x-amz-request-id: WPF6P7KQB9PS281A content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 31 Jan 2023 02:22:02 GMT age: 1363 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 31 Jan 2023 02:44:45 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 31 Jan 2023 02:41:41 GMT age: 185 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 88759fe296f6aeb911b37dd6654cfa79 9f91a8204832a000d2b5d2133f3f06b7fdbc9b41 6bc130fc0bb8693bc317f9229c6f0b891538722838f3e7b7af5338adccd1e6c1 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 02:44:46 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Fri, 27 Jan 2023 15:57:46 GMT Expires: Fri, 03 Feb 2023 15:57:45 GMT Etag: "9f91a8204832a000d2b5d2133f3f06b7fdbc9b41" Cache-Control: max-age=306178,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 791f1b7b6a12b524-OSL`

	docsend.com/presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=https://docsend.com/view/nkbutbsbr9kvm9q4	3.220.57.224	302 Found	121 B
URL HTTP/1.1 docsend.com/presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=https://docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document, ASCII text, with no line terminators Size 121 B (121 bytes) Hash df06740af50322f85f8a5961c77146d9 95f3f9dcb1569ba1e9aa6dda5207a2d6f7c6437c c47c6c42b88091fca43148b72845c881ad6984868d96e4ba97e06ff55ec12233 HTTP Headers GET /presentation_users/ektNrxSAbzu-Mnk9-4Ft?redirect_url=https://docsend.com/view/nkbutbsbr9kvm9q4 HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 302 Found Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 02:44:46 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Location: https://docsend.com/view/nkbutbsbr9kvm9q4 Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-3VIblstVHgn6QNwsE2l7vQ=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend Set-Cookie: _dss_=d84f71e494169700b5e7a2535cab6c6a; domain=.docsend.com; path=/; secure; HttpOnly; SameSite=None X-Request-Id: 75797bb6-0cba-46f2-9614-33203e7b1b0b X-Runtime: 0.014406 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6433 Expires: Tue, 31 Jan 2023 04:31:59 GMT Date: Tue, 31 Jan 2023 02:44:46 GMT Connection: keep-alive`

	docsend.com/view/nkbutbsbr9kvm9q4	3.220.57.224	200 OK	10 kB
URL HTTP/1.1 docsend.com/view/nkbutbsbr9kvm9q4 IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5461) Size 10 kB (10340 bytes) Hash a98257771a608bcddfe6eb374ebf15b4 cbd1770ee4f18f411f13683ca2110a0e93b7e012 6caf4d2e670445dd38718854fd954965e8ecf6e30a668341d3e710c34242ba66 HTTP Headers `GET /view/nkbutbsbr9kvm9q4 HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: _dss_=d84f71e494169700b5e7a2535cab6c6a Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 02:44:46 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"a5afa286e94b7048c51c954a048d8fc7" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-xiDoHf+VEcb9Ed96ahDzbQ=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=NrT7zNe6bFYlEBsGsLc8FPgE665uauIr0GgD7c8M1Ad%2F4geO9F4bTTsjCLdjdv3l%2BNqZG%2F7qRN8FodiRZH2PaKqCcocCwO6uRfD9k9o%3D--kVJwqWwh9MjNZNR2--lPs2I9K0QbpfMOdVS%2BZV4w%3D%3D; domain=.docsend.com; path=/; expires=Wed, 31 Jan 2024 02:44:46 GMT; SameSite=None; secure _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; domain=.docsend.com; path=/; expires=Sat, 31 Jan 2043 02:44:46 GMT; SameSite=None; secure X-Request-Id: b67722ab-c947-4e78-ae06-4f2d37abac9c X-Runtime: 0.102235 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0eb66930e11b4cee549c0ab39439df6513d5aab8c0554402d08fcf628af4cba3.css	54.230.245.17	200 OK	23 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0eb66930e11b4cee549c0ab39439df6513d5aab8c0554402d08fcf628af4cba3.css IP 54.230.245.17:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 23 kB (22857 bytes) Hash 0cf1324419417bc9bc7bc3cb4a50201d 92caf4d9d337524c8954362002d2ebbc64923050 1375205f11e083337fdcdaa5ac87d54cc0f5586978431f2a56aafd9950f414d7 HTTP Headers `GET /assets/javascripts/presentation-0eb66930e11b4cee549c0ab39439df6513d5aab8c0554402d08fcf628af4cba3.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 19:51:26 GMT Last-Modified: Mon, 30 Jan 2023 18:31:00 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: QDwb7H3U4vC43zpu7RFYPLTxT2TfdK8pL0aRVNSw0uH-CMwzJn0ucQ== Age: 24800

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js	54.230.245.17	200 OK	14 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js IP 54.230.245.17:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (14736) Size 14 kB (13825 bytes) Hash ed9204d670692e09b867117540c8acd3 e516b64ff05a746bf06fb7b383265da4f1a5ebc3 2f11a68bf2582dc6168f2cb79b8ae7f9dc98c6baa4899f82fa7c46c9208145b2 HTTP Headers `GET /assets/javascripts/error_handling-0d3a419bf9bcedf54db0fb0248ca16321115e07e4491dd708c1e31b615ec4b2d.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Wed, 25 Jan 2023 19:30:47 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) Content-Encoding: br Date: Mon, 30 Jan 2023 16:37:20 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: z2n5IvhY-MX4MbUZ0oD-ALIGchhxn0H14XWIziGpIYTDPSSW8DfRgQ== Age: 36446

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js	54.230.245.17	200 OK	3.2 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js IP 54.230.245.17:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (9565) Size 3.2 kB (3193 bytes) Hash f622f0a92703633048ac20c369455647 59f57af8ddca36af55e8cb3dabeafeae2fec3099 5f10b8439e0a87914cd07a4cc66cfdd549e4e6ae15c275dbf6011851bb344f5e HTTP Headers `GET /assets/javascripts/langpacks/en-0c44cecaf6a85c19442cf8aa2dd490db2352ed810a4b889d8a4a5aac40f3eaa7.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Wed, 25 Jan 2023 19:30:47 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) Content-Encoding: gzip Date: Mon, 30 Jan 2023 10:46:21 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: LYTDZPL-ZKqrMlcT5tDk6TVnFFfjppU0VOXfezfxgRXgfZp9FEfS7w== Age: 57505

	d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css	54.230.245.17	200 OK	948 B
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css IP 54.230.245.17:0 ASN #16509 AMAZON-02 File type exported SGML document, ASCII text Size 948 B (948 bytes) Hash a7ace942f4f580ee5902c36fed888af9 ca1c01b03c6763b0f458af9eea82b8f00b430141 514da21f8d0805b785cf184f4beaa6bc62f6c6de58fd489f7d9f52e9087b62e0 HTTP Headers `GET /assets/ie_specific_hacks_v2.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Fri, 27 Jan 2023 01:55:30 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) Content-Encoding: br Date: Tue, 31 Jan 2023 01:35:02 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 5fVdX2UBXHAPFLgBofiaV7diDkov_19P0lvSMsmUu1jGceAzniu4-Q== Age: 71669

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 02:44:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js	54.230.245.17	200 OK	2.0 MB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js IP 54.230.245.17:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 2.0 MB (1992372 bytes) Hash 6a7df41ea631df863d727d283d5a3044 5a4e48558aebcd0732db42cec81082f33d10b945 7d755445393917842e839025bd7d6cdb7d0ac9b57969a6e987f5da7db821d76c HTTP Headers `GET /assets/javascripts/presentation-0874d164630ef61a8e9a0a22c69ce5173eedee3efc2b6099f3bc21501797defd.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 20:03:17 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Mon, 30 Jan 2023 19:28:06 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: zoi34Aop91viu3JLU8uCp0_ohmP_EoE3mqbrd0fWB67xcBT5O_Tk6g== Age: 24088

	push.services.mozilla.com/	52.39.110.92	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.39.110.92:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 0GqjsKEqLK/eOJr9Wy2Cqw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ulZbhV18VfRg8YeHjnmMs7DbYic=`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash a61d61b14d150bff3ab7f5930faf0a54 09ffdc0ef4c360e0002f44f4eda0c38b166379c4 df135509ac47482922e5a722824f2fb1075c14b853735d99d55c5d26a1987144 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6080 Cache-Control: max-age=115425 Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 02:44:46 GMT Etag: "63d788c0-1d7" Expires: Wed, 01 Feb 2023 10:48:31 GMT Last-Modified: Mon, 30 Jan 2023 09:07:12 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 471`

	fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic	142.250.74.106	200 OK	1.3 kB
URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 1.3 kB (1348 bytes) Hash 8724a67f4d05e0bed661dbedbca578bc 0c800c23a798d6b31aa847bc89e2d1ed9d8882fb 6f6392e55f8cb4702fe18f2aec55935fb13958460e69e2afecc2ab95b83a7542 HTTP Headers `GET /css?family=Open+Sans:700,600,400,400italic,300,300italic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 31 Jan 2023 02:44:46 GMT date: Tue, 31 Jan 2023 02:44:46 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2	54.230.245.153	200 OK	46 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 IP 54.230.245.153:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 46188, version 1.66\012- data Size 46 kB (46188 bytes) Hash dfc5e24cbc1b134e0c00c61e84ec999a d3b1a8ef1d0f6f9162986479252570525719f203 b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3 HTTP Headers GET /assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 46188 Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 19:51:41 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) Vary: Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: zWi5h4PTFn69pyHYlp-269dqbsZXotHz6PO_JyS28qC_jXEMqj6EpQ== Age: 24786

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2	54.230.245.153	200 OK	43 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 IP 54.230.245.153:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 43308, version 1.66\012- data Size 43 kB (43308 bytes) Hash 93b6f18ec99bcb7c3fa7ea570a75e240 60b9e3062fe532cbc18b897fac542c56a03544c7 43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db HTTP Headers GET /assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 43308 Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 19:51:40 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) Vary: Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: lRcxEqoNjwYlSZulcisbv8c47l8HH1Z4ccTALx_vduxsRNfgdkRrLA== Age: 24787

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js	104.16.99.29	200 OK	66 kB
URL HTTP/2 cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js IP 104.16.99.29:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (43532), with LF, NEL line terminators Size 66 kB (66051 bytes) Hash 341ed509e25a5617c4cec6ebf7d2c975 050c48ebede9daaf897cf2ba72be1e8e52f45aa0 238dffb3b38bbdf5e049d7af53c1d99964fe71ced1da5647b3aadb2585fbba1d HTTP Headers `GET /static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js HTTP/1.1 Host: cfl.dropboxstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://docsend.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 31 Jan 2023 02:44:47 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding last-modified: Wed, 18 Jan 2023 04:57:33 GMT x-dropbox-request-id: ec456f95d53725edb88a560cd9b26fca x-content-type-options: nosniff x-cached: HIT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public, immutable access-control-allow-origin: * timing-allow-origin: https://www.dropbox.com cf-cache-status: HIT age: 1071401 server: cloudflare cf-ray: 791f1b838d4cb524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4070 Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-857VqF4FVF3r+RRVwWls' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-857VqF4FVF3r+RRVwWls' 'nonce-+OOSznlNhBb5CRB2Kkc3' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MTQ2MDYwNTIxMjAxODI2MjUyNTAyMzkyMDM0MTIwMjMxODg0NDQy; expires=Sun, 30 Jan 2028 02:44:47 GMT; HttpOnly; Path=/; SameSite=None; Secure t=NLUvS0VXS3D0a11nKMyl_cRs; Domain=dropbox.com; expires=Fri, 30 Jan 2026 02:44:47 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=NLUvS0VXS3D0a11nKMyl_cRs; expires=Fri, 30 Jan 2026 02:44:47 GMT; Path=/; SameSite=None; Secure __Host-ss=xNARje0Kmo; expires=Fri, 30 Jan 2026 02:44:47 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 02:44:47 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 31 Jan 2023 02:44:47 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 6f2c58bbff8f4fb8a04ef2d247a05da9 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2766 Expires: Tue, 31 Jan 2023 03:30:53 GMT Date: Tue, 31 Jan 2023 02:44:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2766 Expires: Tue, 31 Jan 2023 03:30:53 GMT Date: Tue, 31 Jan 2023 02:44:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2765 Expires: Tue, 31 Jan 2023 03:30:53 GMT Date: Tue, 31 Jan 2023 02:44:48 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg	34.120.237.76	200 OK	9.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.7 kB (9700 bytes) Hash 1e575f4c5e3aa793f846cadc8baf386c f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d 09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9700 x-amzn-requestid: 059475a7-d7de-4a44-9fc7-11fb24e201b6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffB_9G8DIAMF64A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e399-57fea3031d1e93ec02308fac;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:17 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: vzubP2I1xR5NF1amWIPiIlp6yPykWhz-CEbwDiJOs-eTWkTE-fvfjA== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 04:12:11 GMT age: 81157 etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11129 bytes) Hash 2797bfd35b7ec24888de84be14f7f2ec 8e315ac5856967286eaa8769e081d827fb4ca39e b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11129 x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffDBZGRPoAMFedg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lJril-pCQ3MCMoVEFu3kmDuv4T1ABYMFJTuC5dbwxGe1_ydrbUkt8Q== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 03:40:12 GMT age: 83076 etag: "8e315ac5856967286eaa8769e081d827fb4ca39e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2	54.230.245.153	200 OK	45 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2 IP 54.230.245.153:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 45008, version 1.66\012- data Size 45 kB (45008 bytes) Hash 38846f0a3b6bb0b9d1b4f21b61e57c54 8893fa19d5550ae165dcdee85935d67677e5888d 39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff HTTP Headers GET /assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 45008 Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 19:53:59 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) Vary: Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: HwxdTCD646uthowDdWsjOY7PzRK3yoyvDa0YNvJwlzsu2cY3tGOvOg== Age: 24649

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6844 bytes) Hash 976dda397f9292a498ca9db5599c0378 dad9e9c3462907a2475046aee36d57f8309cd44e 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6844 x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flZsxH0YIAMF9ew= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:53:29 GMT age: 3079 etag: "dad9e9c3462907a2475046aee36d57f8309cd44e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2765 Expires: Tue, 31 Jan 2023 03:30:53 GMT Date: Tue, 31 Jan 2023 02:44:48 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg	34.120.237.76	200 OK	9.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.6 kB (9600 bytes) Hash 3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9600 x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVsWcFN7IAMF2pg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 22:03:23 GMT age: 16885 etag: "7da46843b6d885f38a4759a08e6c899906ab7b97" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2765 Expires: Tue, 31 Jan 2023 03:30:53 GMT Date: Tue, 31 Jan 2023 02:44:48 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (9987 bytes) Hash 2c4934be94898028e2ab696561b51462 6cf734e2d29938688913daacfb75506d8e004a94 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9987 x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flYlPF9uIAMFXMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:58:16 GMT age: 2792 etag: "6cf734e2d29938688913daacfb75506d8e004a94" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	widget.intercom.io/widget/lv6lji7h	54.230.111.86	200 OK	6.0 kB
URL HTTP/2 widget.intercom.io/widget/lv6lji7h IP 54.230.111.86:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (18637), with no line terminators Size 6.0 kB (6045 bytes) Hash 24aab96aff3343df9e7467a79e7eec9d 47b6f98b6f6b78486a6af662516b87e5b784f305 13dea13d5b7c3e74a5a3965cc47a14c6d7255b5fff485c757153d2f28c7bb574 HTTP Headers `GET /widget/lv6lji7h HTTP/1.1 Host: widget.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 6045 last-modified: Mon, 30 Jan 2023 15:40:32 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: DIbeuJuxxULyYbi.xge5eXKeR7Dxq8PO accept-ranges: bytes server: AmazonS3 date: Tue, 31 Jan 2023 02:28:35 GMT cache-control: max-age=900, s-maxage=900, public etag: "24aab96aff3343df9e7467a79e7eec9d" x-cache: Error from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: mHqHtN6dJkgg33q_lTN8087u96DeoG7fGIJOdvp7qDuE-yavu66CWA== age: 975 vary: Accept-Encoding, Origin X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12906 bytes) Hash cbc9f50b0a96fb69fa2e948aa3125413 e7f13a6e81263e73ac5777959d63b567f50848d5 2e3411687a31211dbf0aa732f8d93a3c5a4748afb264e695d36782700c8e8b5d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12906 x-amzn-requestid: 4d09cdf1-2b4b-4f72-a313-caf6660774d7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVsLoHaHIAMF1uQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d22717-7074bd5202e3aced21ac49e3;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ZkPnGMNVHQUSKvsqXZajTFA6FiOiZvSXHU6QN8zbCrSXKKmSdCWVqQ== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 22:47:13 GMT age: 14255 etag: "e7f13a6e81263e73ac5777959d63b567f50848d5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	docsend.com/metrics/events	3.220.57.224	204 No Content	0 B
URL HTTP/1.1 docsend.com/metrics/events IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/events HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-data; boundary=---------------------------41172073803958576699555592688 Content-Length: 1080 Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/view/nkbutbsbr9kvm9q4 Cookie: _dss_=d84f71e494169700b5e7a2535cab6c6a; _v_=NrT7zNe6bFYlEBsGsLc8FPgE665uauIr0GgD7c8M1Ad%2F4geO9F4bTTsjCLdjdv3l%2BNqZG%2F7qRN8FodiRZH2PaKqCcocCwO6uRfD9k9o%3D--kVJwqWwh9MjNZNR2--lPs2I9K0QbpfMOdVS%2BZV4w%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 02:44:48 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-F/OEeAvbXK4vyJTWR8Wi4A=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: 25056846-cd90-4458-aeb9-407ef197f87f X-Runtime: 0.066866 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	js.intercomcdn.com/vendor.093ba5d6.js	54.230.111.62	200 OK	108 kB
URL HTTP/2 js.intercomcdn.com/vendor.093ba5d6.js IP 54.230.111.62:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (65431) Size 108 kB (108273 bytes) Hash b07617332a2da4edc9e0f73e8c835864 e216fd88984adb61c529de4ca3ae057184307bb2 0119b8c48940d6be3916419cd80b7446fa81ee2c764dd80533d431213a822849 HTTP Headers `GET /vendor.093ba5d6.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 108273 last-modified: Mon, 30 Jan 2023 15:38:46 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: 68hR4SddAYJ4YSqUMfba8rnYV7YKVEHn accept-ranges: bytes server: AmazonS3 date: Tue, 31 Jan 2023 01:40:45 GMT cache-control: max-age=31536000, s-maxage=7200, public etag: "b07617332a2da4edc9e0f73e8c835864" x-cache: Hit from cloudfront via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: M6pOgC7oaKfxiaYMejjibiAgNrRRnvGtfjUhBaz1PS-vuX9qU17s-Q== age: 3843 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	js.intercomcdn.com/frame.fbb34ef6.js	54.230.111.62	200 OK	140 kB
URL HTTP/2 js.intercomcdn.com/frame.fbb34ef6.js IP 54.230.111.62:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 140 kB (139558 bytes) Hash ea3c12adaa12bd8fb5867282760e2cdd 495b1d4287d7e711466a39798619d6fcc5b031a5 9a562ebf81c89d45037ce28c17a355c9ba927da022773034610df99b0b9ea075 HTTP Headers `GET /frame.fbb34ef6.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 139558 last-modified: Mon, 30 Jan 2023 15:38:45 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: 7K6VqwgzK_n3ve6z1HwUeE_tIW2SDzf9 accept-ranges: bytes server: AmazonS3 date: Tue, 31 Jan 2023 01:40:45 GMT cache-control: max-age=31536000, s-maxage=7200, public etag: "ea3c12adaa12bd8fb5867282760e2cdd" x-cache: Hit from cloudfront via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: nKnq4i39q_6RW2uPmWZDtSm9E4NWBFz-B3PuhBW926TC4K29vku8Aw== age: 3843 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	docsend.com/metrics/properties	3.220.57.224	204 No Content	0 B
URL HTTP/1.1 docsend.com/metrics/properties IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/properties HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: sL3Ygzv393ItuaBWSLZE4OKFbAsGJBylzat+CyWvuInHOdbfKRXzapT7O9NULAxtnwBCwigCh6mSjmKfwVZjzg== X-Requested-With: XMLHttpRequest Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/view/nkbutbsbr9kvm9q4 Cookie: _dss_=d84f71e494169700b5e7a2535cab6c6a; _v_=NrT7zNe6bFYlEBsGsLc8FPgE665uauIr0GgD7c8M1Ad%2F4geO9F4bTTsjCLdjdv3l%2BNqZG%2F7qRN8FodiRZH2PaKqCcocCwO6uRfD9k9o%3D--kVJwqWwh9MjNZNR2--lPs2I9K0QbpfMOdVS%2BZV4w%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Content-Length: 0 HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 02:44:48 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-IcD4DRYOFi2HXUKAq9SLpw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: fa63436c-6e1e-4e47-a3ff-b6ce6b72b16b X-Runtime: 0.009454 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 9d2e5de2af61e960cd58ae76b5f3475f 23a536c1b791ba9de431bde64ec38e8c86792abe 9ea3f76fe2ad1017774894b7f1ab4045772df73ff98caca6162bad771fe4d59b HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6376 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 02:44:48 GMT Etag: "63d7b2ee-1d7" Last-Modified: Tue, 31 Jan 2023 00:58:32 GMT Server: ECS (amb/6B98) X-Cache: HIT Content-Length: 471`

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false	54.230.111.120	200 OK	854 B
URL HTTP/2 consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false IP 54.230.111.120:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text Size 854 B (854 bytes) Hash dc63fb23d6563676b3090bae3f02ccde dd6c4202705f760dd5744caee7ccb31f703fc880 c8bce4b4bc1b212ffc445ae939680990a6f4b23eed318c8b9a7f1e21facd1ab1 HTTP Headers GET /?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false HTTP/1.1 Host: consent.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://docsend.com/ Connection: keep-alive Cookie: t=qQpApJ_-BU0LLDnggYU3NpL5; locale=en Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/html content-length: 854 last-modified: Tue, 06 Sep 2022 19:00:36 GMT x-amz-version-id: jF1fSWiqtJx.5E0VeuXfyr4mbqFqvdbZ server: AmazonS3 date: Mon, 30 Jan 2023 05:51:59 GMT etag: "dc63fb23d6563676b3090bae3f02ccde" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: b2lX6OY1fIDcBjQCXRbNlWTCRanJB2Rxa8dDJqBT4KZVetf5ytTEdA== age: 75170 X-Firefox-Spdy: h2`

	ocsp.sca1b.amazontrust.com/	54.230.245.110	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.110:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 61fca20c48f76c99be770c330932e1ff e6a52723f21b357bc4ea0f1e5e4f0dcfe9e28e19 96fdb3fd6eea1a0013763a862160098b54b9efdc06004f7ad0967c146e368ef5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 02:44:48 GMT Last-Modified: Tue, 31 Jan 2023 00:55:38 GMT Server: ECS (nyb/1D07) X-Cache: Miss from cloudfront Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 8YLUmIdKrpUSZ-AB51tT20FJJeRMAyV6uuaPZ994TKREhLjEW82Gig== Age: 6550`

	docsend.com/favicon-16x16.png	3.220.57.224	200 OK	393 B
URL HTTP/1.1 docsend.com/favicon-16x16.png IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 393 B (393 bytes) Hash a8c678babc40c4ac6d8c70fc560094d4 66002c0719ddbd75c837f5a939689ea6df13b6dc a3a247c77537c4c4fd58b68212a30df836bd05efa48d280d9c20b187f7ef7fb1 HTTP Headers GET /favicon-16x16.png HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/view/nkbutbsbr9kvm9q4 Cookie: _dss_=d84f71e494169700b5e7a2535cab6c6a; _v_=NrT7zNe6bFYlEBsGsLc8FPgE665uauIr0GgD7c8M1Ad%2F4geO9F4bTTsjCLdjdv3l%2BNqZG%2F7qRN8FodiRZH2PaKqCcocCwO6uRfD9k9o%3D--kVJwqWwh9MjNZNR2--lPs2I9K0QbpfMOdVS%2BZV4w%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 02:44:48 GMT Content-Type: image/png Content-Length: 393 Last-Modified: Mon, 30 Jan 2023 19:02:21 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur`

	docsend.com/favicon-196x196.png	3.220.57.224	200 OK	4.1 kB
URL HTTP/1.1 docsend.com/favicon-196x196.png IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data Size 4.1 kB (4131 bytes) Hash 6664c3890e329c7609151e0081f5e7cb 6216d5de79d8b245676a86f8b862880837345e2a 8a5ec44c12b172efd970c30a7414ccb37bbb09a2932816826111dfa36509e568 HTTP Headers GET /favicon-196x196.png HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/view/nkbutbsbr9kvm9q4 Cookie: _dss_=d84f71e494169700b5e7a2535cab6c6a; _v_=NrT7zNe6bFYlEBsGsLc8FPgE665uauIr0GgD7c8M1Ad%2F4geO9F4bTTsjCLdjdv3l%2BNqZG%2F7qRN8FodiRZH2PaKqCcocCwO6uRfD9k9o%3D--kVJwqWwh9MjNZNR2--lPs2I9K0QbpfMOdVS%2BZV4w%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 31 Jan 2023 02:44:48 GMT Content-Type: image/png Content-Length: 4131 Last-Modified: Mon, 30 Jan 2023 19:02:21 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur`

	d.dropbox.com/crashdash/proxy/sessions	162.125.7.20	200 OK	0 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.7.20:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Referer: https://docsend.com/ Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods: POST access-control-allow-origin: * content-length: 0 date: Tue, 31 Jan 2023 02:44:48 GMT server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: 3d4b13ece9df40e684b8da5f19d90f3f X-Firefox-Spdy: h2`

	www.dropbox.com/pithos/privacy_consent_service	162.125.71.18	307 Temporary Redirect	55 kB
URL HTTP/2 www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18:0 ASN #19679 DROPBOX File type data Size 55 kB (54646 bytes) Hash 1b3f93f143083d201a8481d212b8dde5 eeeeee9e3b9382e6a105b1c39775ad906d143eea 917d4dcef56d472065e9e7a61b47cac282706c441849a67cc5c20888336a1d60 HTTP Headers GET /pithos/privacy_consent_service HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Cookie: gvc=MjMzOTMwMzI4MTAyNDIxNjQwOTQ2Mjc5MzYyNTAwMDg2NzIwNDAx; t=qQpApJ_-BU0LLDnggYU3NpL5; __Host-js_csrf=qQpApJ_-BU0LLDnggYU3NpL5; locale=en; __Host-logged-out-session=ChC2EB4K6XkM4okX68VTmgV+EJ+B4p4GGi5BRm5Xb2twNjQ0OW1sOGxFMENKYndLSXd1M3FySWtvNl9TZEhYbE1xS1VXSjBR Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 307 Temporary Redirect cache-control: no-cache,no-cache, no-store content-security-policy: sandbox location: https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service referrer-policy: strict-origin-when-cross-origin set-cookie: t=qQpApJ_-BU0LLDnggYU3NpL5; Domain=dropbox.com; expires=Fri, 30 Jan 2026 02:44:48 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=qQpApJ_-BU0LLDnggYU3NpL5; expires=Fri, 30 Jan 2026 02:44:48 GMT; Path=/; SameSite=None; Secure __Host-ss=JKeVTmYxfE; expires=Fri, 30 Jan 2026 02:44:48 GMT; HttpOnly; Path=/; SameSite=Strict; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/html; charset=utf-8 date: Tue, 31 Jan 2023 02:44:48 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 4bc969623f184b93b456e001a23d698d X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/translations/en.js	104.88.23.136	200 OK	6.4 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/translations/en.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (41349), with no line terminators Size 6.4 kB (6406 bytes) Hash 7cdb0408336768c3c8697de7fe062fed 455d1237f3256aba83c5102b10212f8bc767bf22 f5c051f3693f6e0a92a0576bbdc74de8c243ec02c5232e49c919999fe1c79ece HTTP Headers `GET /sitenotice/3401/translations/en.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "92ddb3e3355b422d8513e225548bbf64:1664899591.798772" last-modified: Tue, 04 Oct 2022 16:06:31 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 02:44:48 GMT date: Tue, 31 Jan 2023 02:44:48 GMT content-length: 6406 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/snthemes.js	104.88.23.136	200 OK	5.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/snthemes.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (65536), with no line terminators Size 5.7 kB (5695 bytes) Hash 9a975aa3305c4011b3e07119d2376913 4545dc0986810ba851360f910219b34ce7c4446d 400f7ad9cb8378b5839d4f3449381d936f37fd0762f8507d283304c82068d122 HTTP Headers `GET /sitenotice/3401/snthemes.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "0e8f664fca39681028b4b07b5be34f2d:1659131785.898398" last-modified: Fri, 29 Jul 2022 21:56:25 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 02:44:48 GMT date: Tue, 31 Jan 2023 02:44:48 GMT content-length: 5695 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/dropbox/settings.js	104.88.23.136	301 Moved Permanently	0 B
URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settings.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /sitenotice/3401/dropbox/settings.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 301 Moved Permanently server: AkamaiGHost content-length: 0 location: https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js date: Tue, 31 Jan 2023 02:44:48 GMT vary: Origin cache-control: max-age=432000, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2`

	c.evidon.com/sitenotice/3401/dropbox/settingsV2.js	104.88.23.136	200 OK	1.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settingsV2.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (5082), with no line terminators Size 1.7 kB (1691 bytes) Hash 181b62cb4ca1877b5952d8864d1ddb04 ebae59485369852733c2648e907227b2a7666bc5 425ce9a30e4efd92bce6af1d1c99a07a276691e091e66dccb9c50746a1830e0f HTTP Headers `GET /sitenotice/3401/dropbox/settingsV2.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "7119db14253f426ac1ed52da3fd5d054:1662485692.434043" last-modified: Tue, 06 Sep 2022 17:34:52 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 02:44:48 GMT date: Tue, 31 Jan 2023 02:44:48 GMT content-length: 1691 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/evidon-banner.js	104.88.23.136	200 OK	3.5 kB
URL HTTP/2 c.evidon.com/sitenotice/evidon-banner.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (12607), with no line terminators Size 3.5 kB (3535 bytes) Hash 304674456118422bd448366f7bb05879 c6549199a4fb419c05a3513238a89002307034b9 29f57f0aeee0a530b881df6908e653f58c6d570b05174b2e1a6bba2a75c4e068 HTTP Headers `GET /sitenotice/evidon-banner.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "953f08dcce4b8af3f743056f673c8514:1671558610.744236" last-modified: Tue, 20 Dec 2022 17:50:10 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Feb 2023 02:44:48 GMT date: Tue, 31 Jan 2023 02:44:48 GMT content-length: 3535 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4070 Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-As+MlPhsomOnC5w2xML6' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-As+MlPhsomOnC5w2xML6' 'nonce-xwvK1/lY1NcAhYVIeV5R' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MTcyMTIwMTkwNjEwMjcxMzM4NDkzOTYyNjgzMjEyMjI0MzU4NzEx; expires=Sun, 30 Jan 2028 02:44:48 GMT; HttpOnly; Path=/; SameSite=None; Secure t=TQCuAQ263__IwmE5hBuzu7Vv; Domain=dropbox.com; expires=Fri, 30 Jan 2026 02:44:48 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=TQCuAQ263__IwmE5hBuzu7Vv; expires=Fri, 30 Jan 2026 02:44:48 GMT; Path=/; SameSite=None; Secure __Host-ss=KRHA7sWWYw; expires=Fri, 30 Jan 2026 02:44:48 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 02:44:48 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 31 Jan 2023 02:44:48 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: d57713c836b24a9b9bda855d296d1929 X-Firefox-Spdy: h2

	d.dropbox.com/crashdash/proxy/sessions	162.125.7.20	202 Accepted	21 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.7.20:0 ASN #19679 DROPBOX File type JSON data\012- , ASCII text, with no line terminators Size 21 B (21 bytes) Hash 1807ffa1d44e667592a0f91c668ba65b 4d48849fa0f6917c9c57ed958680e9a1e722382b 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a HTTP Headers POST /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Bugsnag-Api-Key: 0bca6a0a-c303-4b27-84cb-60ebe421858a Bugsnag-Payload-Version: 1 Bugsnag-Sent-At: 2023-01-31T02:45:01.817Z Content-Length: 514 Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 202 Accepted access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 bugsnag-session-uuid: ed68e015-6c7d-4afd-ad67-a4a6e9f8ada0 content-security-policy: sandbox; default-src 'none'; frame-ancestors 'none' content-type: application/json date: Tue, 31 Jan 2023 02:44:48 GMT referrer-policy: strict-origin-when-cross-origin via: 1.1 google x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 21 server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: 3ccbb7e1123043d3ad969eadcde0e94f X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.110	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.110:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 711e853a200253c8956910d282e33eb3 4d9bccb4a8987e4674f8d6f9fcc2165c5e8c64aa f2b1bf68b7ce62f781d12a35642d7916b4d9ac759748a57095a72d4f0ddfea08 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=132343 Date: Tue, 31 Jan 2023 02:44:49 GMT Etag: "63d7da51-1d7" Expires: Wed, 01 Feb 2023 15:30:32 GMT Last-Modified: Mon, 30 Jan 2023 14:55:13 GMT Server: ECS (nyb/1D34) X-Cache: Miss from cloudfront Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: Oesm0YvYcmenke9SQxqBKZF4oCrb6VYaDubLnj37sF6Bz9HIBVQ5Yw== Age: 2119

	ocsp.sca1b.amazontrust.com/	54.230.245.110	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.110:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 711e853a200253c8956910d282e33eb3 4d9bccb4a8987e4674f8d6f9fcc2165c5e8c64aa f2b1bf68b7ce62f781d12a35642d7916b4d9ac759748a57095a72d4f0ddfea08 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=136782 Date: Tue, 31 Jan 2023 02:44:49 GMT Etag: "63d7da51-1d7" Expires: Wed, 01 Feb 2023 16:44:31 GMT Last-Modified: Mon, 30 Jan 2023 14:55:13 GMT Server: ECS (nyb/1D04) X-Cache: Miss from cloudfront Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: EJsq1NHYBs6-RH7YkEc7rOs4KHki6zLPY742_oRVJrG2YMgQ3cowoQ== Age: 6558

	l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F	54.84.70.3	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F IP 54.84.70.3:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Tue, 31 Jan 2023 02:44:49 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F	54.84.70.3	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F IP 54.84.70.3:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Tue, 31 Jan 2023 02:44:49 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	api-iam.intercom.io/messenger/web/ping	44.195.164.63	200 OK	1.4 kB
URL HTTP/2 api-iam.intercom.io/messenger/web/ping IP 44.195.164.63:0 ASN #14618 AMAZON-AES File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3114), with no line terminators Size 1.4 kB (1431 bytes) Hash 4a82b82edcaacd924da86f2f4dbd50d9 a36f7508b56b4687ff5344d86d832f506db12982 1ea46fa9185d65fa4924c91bdad4860dd8f85868c6936720e74d991fbe493f43 HTTP Headers `POST /messenger/web/ping HTTP/1.1 Host: api-iam.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 354 Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 31 Jan 2023 02:44:49 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate x-ratelimit-limit: 13333 x-ratelimit-reset: 1675133090 strict-transport-security: max-age=31556952; includeSubDomains; preload x-ratelimit-remaining: 13306 access-control-allow-origin: https://docsend.com vary: Accept,Accept-Encoding x-intercom-version: bd233b7eb410a22f85d87b88ae293e0f0a445685 x-xss-protection: 1; mode=block content-encoding: gzip x-request-id: 0001d8v2tqd671cfd1mg access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA access-control-allow-credentials: true access-control-allow-methods: POST, GET, OPTIONS etag: W/"6e10f836af590d2e85b7caa7520c6ec6" x-runtime: 0.299199 x-frame-options: SAMEORIGIN x-content-type-options: nosniff server: nginx x-ami-version: ami-097189092b4216679 X-Firefox-Spdy: h2

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4070 Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-RxWDLWrIuv0JdWDIULwB' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-RxWDLWrIuv0JdWDIULwB' 'nonce-2hS0YjN+PPj1Zgl+guMm' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MjE3ODQ3NjM2MTc5OTgyMzg3ODE2ODY1NTY0NjA3MjEzNTAwMzg0; expires=Sun, 30 Jan 2028 02:44:50 GMT; HttpOnly; Path=/; SameSite=None; Secure t=glGH7zpbiG0d-RK1rkbhQYSq; Domain=dropbox.com; expires=Fri, 30 Jan 2026 02:44:50 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=glGH7zpbiG0d-RK1rkbhQYSq; expires=Fri, 30 Jan 2026 02:44:50 GMT; Path=/; SameSite=None; Secure __Host-ss=W_r0_FVnUk; expires=Fri, 30 Jan 2026 02:44:50 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 02:44:50 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 31 Jan 2023 02:44:50 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 495975c208204771a2686610c977ed86 X-Firefox-Spdy: h2

	d2qvtfnm75xrxf.cloudfront.net/assets/stylesheets/presentation-4f12bfe5843f84f521b88f361f82c590c862049524a9b697dd7b6ab8449d6680.css	54.230.245.17	200 OK	0 B
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/stylesheets/presentation-4f12bfe5843f84f521b88f361f82c590c862049524a9b697dd7b6ab8449d6680.css IP 54.230.245.17:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /assets/stylesheets/presentation-4f12bfe5843f84f521b88f361f82c590c862049524a9b697dd7b6ab8449d6680.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Mon, 30 Jan 2023 19:51:25 GMT Last-Modified: Thu, 26 Jan 2023 18:57:14 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 3l6LEJLp5IkV_258GLGawXVJyeH1wV-Pi1nUkDxfTZAfYe9zdhFNvQ== Age: 24800

	www.dropbox.com/pithos/privacy_consent	162.125.71.18	307 Temporary Redirect	0 B
URL HTTP/2 www.dropbox.com/pithos/privacy_consent IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers `GET /pithos/privacy_consent HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 307 Temporary Redirect cache-control: no-cache,no-cache, no-store content-security-policy: sandbox location: https://www.dropbox.com/pithos/host%3Adocsend.com/privacy_consent referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MjMzOTMwMzI4MTAyNDIxNjQwOTQ2Mjc5MzYyNTAwMDg2NzIwNDAx; expires=Sun, 30 Jan 2028 02:44:46 GMT; HttpOnly; Path=/; SameSite=None; Secure t=qQpApJ_-BU0LLDnggYU3NpL5; Domain=dropbox.com; expires=Fri, 30 Jan 2026 02:44:46 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=qQpApJ_-BU0LLDnggYU3NpL5; expires=Fri, 30 Jan 2026 02:44:46 GMT; Path=/; SameSite=None; Secure __Host-ss=JKeVTmYxfE; expires=Fri, 30 Jan 2026 02:44:46 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 02:44:46 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/html; charset=utf-8 date: Tue, 31 Jan 2023 02:44:46 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 44131f73e8314e2ba12fab2acf029d95 X-Firefox-Spdy: h2

	api-iam.intercom.io/messenger/web/ping	44.195.164.63	200 OK	0 B
URL HTTP/2 api-iam.intercom.io/messenger/web/ping IP 44.195.164.63:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers `POST /messenger/web/ping HTTP/1.1 Host: api-iam.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 467 Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 02:44:49 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate x-ratelimit-limit: 13333 x-ratelimit-reset: 1675133090 strict-transport-security: max-age=31556952; includeSubDomains; preload x-ratelimit-remaining: 13303 access-control-allow-origin: https://docsend.com vary: Accept,Accept-Encoding x-intercom-version: bd233b7eb410a22f85d87b88ae293e0f0a445685 x-xss-protection: 1; mode=block content-encoding: gzip x-request-id: 004fh61eqv1eoim3cb0g access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA access-control-allow-credentials: true access-control-allow-methods: POST, GET, OPTIONS etag: W/"db6b639a94ad92fd402901044acfc62b" x-runtime: 0.231410 x-frame-options: SAMEORIGIN x-content-type-options: nosniff server: nginx x-ami-version: ami-097189092b4216679 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL