detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 30 Jan 2023 19:38:22 GMT
Age: 71151
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
hellosign.com/integration
99.83.190.102301 Moved Permanently 166 B URL HTTP/1.1 hellosign.com/integration
IP 99.83.190.102:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /integration HTTP/1.1
Host: hellosign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 15:24:13 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://hellosign.com/integration
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18421
Expires: Tue, 31 Jan 2023 20:31:14 GMT
Date: Tue, 31 Jan 2023 15:24:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc987a1e19994b4f4f2b7831650797e3
b77e8942b6a11ae4e6095fd45198d5cb21f1fcab
fe8ff518fa3d940565afc53dde20fdd0ac3ee7f8337d795daf3a6cfc2957b153
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE8FF518FA3D940565AFC53DDE20FDD0AC3EE7F8337D795DAF3A6CFC2957B153"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5217
Expires: Tue, 31 Jan 2023 16:51:10 GMT
Date: Tue, 31 Jan 2023 15:24:13 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5c7bb7fa2a45bddc23a92135148b4541
265d8e61d9a417d9a6c46c17b544dde4ded49141
645839bade834ef1aa802e436cc0afdc5e8d7ba7cea84e2fc3ad0e3fc6a7e0e0
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: SuDyaarnYlsIzx_ur9JLZee3qKfsdDkcnF49_HxciVjp2HbkoEcrEQ==
content-encoding: gzip
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 15:13:01 GMT
content-type: application/json
content-length: 42040
age: 672
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10146
Expires: Tue, 31 Jan 2023 18:13:19 GMT
Date: Tue, 31 Jan 2023 15:24:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +IhfhfvCD2YkoHNT4QA7RcoBwsQ5Hb1p3jfUTg1UNNG9JY2WquUuyPSLISkQmtNBcSfzAnfxa1M=
x-amz-request-id: AJRJ1E4BDF90SE9T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 14:58:46 GMT
age: 1527
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6062
Expires: Tue, 31 Jan 2023 17:05:15 GMT
Date: Tue, 31 Jan 2023 15:24:13 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 15:24:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 14:43:17 GMT
content-type: application/json
age: 2456
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29ae3c7a5d0b90355d664635d0ec9823
fecf00b128d55bdea4a71b3937acf86923e46afc
ecf9b57acf723a3b6d04d90ba724e38d87c9289cf6a6e53df3a95fccad4b60ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECF9B57ACF723A3B6D04D90BA724E38D87C9289CF6A6E53DF3A95FCCAD4B60EF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21515
Expires: Tue, 31 Jan 2023 21:22:48 GMT
Date: Tue, 31 Jan 2023 15:24:13 GMT
Connection: keep-alive
hellosign.com/integration
75.2.70.75301 Moved Permanently 166 B URL HTTP/2 hellosign.com/integration
IP 75.2.70.75:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /integration HTTP/1.1
Host: hellosign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 31 Jan 2023 15:24:14 GMT
content-type: text/html
content-length: 166
location: https://www.hellosign.com/integration
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf2eb149b4b03df03d916e1a625fbe5f
733715c487395f22814091023ce7f9bd86107623
6f41f0cc19a8a6fb60da13bfd39ccb7e13402e825fa6c55c8f5639cf18284c4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4177
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:14 GMT
Last-Modified: Tue, 31 Jan 2023 14:14:37 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 14:41:42 GMT
age: 2552
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 30 Jan 2023 19:38:22 GMT
Age: 71152
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13950
Expires: Tue, 31 Jan 2023 19:16:44 GMT
Date: Tue, 31 Jan 2023 15:24:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1f494770537391290977f6234bca132e
8818bd962117fdce4c889b84c8f2f00e681c247a
f4972e20e64d45c924a496ebec59b90f502342cabf3a92a1d5dc2a68ca239700
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4972E20E64D45C924A496EBEC59B90F502342CABF3A92A1D5DC2A68CA239700"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1969
Expires: Tue, 31 Jan 2023 15:57:03 GMT
Date: Tue, 31 Jan 2023 15:24:14 GMT
Connection: keep-alive
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
34.217.182.232200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 34.217.182.232:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 31 Jan 2023 15:24:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4wfXUbc1op2tlpU0O2BI/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9SpS2xBnxw4dljF3JPutGpRLKJ8=
cdnjs.cloudflare.com/ajax/libs/fontfaceobserver/2.1.0/fontfaceobserver.js
104.17.24.14200 OK 1.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fontfaceobserver/2.1.0/fontfaceobserver.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (1031)
Hash f370782804e9ac7bd5e28fbebe2fcbcc
b7e19bf096627683e752f791a1945460413677e8
fa00081d8903dd3bcae57c77b4618e5b960ac6ef5bfc7b0077aa6c2978078c8f
GET /ajax/libs/fontfaceobserver/2.1.0/fontfaceobserver.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellosign.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 15:24:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1892
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-174e"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18222034
expires: Sun, 21 Jan 2024 15:24:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1i5O7fOmUWGj2S%2Bmjun8rPK9gQVRBZFFvDlXCFGDTEqSsdy5b0569l0by%2BlOv3lUO5LL%2FYho4exra2GyaRr1Rc%2BvwNdr496nvI6OfEYBhUbHSgedTckFkW%2BcfQGFffa9erRUI5V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7923740049b0b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/js/hellosign-prod.1d63cc7d2.js
54.230.111.7200 OK 190 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/js/hellosign-prod.1d63cc7d2.js
IP 54.230.111.7:0
File type Unicode text, UTF-8 text, with very long lines (49052)
Size 190 kB (189562 bytes)
Hash 5b5ca89abb0868b15c4acae997e1b97a
603c0eb597f61c31c1cde2e3f4910ccf63657dd7
d68698ab69539b425f5703f68397f7d3b8acdc0574c4f8d6aa79d156a609a2fb
GET /61c0a8113e6c0db0dcedae5a/js/hellosign-prod.1d63cc7d2.js HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 189562
last-modified: Fri, 27 Jan 2023 01:09:04 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: U5mZ6zZfLrm1yuqs8JWVPc_p5Pwizo.x
accept-ranges: bytes
server: AmazonS3
date: Tue, 31 Jan 2023 03:36:41 GMT
cache-control: max-age=84600, must-revalidate
etag: "5b5ca89abb0868b15c4acae997e1b97a"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 42454
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h3xSd0RVR5zYB1suE2YJNUPySfZq5qkqojIrAF46xApI01v6LP9vQw==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/css/hellosign-prod.c3612d847.min.css
54.230.111.7200 OK 191 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/css/hellosign-prod.c3612d847.min.css
IP 54.230.111.7:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 191 kB (191126 bytes)
Hash 5a8f411c136897b2db2e577a6bf83eb9
48babd1129066e83fd7405b9e9f98f7ac5063cb7
e0461a264ac019d7d185a4ccce9b1dd90725cad83d519a81de95f1d75d2ecda2
GET /61c0a8113e6c0db0dcedae5a/css/hellosign-prod.c3612d847.min.css HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 191126
last-modified: Fri, 27 Jan 2023 01:09:04 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: t4D1NzeiXus87R35WVLybCQzrlP23U4D
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 23:13:50 GMT
cache-control: max-age=84600, must-revalidate
etag: "5a8f411c136897b2db2e577a6bf83eb9"
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 58224
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DGX0-Y2S-jSJ_VRBl0NADQc4IIutc73vqB1c3ztnjZseXydy95UzdQ==
X-Firefox-Spdy: h2
use.typekit.net/vph1lkb.js
23.36.76.122200 OK 7.2 kB URL HTTP/2 use.typekit.net/vph1lkb.js
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (5035)
Hash a56757810766062483a108e0a9d8c4fe
793aa8a3d55f7959f5037fa8687ebd7df0ba1b4d
b8802ca4b333b9cdd2ca95f8edaf3e665d7453a3e47d84c94d0d712596871c40
GET /vph1lkb.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7201
date: Tue, 31 Jan 2023 15:24:14 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675177075127%22
35.241.9.150200 OK 21 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675177075127%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Hash 0584f78d1d68c7e56ddfb3e358c11619
f25f6148548198454a9d2ada9a19465ffaac20b9
ba0bc676c5cc0c2b6fffd8a278a2ae7fa5f32701046efb12bc0193db9507577a
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675177075127%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Tue, 31 Jan 2023 15:02:18 GMT
last-modified: Tue, 31 Jan 2023 14:57:55 GMT
content-type: application/json
age: 1316
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675168644673&_since=%221666204638208%22
35.241.9.150200 OK 26 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675168644673&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (26525), with no line terminators
Hash 1c759d21fc09983412f32e3ac3cf5089
327570f77da8ecb859749507fe372092132c5cc0
1f00562beb1edc7ed714fb19a768304447596dab32fb06286b4555d1174d8c84
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675168644673&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 26525
via: 1.1 google
date: Tue, 31 Jan 2023 14:44:28 GMT
age: 2387
last-modified: Tue, 31 Jan 2023 12:37:24 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 0b8d46cf3ea844d151f748f9fc7ceaee
d6dd6a746ffdcb71328226e3267158ae89ac9912
42a65ee82927d3130db5f5ff93581ee3e4a4d6129275a10856f2e5f9de9dd388
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 15:24:14 GMT
Last-Modified: Tue, 31 Jan 2023 14:27:59 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ypgzK2Zwsam-Y9QN1xNvcTkhMe0th2i1OFsxxiJ8HLPLci15mlRFUw==
Age: 3375
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Eyd04LU8VUuUaHUCQK65JH7G/o0zfivz3MIAEpztzl9dhTGjo2VgXEoVSwaL+8sFhLMSJdBh/04=
x-amz-request-id: QFN86Y0PTQPD2YM2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 14:32:37 GMT
age: 3098
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8dd36ac50407e8abacc8abe66b67eba4
d2910697db754f548297c7dafb5d0829dca0431a
a69b7d66ef4a25f8cadeea11d3b443958fd03eb555ff5aeb0cbcd8df42a47342
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 15:24:15 GMT
Last-Modified: Tue, 31 Jan 2023 14:22:40 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2MxzHdvBsmBbAt4-dT8RA1PiaZR1SZflRV_IjWeDm4e_tyT8B4wpOg==
Age: 3695
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8dd36ac50407e8abacc8abe66b67eba4
d2910697db754f548297c7dafb5d0829dca0431a
a69b7d66ef4a25f8cadeea11d3b443958fd03eb555ff5aeb0cbcd8df42a47342
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165386
Date: Tue, 31 Jan 2023 15:24:15 GMT
Etag: "63d8fec6-1d7"
Expires: Thu, 02 Feb 2023 13:20:41 GMT
Last-Modified: Tue, 31 Jan 2023 11:43:02 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: z8O_qwpG8EUKXA1-uhQubX1t1eNmiw-3_M2PylAfjqhtUeIBk5XQkw==
Age: 5859
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8dd36ac50407e8abacc8abe66b67eba4
d2910697db754f548297c7dafb5d0829dca0431a
a69b7d66ef4a25f8cadeea11d3b443958fd03eb555ff5aeb0cbcd8df42a47342
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 15:24:15 GMT
Etag: "63d8fec6-1d7"
Last-Modified: Tue, 31 Jan 2023 14:51:35 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -L7ObuACV_6MBdJzoSnrny9gQmv_EsmxKhCe_SvJ0EHY9e8o-3HixQ==
Age: 1960
mar-cdn.hellosign.com/ls/main.3676c10997ef9c241f5b.css
54.230.111.25200 OK 2.2 kB URL HTTP/2 mar-cdn.hellosign.com/ls/main.3676c10997ef9c241f5b.css
IP 54.230.111.25:0
File type ASCII text, with very long lines (2241)
Hash ea20d1a4c47f6cd1c16a477a0126e13a
6b04a277e8008bc04dca7bd73ad3ca254c8af76c
35558bc5798ee21680e681af7729d087156557dc6f95eee5279a4f894f23302b
GET /ls/main.3676c10997ef9c241f5b.css HTTP/1.1
Host: mar-cdn.hellosign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 2243
last-modified: Mon, 29 Jun 2020 07:17:15 GMT
x-amz-version-id: tBAW3kk2_8i8ic_p8LcOOUvWpbncLvJv
accept-ranges: bytes
server: AmazonS3
date: Tue, 31 Jan 2023 07:07:51 GMT
etag: "ea20d1a4c47f6cd1c16a477a0126e13a"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0-mYdAbTLN77-TH0ciF-3WCO73bYRLJ5_mpwsitlWY0WWGjlWIDtkg==
age: 29785
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 72e3a6541547b82965a08aa5dbb9b228
47fbe0fe82e075a7ff6bd1848476d18d40fb97e5
92aba6ff76c1f194bba42b31c0b635311619a89fd15e949409827862b54f6c91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92ABA6FF76C1F194BBA42B31C0B635311619A89FD15E949409827862B54F6C91"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16501
Expires: Tue, 31 Jan 2023 19:59:16 GMT
Date: Tue, 31 Jan 2023 15:24:15 GMT
Connection: keep-alive
mar-cdn.hellosign.com/ls/l.a303b6aee9a1ac83ec96.css
54.230.111.25200 OK 2.1 kB URL HTTP/2 mar-cdn.hellosign.com/ls/l.a303b6aee9a1ac83ec96.css
IP 54.230.111.25:0
File type ASCII text, with very long lines (2066)
Hash 016cf7e0f2b078cfe45f5828d00034b3
98f6d8557de85512f34e7e6536b8f48707b66154
3c7056f25c016e29cea0004089fbda5c045a95f7978daf29c844703c986bf78a
GET /ls/l.a303b6aee9a1ac83ec96.css HTTP/1.1
Host: mar-cdn.hellosign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 2068
date: Tue, 31 Jan 2023 01:07:58 GMT
last-modified: Mon, 29 Jun 2020 19:25:42 GMT
etag: "016cf7e0f2b078cfe45f5828d00034b3"
x-amz-version-id: Hf3KiGWIII5PG3f4OO7tGgvaqhQYBclc
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QjDcA3lbI-Amb-lNOVJvaHkbFrwbtaesnjq7hYv6i3pWAftv3HWV8A==
age: 51378
X-Firefox-Spdy: h2
mar-cdn.hellosign.com/ls/bundle.3676c10997ef9c241f5b.js
54.230.111.25200 OK 300 kB URL HTTP/2 mar-cdn.hellosign.com/ls/bundle.3676c10997ef9c241f5b.js
IP 54.230.111.25:0
File type Unicode text, UTF-8 text, with very long lines (32085), with LF, NEL line terminators
Size 300 kB (299598 bytes)
Hash f52335f13283cb46a71aa2dc5eceda5e
358b8f9987ff2abc0ca89bef981cb90d5c781739
4b5fc159f1be2fd45077b74ea38975e70367ee35b58ab5a5686c6920e212a060
GET /ls/bundle.3676c10997ef9c241f5b.js HTTP/1.1
Host: mar-cdn.hellosign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 299598
last-modified: Mon, 29 Jun 2020 07:16:12 GMT
x-amz-version-id: G6wIUXV11jQ0SVQJVE8c4.tpg1xct._9
accept-ranges: bytes
server: AmazonS3
date: Tue, 31 Jan 2023 05:45:58 GMT
etag: "f52335f13283cb46a71aa2dc5eceda5e"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uSLb_mvbxNvn4RSw19S9Exo4BLKlTXfrdZxpk7hktA5QW3hqdTSemA==
age: 34698
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 14:43:17 GMT
content-type: application/json
age: 2458
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0716571007d921ca749d9426814f3c55
626f6d6b2a95235e0785beec0994f4b34aa7097e
a9304184e6f240b0155e322d6409ee2a44dc23332bc468122c19983563c4e53d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9304184E6F240B0155E322D6409EE2A44DC23332BC468122C19983563C4E53D"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10948
Expires: Tue, 31 Jan 2023 18:26:43 GMT
Date: Tue, 31 Jan 2023 15:24:15 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-5BZQWX
172.217.21.168200 OK 69 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5BZQWX
IP 172.217.21.168:0
File type ASCII text, with very long lines (14964)
Hash c1c39b1eac2f98ff1ac391b9437a24db
2faa7d98a662eab08250b843260c9df4ecdf5256
ec08c61db989d0a51f192f1571fb72f7d016e21b9db82c03b2f89dbfb531bb5e
GET /gtm.js?id=GTM-5BZQWX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 15:24:15 GMT
expires: Tue, 31 Jan 2023 15:24:15 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-W4L4LWP
172.217.21.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W4L4LWP
IP 172.217.21.168:0
File type ASCII text, with very long lines (22532)
Hash 8cfce61c01363b6cfecf2f50718c0cc0
8b25adc43a92a4d526d77f42fb809a17b734453e
fb390969b95ab89d89bbaa702e950b4c47702affb91eda88717049fa88acc355
GET /gtm.js?id=GTM-W4L4LWP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 15:24:15 GMT
expires: Tue, 31 Jan 2023 15:24:15 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wdMs7rg5206wMlHn3K8qp1OstNWbfQ/4r4V/32oJs5/ZoYYCqKRqyjVw6J/0BnX5UO9SjWJIB94=
x-amz-request-id: 08752SAZTFSJCYYP
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Sun, 29 Jan 2023 16:03:11 GMT
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
age: 170464
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
23.38.200.249200 OK 156 kB URL HTTP/2 tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
IP 23.38.200.249:0
Size 156 kB (155900 bytes)
Hash 603af0a469f56ed195a699a69877ac7e
26ccb0e04753289b328eb1ebfc730bee17821910
224047ec0d456115e473db3ae1d96cb23cdb418c8c352a4769dde0b5bb8b6ec5
GET /utag/dropbox/hellosign/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "21ac7661619cbd2b39d74cea196fb6f6:1674769260.810069"
last-modified: Thu, 26 Jan 2023 21:41:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Tue, 31 Jan 2023 15:29:15 GMT
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d6ed6edb55e_SharpGroteskDBBook20.woff2
54.230.111.102200 OK 44 kB URL HTTP/2 assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d6ed6edb55e_SharpGroteskDBBook20.woff2
IP 54.230.111.102:0
File type Web Open Font Format (Version 2), TrueType, length 44227, version 1.0\012- data
Hash cadb8b051cff35866b4d98d9396293e4
63b514c105c3beb1d486a47a93cdea0440819eac
5c7b7d6a4397dff26896ef18694f9a5ec094ae5320022b408b2805f07e977e56
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d6ed6edb55e_SharpGroteskDBBook20.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 44227
date: Thu, 19 Jan 2023 02:02:51 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 20 Dec 2021 15:58:38 GMT
etag: "cadb8b051cff35866b4d98d9396293e4"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: YG39CytIBye9AGD_k0XGr8UudE0AoBJr
accept-ranges: bytes
server: AmazonS3
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
age: 1084885
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8c6ndTuWIs5dRGq4CtiKzFw5H7h3tN8_5In0zJBd5cvWcqewvyiirA==
X-Firefox-Spdy: h2
assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d89d7edb689_SharpGroteskDBBook23.otf
54.230.111.102200 OK 83 kB URL HTTP/2 assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d89d7edb689_SharpGroteskDBBook23.otf
IP 54.230.111.102:0
File type OpenType font data\012- data
Hash ba43ca372c2f3e68c73e5e2d7bd14bb4
52fde8bc6547951f157e093d849b8a6c712f3a48
b2e6b93cd2917c287817ae76aafff947dad812f25f119c7bec8555fac415c62b
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d89d7edb689_SharpGroteskDBBook23.otf HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-otf
content-length: 83184
date: Mon, 23 Jan 2023 06:23:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 20 Dec 2021 15:58:42 GMT
etag: "ba43ca372c2f3e68c73e5e2d7bd14bb4"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: vFGaN2WGgnFLyTs4blyOrrbNXuH4_Alk
accept-ranges: bytes
server: AmazonS3
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
age: 723658
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lS9itbiDt_09vdPQqoR2D2U7GarLrvOtpuwQMZGXWBmdOXXixiXCFg==
X-Firefox-Spdy: h2
assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d1521edb589_AtlasGrotesk-Regular-Web.woff
54.230.111.102200 OK 58 kB URL HTTP/2 assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d1521edb589_AtlasGrotesk-Regular-Web.woff
IP 54.230.111.102:0
File type Web Open Font Format, TrueType, length 58243, version 0.0\012- data
Hash 146e2ca8c29b0882a16ba28460515808
7aedaddc81cc8f90c9d6c0912f48486d145fccae
b9c6d150ea430d8e1bf233faed6da28b1ce388e7e1fad1cd9296c2ad97332b83
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d1521edb589_AtlasGrotesk-Regular-Web.woff HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 58243
date: Sat, 28 Jan 2023 07:49:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 20 Dec 2021 15:58:38 GMT
etag: "146e2ca8c29b0882a16ba28460515808"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: xNl.4oeY0o7_HPdY.WkoxhXw3bzJO8yh
accept-ranges: bytes
server: AmazonS3
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
age: 286478
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZecaNMyyUSjTVtg9O_EdHKVbJ0hqk72eQzYb82-wdOkTKrpFB-76-g==
X-Firefox-Spdy: h2
assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d771cedb5b4_AtlasGrotesk-Medium-Web.woff
54.230.111.102200 OK 68 kB URL HTTP/2 assets.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d771cedb5b4_AtlasGrotesk-Medium-Web.woff
IP 54.230.111.102:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a538bab9e4d4016d7b88dcd87c1bbdad
3b667d5d37618142e006aca2bee06f17938ac9aa
4b8eadb9a5cc692f6c80438705e21aa539982b7b49bde139f231b5506858da88
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d771cedb5b4_AtlasGrotesk-Medium-Web.woff HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 61391
date: Thu, 12 Jan 2023 08:56:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 20 Dec 2021 15:58:39 GMT
etag: "56a7055837df9adaf628885612deb24b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 1.srubt.0BkAywfISz_EfD8yznv4AGBR
accept-ranges: bytes
server: AmazonS3
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
age: 1664870
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j_8LTLpoRxNGU1Ezep-GbqirtX0OvSmyV2F5B6ZXBDVWB97QTXykxQ==
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.5.js?utv=ut4.48.202211161535
23.38.200.249200 OK 35 kB URL HTTP/2 tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.5.js?utv=ut4.48.202211161535
IP 23.38.200.249:0
File type ASCII text, with very long lines (30666)
Hash c6ae8f3c89fad9026a44090462d0abcf
ecd66526f53679d170151f4c697986b51dd37a85
edb4753539d720c9378ed3279e9a3bfd1adb24929e0b45db46dddd28e5b5e45c
GET /utag/dropbox/hellosign/prod/utag.5.js?utv=ut4.48.202211161535 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "5ab379aca54ed96b034ff7d055ab4bf8:1668612932.615981"
last-modified: Wed, 16 Nov 2022 15:35:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 15:24:15 GMT
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 35445
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df53466ef1fd7c7520ffe94078aa544d
b409909b1240f84949ff3935181258007fa64113
247bd8028207606c0863aab9c3afecaba62178b877691db1bd0c023c901c90d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6562
Cache-Control: max-age=156742
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:15 GMT
Etag: "63d8da43-1d7"
Expires: Thu, 02 Feb 2023 10:56:37 GMT
Last-Modified: Tue, 31 Jan 2023 09:07:15 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d1894edb79f_chevron.svg
54.230.111.7200 OK 239 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d1894edb79f_chevron.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 0e709661282fb9d2e840612940c1da9e
e3009a9e1aa0ddb53a87d7e9bdb3ec9004b5b9ea
5676eae15f754e37d7bdd8297f579e378e9df7b3de2fae85d1cf3c463c254e0e
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d1894edb79f_chevron.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 239
date: Mon, 16 Jan 2023 17:22:10 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: "0e709661282fb9d2e840612940c1da9e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: S5qSHziQb2eVWB3OFJ0bqnMTtmrZTJ_E
accept-ranges: bytes
server: AmazonS3
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1288926
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H4gWF9jiFAp5UGJUUPJElBth931VyGmrEtvP6e8fSTKnkF5AWlBkOQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0da4a3edb79d_arrow%20right.svg
54.230.111.7200 OK 238 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0da4a3edb79d_arrow%20right.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 07fadadd70a511ffdd98fb99706562b3
ae203a3e9aad743ec0ed3776f2d135160d3e959e
61653b092af57d57f79366e61ac7726ed44a3ea709883f74bc388a9f0f39d567
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0da4a3edb79d_arrow%20right.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 238
date: Mon, 16 Jan 2023 17:22:10 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: "07fadadd70a511ffdd98fb99706562b3"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: TKpdWTZ7gHn5eBZ2ecJRU5EEooecRwYw
accept-ranges: bytes
server: AmazonS3
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1288926
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MrvJSyxiw2CN3-MKe-tw3kmmkxojrlSo-uXBLRP5y_b4mBdX6344YA==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d12e2edb7a6_facebook-logo.svg
54.230.111.7200 OK 579 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d12e2edb7a6_facebook-logo.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (475)
Hash 61dd7b4f06e4d53a579346ccc2f6b9fa
b7a5c2c767bcd5fbfc0887353d796075bd1f20d8
e5ac61ccfad5d077d6c1bcca3d24157c3050441a6f9af1397b3116ae75d3ad5a
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d12e2edb7a6_facebook-logo.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 579
date: Thu, 12 Jan 2023 02:43:04 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: "61dd7b4f06e4d53a579346ccc2f6b9fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: YgU1XqZ.yH0geZPvB_KkM_jNg353JQoh
accept-ranges: bytes
server: AmazonS3
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1687272
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6uv4lsKHJHhEctoYyyMEZzVzJXm87Yz7TNvw_PqyL3dem6rlRKhLTg==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d57d9edb7a5_youtube-logo.svg
54.230.111.7200 OK 981 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d57d9edb7a5_youtube-logo.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (877)
Hash 3f9e74dfb140e0133e65fce7df7ea468
c5b7c21e3e337ff5c0410502dfb42cb61de8fe6a
c67ef377ef8b9a6a773aa7b18c9cd29360633f8cc5d375c41f2b86107864c0da
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d57d9edb7a5_youtube-logo.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 981
date: Sat, 14 Jan 2023 09:35:46 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: "3f9e74dfb140e0133e65fce7df7ea468"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Y.U75EVwSHI5Ma_SDx0VzSctOZhbD6xH
accept-ranges: bytes
server: AmazonS3
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1489710
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3VsRO4spzkzCBe0njNMSnkflZFVzSMo4ucpDMi0OWmdF6nsL9_z7fw==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d17eaedb7a9_Discover.svg
54.230.111.7200 OK 2.3 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d17eaedb7a9_Discover.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (981)
Hash 4ca46b98fcf451e0f6563dd222f7f45b
b63d2bd301c7fdc9bcbb9766f93a12b08c1eb286
1f782114a3581dbef6b33a933acb26a737eff98d6ad51e0a38933d09e2a73586
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d17eaedb7a9_Discover.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 11 Jan 2023 01:03:28 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"ff5ba09523f9e5223d1142d7c7c43095"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: OD5SD7APvGYKZ7uv32g41cOH15bYFLcg
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1779648
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TnMvB1BmthTQqQDoO7enSRzap7jJ_qZsOnhEswHbH26cejsRkc05Qg==
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1675178672674
34.251.47.116200 OK 310 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1675178672674
IP 34.251.47.116:0
File type JSON data\012- , ASCII text, with very long lines (366), with no line terminators
Hash 8bfa0912f5fc1f9dd33b7cb2347d80a8
e2937045469a7ea41ca1d391b1cc646a02dda103
96ddcc5c7e763c1ea28685ca250fb2eaf777cb2474049cd601d198067e3ea182
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1675178672674 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.hellosign.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=66068347463977048421018143532348096320; Max-Age=15552000; Expires=Sun, 30 Jul 2023 15:24:15 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: oRjCXrzPR+s=
Content-Length: 310
Connection: keep-alive
tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.8.js?utv=ut4.48.202210281627
23.38.200.249200 OK 5.8 kB URL HTTP/2 tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.8.js?utv=ut4.48.202210281627
IP 23.38.200.249:0
File type ASCII text, with very long lines (2761)
Hash b8d9021eaf9851a56d5a40fee0de4ac5
b9a40653010cf1b085a471643472b7a528f085d4
590b4ef91f8c5a9548c496c3f4f76c4ad255e2ee370f3022d8ba0ab14b4df0a8
GET /utag/dropbox/hellosign/prod/utag.8.js?utv=ut4.48.202210281627 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "6ec30d54dbf79a9740aa50379a173dd2:1666974477.878126"
last-modified: Fri, 28 Oct 2022 16:27:57 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 15:24:15 GMT
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 5776
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.40.js?utv=ut4.48.202205092237
23.38.200.249200 OK 3.0 kB URL HTTP/2 tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.40.js?utv=ut4.48.202205092237
IP 23.38.200.249:0
File type ASCII text, with very long lines (1347)
Hash 8c91f34a5565ead09e2514e2b0ba2718
d6c366c225d4b14f0b2765f818d83704c3bb1d3c
dc4b14191f959c2356664186b15a5202800fb19317024174bd58734dcb445b2d
GET /utag/dropbox/hellosign/prod/utag.40.js?utv=ut4.48.202205092237 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "019460c800668a92529fb5706aa7612b:1660146229.120571"
last-modified: Wed, 10 Aug 2022 15:43:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 15:24:15 GMT
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 3034
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.152.js?utv=ut4.48.202212060410
23.38.200.249200 OK 2.6 kB URL HTTP/2 tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.152.js?utv=ut4.48.202212060410
IP 23.38.200.249:0
File type HTML document, ASCII text, with very long lines (5291)
Hash d34813bcf95e31d6b8263b0373b2ecd6
9e896ec7a80b0c50a9912d93f17f9443f78c654c
c74f3081bab273a4955ca709ac37e86e642f93207d426361669175fa3f542517
GET /utag/dropbox/hellosign/prod/utag.152.js?utv=ut4.48.202212060410 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "deb565a25924986ec64b07e1e22de945:1670299848.122151"
last-modified: Tue, 06 Dec 2022 04:10:48 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 15:24:15 GMT
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 2628
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.135.js?utv=ut4.48.202210262301
23.38.200.249200 OK 3.6 kB URL HTTP/2 tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.135.js?utv=ut4.48.202210262301
IP 23.38.200.249:0
File type ASCII text, with very long lines (1502)
Hash 28a0991c98a802ecce42ab900fd88f3a
d6fb0420dbf7203f550fb63b1103ff9324b673f5
02e7a4cc9dee1c4e785c1ad6fda739bc3c35b4402963c5ef328b11fe56714326
GET /utag/dropbox/hellosign/prod/utag.135.js?utv=ut4.48.202210262301 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0a7682450c04f352f385854a2e54497c:1666825320.994779"
last-modified: Wed, 26 Oct 2022 23:02:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 15:24:15 GMT
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 3635
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 30 Jan 2023 19:38:22 GMT
Age: 71153
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.162.js?utv=ut4.48.202301192130
23.38.200.249200 OK 1.8 kB URL HTTP/2 tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.162.js?utv=ut4.48.202301192130
IP 23.38.200.249:0
File type ASCII text, with very long lines (1117)
Hash c7400607aa6585344523d66dad7fa5a6
a5af54127d287c6f8d31c2d0a9f93ff78117d637
9d19759fa6eedb6898d6256a7dd35d6755db0280e5ae831826676327fe14e71b
GET /utag/dropbox/hellosign/prod/utag.162.js?utv=ut4.48.202301192130 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "92cb4f5a39e090f84f05e7f36951983d:1671229866.684164"
last-modified: Fri, 16 Dec 2022 22:31:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 15:24:15 GMT
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 1791
X-Firefox-Spdy: h2
use.typekit.net/af/3e64fb/00000000000000003b9b12fe/27/l?primer=3569ea2f7b7e0cfe53d24d1a326acf279d1b715ca67e789775350bc602cbb2ab&fvd=n3&v=3
23.36.76.122200 OK 19 kB URL HTTP/2 use.typekit.net/af/3e64fb/00000000000000003b9b12fe/27/l?primer=3569ea2f7b7e0cfe53d24d1a326acf279d1b715ca67e789775350bc602cbb2ab&fvd=n3&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 18552, version 1.0\012- data
Hash 54d8563a4b06b56b9613d5a18df56086
78f7f2290799e5a21913e96bbbd12ffe335a6627
e2bb0d9ec188507d7773855977b27817e637df4564dc4c7db2a91b8bcb105114
GET /af/3e64fb/00000000000000003b9b12fe/27/l?primer=3569ea2f7b7e0cfe53d24d1a326acf279d1b715ca67e789775350bc602cbb2ab&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18552
etag: "b7da841284f3f500ccd1d3da8c355c3ba2e2a2ee"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/4eabcf/00000000000000003b9b12fd/27/l?primer=3569ea2f7b7e0cfe53d24d1a326acf279d1b715ca67e789775350bc602cbb2ab&fvd=n4&v=3
23.36.76.122200 OK 19 kB URL HTTP/2 use.typekit.net/af/4eabcf/00000000000000003b9b12fd/27/l?primer=3569ea2f7b7e0cfe53d24d1a326acf279d1b715ca67e789775350bc602cbb2ab&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 18720, version 1.0\012- data
Hash 0664870fe197531cf60994127fbf69f5
7263f5c44d75374c63684afe9b23a7ad86695903
d562a00248ba305daaab7e5664570eee24c699a3232d853068fa7e9a2f75b7ff
GET /af/4eabcf/00000000000000003b9b12fd/27/l?primer=3569ea2f7b7e0cfe53d24d1a326acf279d1b715ca67e789775350bc602cbb2ab&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18720
etag: "f9dcc0524bcf224a6bbfc43221d515514d99f733"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n7&v=3
23.36.76.122200 OK 42 kB URL HTTP/2 use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 41828, version 1.0\012- data
Hash 0afd6c29bfcbd1c672c6668d49deb0f1
04d205881fdfd9c965841f28ca99f8cd377a394d
814cb23543d72283252da84a8a5afbb6d73706c50822442758deaa1296a4ddd8
GET /af/949f99/00000000000000003b9b3068/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 41828
etag: "379ba782fac5740e73415bdd11ba159a03413dee"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash ee3b2ca8193a47eb1c2f1628b80b953f
6b53021c8663e3a0f874c5f030902a78c3ef1b9d
2cc501aa09d747a9b69b88c92f896650b9c9f5c32dae8b2315ab61c63d9a4ccc
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Tue, 31 Jan 2023 14:38:00 GMT
age: 2775
last-modified: Sun, 29 Jan 2023 16:36:52 GMT
etag: "1675010212483"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n3&v=3
23.36.76.122200 OK 42 kB URL HTTP/2 use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n3&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 41924, version 1.0\012- data
Hash 6cc5f82b9db5432605bed0732ced3c20
3e77aa141ab78bbb72e27648f4e9cef2af2d0ad9
6f1bc0f5d4431f6aaf796f0b8f93682a1d139eb5a636f2ae2fc3269e784a9585
GET /af/cebe0e/00000000000000003b9b3060/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 41924
etag: "f311043a49bfff247613cf48167bd3a2e5e825e4"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d405cedb7a7_Visa.svg
54.230.111.7200 OK 24 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d405cedb7a7_Visa.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1200)
Hash 23ce5935a1779e60e612097333d6754d
ed4599a8e4dd03ec81fe6f454473792fbbfcc05b
2883f6e404678a976f1c5386ba0c46149da3d5cb39f8ce8e10a01cfdc85aa1f7
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d405cedb7a7_Visa.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sun, 22 Jan 2023 02:24:52 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"262fd59abf8ae5fdede7bd6e32978be9"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jTUWKmBkybE90T_W.ec7j6HS3k87ReqX
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 824363
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: do40Jan4fNNqGbJ9j-g0JrVpHtCJ7dMt-6dgMG9TvPEdn9haaFR4aQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0db57fedb7ac_Sky%20High.svg
54.230.111.7200 OK 23 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0db57fedb7ac_Sky%20High.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (707)
Hash 86ab2aecef3cfea0b2f94114880c88a1
42fa10ad8372210c0a63d08a266f947080d0598d
c8904540e0b4d4ed1e7f64a0de1e5b9c50c74830c43e78dabb32d5f02bc9546f
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0db57fedb7ac_Sky%20High.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 12 Jan 2023 01:17:04 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"1cc2d9c8265f4be98b03bb613f4b3d45"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: RoALBNrfxjZY_eGPzd.5IPiP4vL1KU4r
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1692432
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 84e4wlMVfgmg0h6pZD8-DJjkA9l9YfvJm5mq3i3SCFF9LFGfHY7lRw==
X-Firefox-Spdy: h2
use.typekit.net/af/db2a31/00000000000000003b9b3f9f/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n7&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/db2a31/00000000000000003b9b3f9f/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23676, version 1.0\012- data
Hash 2b5f794eeb6468eec95c78db577eff24
ed608c5234c038cf8b182fe532b693e36e70deba
7b4f4f6ed702437ccb961f808fa0c5afe2ec9a6235869ab2d58c77abd25cd4f5
GET /af/db2a31/00000000000000003b9b3f9f/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23676
etag: "e282ea4aa6cf13cc5c799f2a18ce6447a7175007"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ec3a8b/00000000000000003b9b3fa4/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n8&v=3
23.36.76.122200 OK 23 kB URL HTTP/2 use.typekit.net/af/ec3a8b/00000000000000003b9b3fa4/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n8&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 22704, version 1.0\012- data
Hash 45e622cc506ce294ae1a98723341ef3f
0eed9dedcc4b9fb5f8afd3a55834eb092d18b13f
d0b74dbc7c0547e338e29ab901a25ab5913bf9afe8fe14660c8cc142316c30c1
GET /af/ec3a8b/00000000000000003b9b3fa4/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n8&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 22704
etag: "145ff27ddd3e5faaa644fe3b1e956e07a39c0a3d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/4fad8c/00000000000000003b9b3fa0/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n4&v=3
23.36.76.122200 OK 23 kB URL HTTP/2 use.typekit.net/af/4fad8c/00000000000000003b9b3fa0/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23264, version 1.0\012- data
Hash 058c6e658f8dbf4ee40d457c4eac3a05
3082a5068303b47c84b3baf5203c59146b5ca99e
26ff4ea86f50a07f45987cf8ac7c1cd1eae853356b4c58f9dceb5a72e8c830e8
GET /af/4fad8c/00000000000000003b9b3fa0/27/l?primer=6a09a19cf5780b51030fc849171e53a78592251d1773a20867bc8ae6ae5a1c76&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23264
etag: "e05af7299d75a03f7d955a5d3f27a38515594b4d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0de4feedb7ad_HIPAA.svg
54.230.111.7200 OK 75 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0de4feedb7ad_HIPAA.svg
IP 54.230.111.7:0
Hash c3b750d50dd70794f78698fe169d31e4
d19c655f569d1112440ff52a51cb3c4aa6a1ab28
9fcd500e691a261b98cfabfb4b20ea111684f4d0f5a903b403d298d9d6fc3869
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0de4feedb7ad_HIPAA.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 23 Jan 2023 03:39:31 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"be787fdc448e0c8a04d51f22f08b8eef"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 9VFQQ11ehasQHQl58n67T5AbutR3yY4e
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 733484
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qw0MLygqAtB1WTxnx08kkw_-CboeY0aReRjyIo33AHCVDwRz3tOIKw==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d5c3fedb7a8_Amex.svg
54.230.111.7200 OK 42 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d5c3fedb7a8_Amex.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (529)
Hash e5904a0c642e1d4951054e7f1f893006
7f27189c432314e92a45db5cad5635291fe9569e
137c59dcc1d7a05884d41c900f37b03a96d213e4ceb3a34acb344d364e517324
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d5c3fedb7a8_Amex.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 07 Jan 2023 07:58:23 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"a35e61a6788ee6e0153648373319213a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 0BWYg63P8MdDc1eHSQLC045T_dRC2lQT
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 2100353
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PBoCASbN4rttKMlfrr0m4IXAmuxkO0cksg2cp525MJ2gt6VZbAGxvg==
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: UUibIB0NgaWaiGp9BjIe/n2z0SVGVWhoxh2SRjwIj8Gnff7QjklG+jxyjozNlZt24/2EB2Hspys=
x-amz-request-id: 892YMQNTR82JRV7D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 14:51:12 GMT
age: 1983
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=i4&v=3
23.36.76.122200 OK 43 kB URL HTTP/2 use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 43032, version 1.0\012- data
Hash cff96c04d3e0c758df886877565f3e56
64a3be3bc1b855bfb90d34e5c5fec7e9e1547d9a
0b463af1bce782e5f58e5143d40bfda323b9154ac833c3afa8bd9e4cf76c801e
GET /af/5c70f2/00000000000000003b9b3063/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 43032
etag: "69fd9b14eaf0794f8f5260269affe6fa168f35f3"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n6&v=3
23.36.76.122200 OK 40 kB URL HTTP/2 use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n6&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 40424, version 1.0\012- data
Hash 79de667061f7903f997ad1ea721781f8
f493141af9f53b010239b012a96ddb1c007072af
f35590f4526f3fcf994407eb67fa120646381702302a6527ba728fc0bed4ba92
GET /af/576d53/00000000000000003b9b3066/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 40424
etag: "6f7d79d3bb3e7f17fccc7779d04cdccd321b54d9"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
t.contentsquare.net/uxa/4a39e5c4777d0.js
54.230.111.42200 OK 95 kB URL HTTP/2 t.contentsquare.net/uxa/4a39e5c4777d0.js
IP 54.230.111.42:0
File type Unicode text, UTF-8 text, with very long lines (64122)
Hash cbaae709329ca229b0a28d38d2d5aa63
0ac9ddc15c09080936896934ed290ff3e81c38bd
87d88e712f0baf449b6165ae0ae5393fec8e145ed24a15299918e45e47526a2a
GET /uxa/4a39e5c4777d0.js HTTP/1.1
Host: t.contentsquare.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 95257
date: Tue, 31 Jan 2023 10:11:21 GMT
last-modified: Tue, 31 Jan 2023 10:10:46 GMT
etag: "cbaae709329ca229b0a28d38d2d5aa63"
x-amz-server-side-encryption: AES256
cache-control: max-age=900
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -kQdKR-vtmhOb-I-SmDICfDhH2YZv6fAdYvPhPMbzvW7pOVXGJJ6mg==
age: 0
timing-allow-origin: *
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11691
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 15:24:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11691
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 15:24:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11691
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 15:24:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 3d63398bfcd270d3aff50d730b7fbf8e
95b217d19c323845ba9739f9e343ffd4a050dc2a
28be153e42646803b6aa62501fcb5262eea2812237655cec6be8b2a3ff4e7d0c
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Tue, 31 Jan 2023 15:21:16 GMT
age: 179
last-modified: Sat, 28 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
use.typekit.net/af/c47696/00000000000000003b9b305e/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n1&v=3
23.36.76.122200 OK 10 kB URL HTTP/2 use.typekit.net/af/c47696/00000000000000003b9b305e/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n1&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /af/c47696/00000000000000003b9b305e/27/l?primer=71ea0ebb15420aefde6cd6d6788532517e3847a501cd2c72534bd4130921bcf0&fvd=n1&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38944
etag: "3d97548203d7c5d96ac58148d83ac87ed1b8756a"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
www.dropbox.com/pithos/privacy_consent
162.125.71.18307 Temporary Redirect 14 kB URL HTTP/2 www.dropbox.com/pithos/privacy_consent
IP 162.125.71.18:0
Hash f6cab48bc58a33e735bb22569f85bd01
c7b4d799ac3cfa8b8ab45271e942cfead9d5dfca
966e472abc0e4b02bf044f560306b35e1d6da03e41b035c7489186a85808a0b8
GET /pithos/privacy_consent HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
cache-control: no-cache,no-cache, no-store
content-security-policy: sandbox
location: https://www.dropbox.com/pithos/host%3Awww.hellosign.com/privacy_consent
referrer-policy: strict-origin-when-cross-origin
set-cookie: gvc=MTQ4ODIxMjM1ODI3Mzg2OTMzMzY2OTQ3NTMwOTM4MzU2ODIxMjg2; expires=Sun, 30 Jan 2028 15:24:15 GMT; HttpOnly; Path=/; SameSite=None; Secure
t=9H9bis6Vo3Je49Q-B8UFjikD; Domain=dropbox.com; expires=Fri, 30 Jan 2026 15:24:15 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=9H9bis6Vo3Je49Q-B8UFjikD; expires=Fri, 30 Jan 2026 15:24:15 GMT; Path=/; SameSite=None; Secure
__Host-ss=Of8Y2nxBa0; expires=Fri, 30 Jan 2026 15:24:15 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
locale=en; Domain=dropbox.com; expires=Sun, 30 Jan 2028 15:24:15 GMT; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 15:24:15 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: aa2cb89bc4ab4dda81cd06b2f6816c71
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 49296
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 41603
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=vph1lkb&ht=tk&h=www.hellosign.com&f=139.140.171.173.175.176.5474.15529.15530.35517.35518.35521.35522.35526&a=971683&js=1.21.0&app=typekit&e=js&_=1675178673154
23.36.76.122200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=vph1lkb&ht=tk&h=www.hellosign.com&f=139.140.171.173.175.176.5474.15529.15530.35517.35518.35521.35522.35526&a=971683&js=1.21.0&app=typekit&e=js&_=1675178673154
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=vph1lkb&ht=tk&h=www.hellosign.com&f=139.140.171.173.175.176.5474.15529.15530.35517.35518.35521.35522.35526&a=971683&js=1.21.0&app=typekit&e=js&_=1675178673154 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 66050
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 43179
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d5a6aedb7a0_twitter-logo.svg
54.230.111.7200 OK 1.0 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d5a6aedb7a0_twitter-logo.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1029)
Hash 6d0280009c5244daccc5c5a5f9734e1b
c7389f1dc2344f7024603ef6e8409a544d29ab06
5dd30ea06c95d8654ef0c6b8605f100182004aa60b5fa11a75840ae5dc06c93a
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d5a6aedb7a0_twitter-logo.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 20 Jan 2023 06:32:41 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"7e247810a547a235f5f3882994b6718f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 4Tt9rVXhmxLmUuqw.bud4FTGtQYsHxOZ
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 982295
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0BcKTXPOU3DCrk-0c_R3zvUSvK6xdLVOvWQKrGOVbfyHsHdsbSMhAA==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1674841566207&_since=%221666483264567%22
35.241.9.150200 OK 52 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1674841566207&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (52267), with no line terminators
Hash 43fa3c33ef7e1368ef38013ab44077ec
70447b3d512f20511dec32ecad04b77a76a86b6f
bae20740abda87eb747664b2ec70fb29c5ff7899292685645d7ed2c609727391
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1674841566207&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 52267
via: 1.1 google
date: Tue, 31 Jan 2023 14:35:12 GMT
age: 2944
last-modified: Fri, 27 Jan 2023 17:46:06 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/63597ff95c63a97a99be1204_sign-32.png
54.230.111.7200 OK 1.2 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/63597ff95c63a97a99be1204_sign-32.png
IP 54.230.111.7:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 51494040769a0fabd806bb1281cea528
5d1553910148378dbabdc6013b3c0f42af48c1af
6019d84e30f382e80774999aa5e965809af286e3b74cad1066fab926432098ac
GET /61c0a8113e6c0db0dcedae5a/63597ff95c63a97a99be1204_sign-32.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1206
date: Thu, 12 Jan 2023 03:53:41 GMT
last-modified: Wed, 26 Oct 2022 18:44:10 GMT
etag: "51494040769a0fabd806bb1281cea528"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Gfsrbuxr2omxUkcpazGUax7xKACgJ2RO
accept-ranges: bytes
server: AmazonS3
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1683036
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r7S-m319I39DeKBpU3j037lIcHKO6Q0qE53JB-xI1oxO3Jx6-ju7lQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/6359812f993d5b04245b59ee_sign-256.png
54.230.111.7200 OK 8.7 kB URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/6359812f993d5b04245b59ee_sign-256.png
IP 54.230.111.7:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 617fa905c888586ba2ce83b14a17bee6
c1e0b8b9a5a9a4c96913fdb7020aaae7241bbe4f
db1c1a67afc88576f8c1b7c675ba55865f6100789bf5582f4cb8761cbbbfbb6e
GET /61c0a8113e6c0db0dcedae5a/6359812f993d5b04245b59ee_sign-256.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8661
date: Tue, 17 Jan 2023 15:25:54 GMT
last-modified: Wed, 26 Oct 2022 18:49:20 GMT
etag: "617fa905c888586ba2ce83b14a17bee6"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: s7YcxxBGY24zv76kdHhjyMgwtRoDSR04
accept-ranges: bytes
server: AmazonS3
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1209503
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lmxKEEXp14kM_q83aDx2zpnKlGgbc7dFQjnrF5l8weL5HknKgfl0jg==
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=46884
date: Tue, 31 Jan 2023 15:24:16 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb7911fc5b52700a08deb91ec257f8de
f1527fe4e93bde2384f334f82a683a4fb15285c6
f72f4bf5433ad987412402bcf0c42de9b3f5d330e331e485822c6f0855f19ad9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 562
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Etag: "63d87d42-1d7"
Last-Modified: Tue, 31 Jan 2023 15:14:54 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 31 Jan 2023 13:45:20 GMT
expires: Tue, 31 Jan 2023 15:45:20 GMT
cache-control: public, max-age=7200
age: 5936
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flex.msn.com/mstag/tag//analytics.js?ver=1206030100
204.79.197.203400 Bad Request 665 B URL HTTP/2 flex.msn.com/mstag/tag//analytics.js?ver=1206030100
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 1dfd50c2a371bd310479b42b59a22884
8cab3b2f02d71544569f012d80919813757ce210
eadf914d26d61a83b267994f6b3645ac69a01a2bc05cbe4918fcec4be0c0a5c1
GET /mstag/tag//analytics.js?ver=1206030100 HTTP/1.1
Host: flex.msn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
x-msedge-ref: 0oDLZYwAAAACzM+ZHp5+QRIiTUAsz5qfvT1NMMzBFREdFMDQxMgBFZGdl
date: Tue, 31 Jan 2023 15:24:15 GMT
X-Firefox-Spdy: h2
munchkin.marketo.net/munchkin.js
88.221.99.189200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 88.221.99.189:0
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 31 Jan 2023 15:24:16 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Hash bf91148bc6bc52655c8e8138e8a0a4f4
919f632d0fa2021439aefb26804e6c811f077343
0b87aabbe04ee50ba0cdfdfd6710e761f3ede6ac42cc8faa1b136315529daabf
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Tue, 31 Jan 2023 14:57:18 GMT
age: 1618
last-modified: Fri, 27 Jan 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aae6fd5c7c56fe8a65f5a3fc1fb23533
8bd4f7a8bda61f77c1c7ea6fdf2a7eb152d54b1c
5d74aae13d705760eef45710c4d8e9d75e55b1d19d4243807c7067059f63b33f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Last-Modified: Tue, 31 Jan 2023 14:39:38 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.everestjs.net/static/le/last-event-tag-latest.min.js
23.61.215.237200 OK 2.7 kB URL HTTP/1.1 www.everestjs.net/static/le/last-event-tag-latest.min.js
IP 23.61.215.237:0
File type ASCII text, with very long lines (7027)
Hash c3a66e6f50b032dadb8cad25dc32492d
e80710faee38cff62d92bbc5d1f06606e9024a88
1c3799c14636066f1c903442bf67a335695dc440273e614daab754edbbf0828c
GET /static/le/last-event-tag-latest.min.js HTTP/1.1
Host: www.everestjs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fZWe1ji7i4kPV3i+XAYRNU2Zv/UO+4UlQyJs1gwD5NXJEDTQwPNlr/q2ZhIQr2NHdaukuhNFNxg=
x-amz-request-id: AXPA3VKNGRX3YQP8
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 2663
Date: Tue, 31 Jan 2023 15:24:16 GMT
Connection: keep-alive
Vary: Accept-Encoding
googleads.g.doubleclick.net/pagead/viewthroughconversion/983307503/?random=1675178673243&cv=11&fst=1675178673243&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.98200 OK 877 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/983307503/?random=1675178673243&cv=11&fst=1675178673243&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (1845), with no line terminators
Hash 632e2376c745982c80029747134f012f
d4c791f69f00c4acdad9d3d93e9a4935e733b794
3ebbf3c9ab8ac09d6b7355369ef5065b53f0fcc9aeaf39ec60245628cd705086
GET /pagead/viewthroughconversion/983307503/?random=1675178673243&cv=11&fst=1675178673243&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 15:24:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 877
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 15:39:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&ct_cookie_present=1
142.250.74.98200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 15:24:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 15:39:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 15:24:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js
104.16.100.29200 OK 71 kB URL HTTP/2 cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js
IP 104.16.100.29:0
File type Unicode text, UTF-8 text, with very long lines (43532), with LF, NEL line terminators
Hash b3b1f905aee5c4badb42a31820b8f96a
ae3577f88a92a975154b3208e774cf245e2696e2
9d630b2756116e28367562b298c5bb4e30660839700a539a35a710b8550bc6c9
GET /static/metaserver/static/pithos/privacy_consent.bundle-vflwJFXrU.js HTTP/1.1
Host: cfl.dropboxstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 15:24:16 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 04:57:33 GMT
x-dropbox-request-id: ec456f95d53725edb88a560cd9b26fca
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
cf-cache-status: HIT
age: 1116970
server: cloudflare
cf-ray: 79237408e81cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aae6fd5c7c56fe8a65f5a3fc1fb23533
8bd4f7a8bda61f77c1c7ea6fdf2a7eb152d54b1c
5d74aae13d705760eef45710c4d8e9d75e55b1d19d4243807c7067059f63b33f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Last-Modified: Tue, 31 Jan 2023 14:39:38 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/983307503/?random=1675178673243&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=235946456&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/983307503/?random=1675178673243&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=235946456&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/983307503/?random=1675178673243&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=235946456&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 15:24:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1674751976728&_since=%221661199949574%22
35.241.9.150200 OK 18 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1674751976728&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (17471), with no line terminators
Hash 6e2d33aecce57f200365d89f518caa2a
0226b86348839e3398809b8e542aa7daf6909ba6
1fa13b584b43bddc8fd2e1fc57676c930b50dea74726a9c2fc55e35dca77ebfd
GET /v1/buckets/main/collections/search-config/changeset?_expected=1674751976728&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 17471
via: 1.1 google
date: Tue, 31 Jan 2023 15:09:44 GMT
age: 872
last-modified: Thu, 26 Jan 2023 16:52:56 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/983307503/?random=1675178673251&cv=11&fst=1675178673251&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=IIWbCJy-it4DEO-p8NQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&did=dYmQxMT&gdid=dYmQxMT&auid=143292990.1675178673&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 15:24:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/983307503/?random=1675178673243&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=235946456&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/983307503/?random=1675178673243&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=235946456&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/983307503/?random=1675178673243&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&tiba=Not%20Found&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=235946456&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 15:24:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22
35.241.9.150200 OK 2.1 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2144), with no line terminators
Hash 5081e6ce6effca1e5ba513b8ee475b1c
56b570761e64c997d2340e4697a1c0e1b06cc0e5
df3c6bd21705a779e7eace5f711efb8e0c91a77a0fd18288d12cf49507f944a2
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2144
via: 1.1 google
date: Tue, 31 Jan 2023 14:29:40 GMT
age: 3276
last-modified: Thu, 26 Jan 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fwww.hellosign.com&sandbox_redirect=false&locale=en
54.230.111.92200 OK 854 B URL HTTP/2 consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fwww.hellosign.com&sandbox_redirect=false&locale=en
IP 54.230.111.92:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash dc63fb23d6563676b3090bae3f02ccde
dd6c4202705f760dd5744caee7ccb31f703fc880
c8bce4b4bc1b212ffc445ae939680990a6f4b23eed318c8b9a7f1e21facd1ab1
GET /?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fwww.hellosign.com&sandbox_redirect=false&locale=en HTTP/1.1
Host: consent.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Cookie: t=9H9bis6Vo3Je49Q-B8UFjikD; locale=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 854
date: Tue, 31 Jan 2023 04:22:03 GMT
last-modified: Tue, 06 Sep 2022 19:00:36 GMT
x-amz-version-id: jF1fSWiqtJx.5E0VeuXfyr4mbqFqvdbZ
etag: "dc63fb23d6563676b3090bae3f02ccde"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 620tjHMQdCKmfqQBDXLBYCyetyqfxYYZ6fMfsY7vXOG-5aFwGmdBlA==
age: 39734
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1743), with no line terminators
Hash ab262a9bb6f1280c3c36ed0ced90f3d5
e042e56c58964267c5ffada95c35cf17f9f844be
5a6ea549b05e1a0061529a1e08b3863a74f8ae84036353d6e24fac17583d689d
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1743
via: 1.1 google
date: Tue, 31 Jan 2023 14:26:45 GMT
age: 3451
last-modified: Tue, 24 Jan 2023 21:17:28 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1675178673388&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1675178673388&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=4551770&time=1675178673388&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4551770%26time%3D1675178673388%26url%3Dhttps%253A%252F%252Fwww.hellosign.com%252Fintegration%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIcdyrkPP5GMgAAAYYIbcI3_XdTQPYmEO50yCC3DZ77FztkAiN9plXhq8bErmMSv2NaKsfmhXeenA; Max-Age=2592000; Expires=Thu, 02 Mar 2023 15:24:16 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJaeeKHdtPZKwAAAYYIbcI3b6rK4EvqNX6fjhUkrS8RY1dcNyD6UedMJ0CEWFyRUABRPQtrWDtKjtfzETKPVQ; Max-Age=2592000; Expires=Thu, 02 Mar 2023 15:24:16 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&b4dc404d-1bb9-4f3b-89eb-3db779b1ed5c"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 31-Jan-2024 15:24:16 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2452:u=1:x=1:i=1675178656:t=1675265056:v=2:sig=AQF9TevbtR4tJsYcqPLzbN-VMGuVO_Oh"; Expires=Wed, 01 Feb 2023 15:24:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzkOy+ljSHCYR687bLqQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F82BDBDF16574AB6BE88E08A690ED41C Ref B: OSL30EDGE0507 Ref C: 2023-01-31T15:24:16Z
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 0
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1674595012490&_since=%221662044085942%22
35.241.9.150200 OK 4.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1674595012490&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (4318), with no line terminators
Hash d2da10d4238679967f2f1b3c1b9b23c4
975faf29a2f3f3e7033760e2dbcfaedacdf10df0
06f2f6e989845778d3804554769b028d9d95378aafbeffd125c1f977a64b82d3
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1674595012490&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 4318
via: 1.1 google
date: Tue, 31 Jan 2023 15:24:12 GMT
age: 4
last-modified: Tue, 24 Jan 2023 21:16:52 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 72383bcf75fd3f95b04c04f9b29e6f46
9af7454ba7e71364303c3b2fed36d96138acf802
145b07c9a17c643743a65915536b5c73e7a5bd00b689b1c411a32f3a56ff763d
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Tue, 31 Jan 2023 14:59:57 GMT
age: 1459
last-modified: Tue, 24 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Hash 813d4e664d5e77312ff4d33db52751ed
fc198a56a45d8ee8594c067bd17ba4f30569201e
2051a6f05a4a12e0b4a2c0772ab9b7773bdd4ce903c95b9976a9cb1dd1666719
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Tue, 31 Jan 2023 14:52:01 GMT
age: 1935
last-modified: Tue, 24 Jan 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4551770%26time%3D1675178673388%26url%3Dhttps%253A%252F%252Fwww.hellosign.com%252Fintegration%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4551770%26time%3D1675178673388%26url%3Dhttps%253A%252F%252Fwww.hellosign.com%252Fintegration%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4551770%26time%3D1675178673388%26url%3Dhttps%253A%252F%252Fwww.hellosign.com%252Fintegration%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1675178673388&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&84943f35-e0ff-4be0-880e-ec4378660f37"; Domain=.linkedin.com; Expires=Wed, 31-Jan-2024 15:24:16 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230131152416463bdf80-77bb-4086-8624-b9ab876d7b8aAQHps03LQfSIoZHQEkqtzfX9SHwT0Mod"; Domain=.www.linkedin.com; Expires=Wed, 31-Jan-2024 15:24:16 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzUxNzg2NTY7MjswMjHjUINEEWK2p19x9hRbYw2FTFBfq6FVBx34mgMj5NgEkQ==; Domain=.linkedin.com; Expires=Sun, 30 Jul 2023 15:24:16 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2452:u=1:x=1:i=1675178656:t=1675265056:v=2:sig=AQF9TevbtR4tJsYcqPLzbN-VMGuVO_Oh"; Expires=Wed, 01 Feb 2023 15:24:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzkOzBL0LlSQChgNx3Tw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8BD3CE8124624F61A5E4D55E50356F64 Ref B: OSL30EDGE0507 Ref C: 2023-01-31T15:24:16Z
date: Tue, 31 Jan 2023 15:24:15 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 856d0343a5a567d6174427ab0a31cdeb
f8d207cf27f4226a62cf8f811279a741becf4190
57ebde2dc354f92349ecda4d0094c655fe623266921f49c2c048731af66fbd91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Last-Modified: Tue, 31 Jan 2023 14:42:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
dpiprodesntls.112.2o7.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=B2AAF3C959275C660A495E7B%40AdobeOrg&mid=65911346883898861081074520847776845142&ts=1675178673842
15.236.125.10200 OK 2 B URL HTTP/2 dpiprodesntls.112.2o7.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=B2AAF3C959275C660A495E7B%40AdobeOrg&mid=65911346883898861081074520847776845142&ts=1675178673842
IP 15.236.125.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=B2AAF3C959275C660A495E7B%40AdobeOrg&mid=65911346883898861081074520847776845142&ts=1675178673842 HTTP/1.1
Host: dpiprodesntls.112.2o7.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.hellosign.com
access-control-allow-credentials: true
date: Tue, 31 Jan 2023 15:24:16 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dropbox.demdex.net/dest5.html?d_nsid=0
52.213.249.147200 OK 2.8 kB URL HTTP/1.1 dropbox.demdex.net/dest5.html?d_nsid=0
IP 52.213.249.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: dropbox.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 31 Jan 2023 15:24:18 GMT
DCS: dcs-prod-irl1-2-v045-0ebeee8d5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: gVK7jpTSRQU=
Content-Length: 2791
Connection: keep-alive
www.dropbox.com/pithos/privacy_consent_service
162.125.71.18307 Temporary Redirect 4.3 kB URL HTTP/2 www.dropbox.com/pithos/privacy_consent_service
IP 162.125.71.18:0
Hash 6ff08253a645ec6b3ac30f486beb17e6
4bc5b9268ac9c1ea5db0da2035e51e64f4193460
168eb44b090bd5da12d41df5094c5d684e46801cb14d3e543651fa394da869c0
GET /pithos/privacy_consent_service HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent.dropbox.com/
Connection: keep-alive
Cookie: gvc=MTQ4ODIxMjM1ODI3Mzg2OTMzMzY2OTQ3NTMwOTM4MzU2ODIxMjg2; t=9H9bis6Vo3Je49Q-B8UFjikD; __Host-js_csrf=9H9bis6Vo3Je49Q-B8UFjikD; locale=en; __Host-logged-out-session=ChDrWxUhzvWe25BSWg0+eHdZEJ%2Fl5J4GGi5BRnI1Y0p2QmtMdUc3OFJxQmJHenlmYVFhMXNpUFFNTWVwUjNNQ3BwZVV3N1Vn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache,no-cache, no-store
content-security-policy: sandbox
location: https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=9H9bis6Vo3Je49Q-B8UFjikD; Domain=dropbox.com; expires=Fri, 30 Jan 2026 15:24:16 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=9H9bis6Vo3Je49Q-B8UFjikD; expires=Fri, 30 Jan 2026 15:24:16 GMT; Path=/; SameSite=None; Secure
__Host-ss=Of8Y2nxBa0; expires=Fri, 30 Jan 2026 15:24:16 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 15:24:15 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 3b6da0ed484843f99ba2d073198ecd00
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 86cf818bffb8cb761f821e913e733777
375370821dbcce4c6dfd417d06aa4ba20aaa52c7
4eaed581a78493e17ebb7ac7d947de065e7cbe567ebc57f6d61ce967f1dd369a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=85770
Date: Tue, 31 Jan 2023 15:24:16 GMT
Etag: "63d7cd9e-1d7"
Expires: Wed, 01 Feb 2023 15:13:46 GMT
Last-Modified: Mon, 30 Jan 2023 14:01:02 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 90JIMgtIL4TfXIP6zIN1suMvhgMzitEdjdZa1iPwMZWHu7hTCiZQDQ==
Age: 4364
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f8ea24ecb6a19ffdd8ccbccc43eeb6b8
6ffba8f506cbf135ce001d1ab10aa88aae7eb738
29314c2367f53dbcad9155f39a5f71e9f1e70abfc36f0bb525ed1ee4a52428d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5076
Cache-Control: max-age=99445
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 15:24:16 GMT
Etag: "63d80041-1d7"
Expires: Wed, 01 Feb 2023 19:01:41 GMT
Last-Modified: Mon, 30 Jan 2023 17:37:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
cm.everesttech.net/cm/dd?d_uuid=66068347463977048421018143532348096320
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=66068347463977048421018143532348096320
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=66068347463977048421018143532348096320 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Tue, 31 Jan 2023 15:24:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y9kyoAAAANzqbgNx; Domain=.everesttech.net; Expires=Wed, 31-Jan-2024 15:24:16 GMT; Path=/
everest_session_v2=Y9kyoAAAANzqbwNx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9kyoAAAANzqbgNx
Server: AMO-cookiemap/1.1
px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1675178673388&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1675178673388&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=4551770&time=1675178673388&url=https%3A%2F%2Fwww.hellosign.com%2Fintegration&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&4d579c75-bd90-4925-842e-10336883b150"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 31-Jan-2024 15:24:16 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2480:u=1:x=1:i=1675178656:t=1675265056:v=2:sig=AQG6MPpyjtHKtcuCrTXHW4-M2w6L7kcx"; Expires=Wed, 01 Feb 2023 15:24:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzkOzHr45OMXpG7UGaeg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 53541C08AC074C45B8ADC601D955DA15 Ref B: OSL30EDGE0507 Ref C: 2023-01-31T15:24:16Z
date: Tue, 31 Jan 2023 15:24:16 GMT
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9kyoAAAANzqbgNx
34.251.47.116302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9kyoAAAANzqbgNx
IP 34.251.47.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9kyoAAAANzqbgNx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9kyoAAAANzqbgNx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=61231126126518797593443464506730821482; Max-Age=15552000; Expires=Sun, 30 Jul 2023 15:24:16 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yLUGV/FcTTY=
Content-Length: 0
Connection: keep-alive
dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.3/s9438584970962?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2015%3A24%3A34%202%200&sdid=6783222FBC8917D7-4A7B2318A69D0372&mid=65911346883898861081074520847776845142&aamlh=6&ce=UTF-8&ns=hellosign&cdp=2&pageName=www.hellosign.com%7Cintegration&g=https%3A%2F%2Fwww.hellosign.com%2Fintegration&c.&getPageName=4.2&getPercentPageViewed=5.0&p_fo=3.0&getPageLoadTime=2.0.1&getPreviousValue=3.0&getVisitDuration=2.1&inList=3.0&apl=4.0&getNewRepeat=3.0&getVisitNum=4.2&getTimeParting=6.3&getTimeSinceLastVisit=2.0&.c&cc=USD&server=www.hellosign.com&events=event14&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=en-US&v1=D%3Dg&c2=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&h2=www.hellosign.com%3Aintegration&c3=No%20Previous%20Page&v3=%2B1&c4=No%20Percent%20of%20Page%20Viewed&c5=first%20hit%20of%20visit&v5=New&c6=1280x1024&v6=1&v7=First%20Visit&v11=New%20Visitor&c12=8539dd15-d302-4800-ba0a-b8be9e8866fe&v13=01%2F31%2F2023&v14=65911346883898861081074520847776845142&v15=Visitor%20API%20Present&v16=www.hellosign.com&v17=%2Fintegration&c19=dpi.prod.esntls&c20=D%3DpageName&c23=www.hellosign.com%7C2.22.3%7C5.4.0%7CServer%20Side%20ID%7C2.8.0%7CUnknown%20DIL%20version&v23=D%3DpageName&c25=www.hellosign.com&v25=Not%20Found&v42=id%3A077-ZJT-858%26token%3A_mch-hellosign.com-1675178673470-16567&v46=0.7866496613164831_1675178674006&v55=0186086e02130001d508b18ce2f300050002500900918&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=B2AAF3C959275C660A495E7B%40AdobeOrg&AQE=1
15.236.125.10200 OK 43 B URL HTTP/2 dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.3/s9438584970962?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2015%3A24%3A34%202%200&sdid=6783222FBC8917D7-4A7B2318A69D0372&mid=65911346883898861081074520847776845142&aamlh=6&ce=UTF-8&ns=hellosign&cdp=2&pageName=www.hellosign.com%7Cintegration&g=https%3A%2F%2Fwww.hellosign.com%2Fintegration&c.&getPageName=4.2&getPercentPageViewed=5.0&p_fo=3.0&getPageLoadTime=2.0.1&getPreviousValue=3.0&getVisitDuration=2.1&inList=3.0&apl=4.0&getNewRepeat=3.0&getVisitNum=4.2&getTimeParting=6.3&getTimeSinceLastVisit=2.0&.c&cc=USD&server=www.hellosign.com&events=event14&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=en-US&v1=D%3Dg&c2=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&h2=www.hellosign.com%3Aintegration&c3=No%20Previous%20Page&v3=%2B1&c4=No%20Percent%20of%20Page%20Viewed&c5=first%20hit%20of%20visit&v5=New&c6=1280x1024&v6=1&v7=First%20Visit&v11=New%20Visitor&c12=8539dd15-d302-4800-ba0a-b8be9e8866fe&v13=01%2F31%2F2023&v14=65911346883898861081074520847776845142&v15=Visitor%20API%20Present&v16=www.hellosign.com&v17=%2Fintegration&c19=dpi.prod.esntls&c20=D%3DpageName&c23=www.hellosign.com%7C2.22.3%7C5.4.0%7CServer%20Side%20ID%7C2.8.0%7CUnknown%20DIL%20version&v23=D%3DpageName&c25=www.hellosign.com&v25=Not%20Found&v42=id%3A077-ZJT-858%26token%3A_mch-hellosign.com-1675178673470-16567&v46=0.7866496613164831_1675178674006&v55=0186086e02130001d508b18ce2f300050002500900918&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=B2AAF3C959275C660A495E7B%40AdobeOrg&AQE=1
IP 15.236.125.10:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/dpi.prod.esntls/1/JS-2.22.3/s9438584970962?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2015%3A24%3A34%202%200&sdid=6783222FBC8917D7-4A7B2318A69D0372&mid=65911346883898861081074520847776845142&aamlh=6&ce=UTF-8&ns=hellosign&cdp=2&pageName=www.hellosign.com%7Cintegration&g=https%3A%2F%2Fwww.hellosign.com%2Fintegration&c.&getPageName=4.2&getPercentPageViewed=5.0&p_fo=3.0&getPageLoadTime=2.0.1&getPreviousValue=3.0&getVisitDuration=2.1&inList=3.0&apl=4.0&getNewRepeat=3.0&getVisitNum=4.2&getTimeParting=6.3&getTimeSinceLastVisit=2.0&.c&cc=USD&server=www.hellosign.com&events=event14&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=en-US&v1=D%3Dg&c2=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&h2=www.hellosign.com%3Aintegration&c3=No%20Previous%20Page&v3=%2B1&c4=No%20Percent%20of%20Page%20Viewed&c5=first%20hit%20of%20visit&v5=New&c6=1280x1024&v6=1&v7=First%20Visit&v11=New%20Visitor&c12=8539dd15-d302-4800-ba0a-b8be9e8866fe&v13=01%2F31%2F2023&v14=65911346883898861081074520847776845142&v15=Visitor%20API%20Present&v16=www.hellosign.com&v17=%2Fintegration&c19=dpi.prod.esntls&c20=D%3DpageName&c23=www.hellosign.com%7C2.22.3%7C5.4.0%7CServer%20Side%20ID%7C2.8.0%7CUnknown%20DIL%20version&v23=D%3DpageName&c25=www.hellosign.com&v25=Not%20Found&v42=id%3A077-ZJT-858%26token%3A_mch-hellosign.com-1675178673470-16567&v46=0.7866496613164831_1675178674006&v55=0186086e02130001d508b18ce2f300050002500900918&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=B2AAF3C959275C660A495E7B%40AdobeOrg&AQE=1 HTTP/1.1
Host: dpiprodesntls.112.2o7.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Tue, 31 Jan 2023 15:24:16 GMT
expires: Mon, 30 Jan 2023 15:24:16 GMT
last-modified: Wed, 01 Feb 2023 15:24:16 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3597418772063617024-4619368358304693067
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
c.evidon.com/sitenotice/3401/dropbox/settings.js
23.32.100.208301 Moved Permanently 0 B URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settings.js
IP 23.32.100.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sitenotice/3401/dropbox/settings.js HTTP/1.1
Host: c.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent.dropbox.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js
date: Tue, 31 Jan 2023 15:24:16 GMT
vary: Origin
cache-control: max-age=432000, private;max-age=86400
access-control-max-age: 108000
access-control-allow-origin:
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
X-Firefox-Spdy: h2
c.evidon.com/sitenotice/3401/translations/en.js
23.32.100.208200 OK 6.4 kB URL HTTP/2 c.evidon.com/sitenotice/3401/translations/en.js
IP 23.32.100.208:0
File type ASCII text, with very long lines (41349), with no line terminators
Hash 7cdb0408336768c3c8697de7fe062fed
455d1237f3256aba83c5102b10212f8bc767bf22
f5c051f3693f6e0a92a0576bbdc74de8c243ec02c5232e49c919999fe1c79ece
GET /sitenotice/3401/translations/en.js HTTP/1.1
Host: c.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent.dropbox.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "92ddb3e3355b422d8513e225548bbf64:1664899591.798772"
last-modified: Tue, 04 Oct 2022 16:06:31 GMT
server: AkamaiNetStorage
content-encoding: gzip
expires: Thu, 02 Feb 2023 15:24:16 GMT
date: Tue, 31 Jan 2023 15:24:16 GMT
content-length: 6406
vary: Accept-Encoding, Origin
cache-control: max-age=172800, private;max-age=86400
access-control-max-age: 108000
access-control-allow-origin:
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
X-Firefox-Spdy: h2
c.evidon.com/sitenotice/3401/snthemes.js
23.32.100.208200 OK 5.7 kB URL HTTP/2 c.evidon.com/sitenotice/3401/snthemes.js
IP 23.32.100.208:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9a975aa3305c4011b3e07119d2376913
4545dc0986810ba851360f910219b34ce7c4446d
400f7ad9cb8378b5839d4f3449381d936f37fd0762f8507d283304c82068d122
GET /sitenotice/3401/snthemes.js HTTP/1.1
Host: c.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent.dropbox.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0e8f664fca39681028b4b07b5be34f2d:1659131785.898398"
last-modified: Fri, 29 Jul 2022 21:56:25 GMT
server: AkamaiNetStorage
content-encoding: gzip
expires: Thu, 02 Feb 2023 15:24:16 GMT
date: Tue, 31 Jan 2023 15:24:16 GMT
content-length: 5695
vary: Accept-Encoding, Origin
cache-control: max-age=172800, private;max-age=86400
access-control-max-age: 108000
access-control-allow-origin:
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
X-Firefox-Spdy: h2
c.evidon.com/sitenotice/evidon-sitenotice-tag.js
23.32.100.208200 OK 20 kB URL HTTP/2 c.evidon.com/sitenotice/evidon-sitenotice-tag.js
IP 23.32.100.208:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3b00a7ecdaf4bff1751456e89ce005f4
2645658a488474676e934af157bf2164f8edeb6b
b8fb30b4d1bdb4738bf563d499929ccdadda6a489d88faf959f40166268ed300
GET /sitenotice/evidon-sitenotice-tag.js HTTP/1.1
Host: c.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent.dropbox.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b9539a2e77d15a946ad29fbada55c14c:1671558610.191575"
last-modified: Tue, 20 Dec 2022 17:50:10 GMT
server: AkamaiNetStorage
content-encoding: gzip
expires: Thu, 02 Feb 2023 15:24:16 GMT
date: Tue, 31 Jan 2023 15:24:16 GMT
content-length: 19598
vary: Accept-Encoding, Origin
cache-control: max-age=172800, private;max-age=86400
access-control-max-age: 108000
access-control-allow-origin:
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
X-Firefox-Spdy: h2
lasteventf-tm.everesttech.net/?_les_imsOrgId=B2AAF3C959275C660A495E7B@AdobeOrg&_les_sdid=6783222FBC8917D7-4A7B2318A69D0372&_les_last_search_click=&_les_rsid=@@aa_report_suite@@&_les_mid=65911346883898861081074520847776845142&_les_url=https%3A%2F%2Fwww.hellosign.com%2Fintegration
151.101.2.49200 OK 0 B URL HTTP/2 lasteventf-tm.everesttech.net/?_les_imsOrgId=B2AAF3C959275C660A495E7B@AdobeOrg&_les_sdid=6783222FBC8917D7-4A7B2318A69D0372&_les_last_search_click=&_les_rsid=@@aa_report_suite@@&_les_mid=65911346883898861081074520847776845142&_les_url=https%3A%2F%2Fwww.hellosign.com%2Fintegration
IP 151.101.2.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?_les_imsOrgId=B2AAF3C959275C660A495E7B@AdobeOrg&_les_sdid=6783222FBC8917D7-4A7B2318A69D0372&_les_last_search_click=&_les_rsid=@@aa_report_suite@@&_les_mid=65911346883898861081074520847776845142&_les_url=https%3A%2F%2Fwww.hellosign.com%2Fintegration HTTP/1.1
Host: lasteventf-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Tue, 31 Jan 2023 15:24:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675178657.021218,VS0,VE0
content-type: text/plain
access-control-allow-credentials: true
access-control-allow-origin: https://www.hellosign.com
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9kyoAAAANzqbgNx
34.251.47.116200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9kyoAAAANzqbgNx
IP 34.251.47.116:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9kyoAAAANzqbgNx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-00960800d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: kEk7/e5cSJw=
Content-Length: 59
Connection: keep-alive
c.evidon.com/sitenotice/3401/dropbox/settingsV2.js
23.32.100.208200 OK 1.7 kB URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settingsV2.js
IP 23.32.100.208:0
File type ASCII text, with very long lines (5082), with no line terminators
Hash 181b62cb4ca1877b5952d8864d1ddb04
ebae59485369852733c2648e907227b2a7666bc5
425ce9a30e4efd92bce6af1d1c99a07a276691e091e66dccb9c50746a1830e0f
GET /sitenotice/3401/dropbox/settingsV2.js HTTP/1.1
Host: c.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent.dropbox.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7119db14253f426ac1ed52da3fd5d054:1662485692.434043"
last-modified: Tue, 06 Sep 2022 17:34:52 GMT
server: AkamaiNetStorage
content-encoding: gzip
expires: Thu, 02 Feb 2023 15:24:17 GMT
date: Tue, 31 Jan 2023 15:24:17 GMT
content-length: 1691
vary: Accept-Encoding, Origin
cache-control: max-age=172800, private;max-age=86400
access-control-max-age: 108000
access-control-allow-origin:
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
X-Firefox-Spdy: h2
c.evidon.com/sitenotice/evidon-banner.js
23.32.100.208200 OK 3.5 kB URL HTTP/2 c.evidon.com/sitenotice/evidon-banner.js
IP 23.32.100.208:0
File type ASCII text, with very long lines (12607), with no line terminators
Hash 304674456118422bd448366f7bb05879
c6549199a4fb419c05a3513238a89002307034b9
29f57f0aeee0a530b881df6908e653f58c6d570b05174b2e1a6bba2a75c4e068
GET /sitenotice/evidon-banner.js HTTP/1.1
Host: c.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://consent.dropbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "953f08dcce4b8af3f743056f673c8514:1671558610.744236"
last-modified: Tue, 20 Dec 2022 17:50:10 GMT
server: AkamaiNetStorage
content-encoding: gzip
expires: Thu, 02 Feb 2023 15:24:17 GMT
date: Tue, 31 Jan 2023 15:24:17 GMT
content-length: 3535
vary: Accept-Encoding, Origin
cache-control: max-age=172800, private;max-age=86400
access-control-max-age: 108000
access-control-allow-origin:
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
X-Firefox-Spdy: h2
077-zjt-858.mktoresp.com/webevents/visitWebPage?_mchNc=1675178673471&_mchCn=&_mchId=077-ZJT-858&_mchTk=_mch-hellosign.com-1675178673470-16567&_mchHo=www.hellosign.com&_mchPo=&_mchRu=%2Fintegration&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
192.28.147.68200 OK 28 B URL HTTP/1.1 077-zjt-858.mktoresp.com/webevents/visitWebPage?_mchNc=1675178673471&_mchCn=&_mchId=077-ZJT-858&_mchTk=_mch-hellosign.com-1675178673470-16567&_mchHo=www.hellosign.com&_mchPo=&_mchRu=%2Fintegration&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
IP 192.28.147.68:0
File type ASCII text, with no line terminators
Hash 9dafc521bd59955b4986f0fc3777f77a
5a572b4730d4a2bce2fa35597a0993c649f26c74
e4e90a7b8bacdfe395361149a9fd42f9192b68bdf1497e4454d0ab4c4917f746
POST /webevents/visitWebPage?_mchNc=1675178673471&_mchCn=&_mchId=077-ZJT-858&_mchTk=_mch-hellosign.com-1675178673470-16567&_mchHo=www.hellosign.com&_mchPo=&_mchRu=%2Fintegration&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp= HTTP/1.1
Host: 077-zjt-858.mktoresp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 31 Jan 2023 15:24:17 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: 47bfe418-512b-41d1-a3a6-175489f10dc1
Content-Encoding: gzip
Access-Control-Allow-Origin: *
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 711e853a200253c8956910d282e33eb3
4d9bccb4a8987e4674f8d6f9fcc2165c5e8c64aa
f2b1bf68b7ce62f781d12a35642d7916b4d9ac759748a57095a72d4f0ddfea08
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 15:24:17 GMT
Last-Modified: Tue, 31 Jan 2023 14:45:22 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6yoKdmBqUf9vuvXtDx-_1oPfZQyG6siHVS_UdLV0s2_gy5Mpse4ZTQ==
Age: 2335
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 711e853a200253c8956910d282e33eb3
4d9bccb4a8987e4674f8d6f9fcc2165c5e8c64aa
f2b1bf68b7ce62f781d12a35642d7916b4d9ac759748a57095a72d4f0ddfea08
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91122
Date: Tue, 31 Jan 2023 15:24:17 GMT
Etag: "63d7da51-1d7"
Expires: Wed, 01 Feb 2023 16:42:59 GMT
Last-Modified: Mon, 30 Jan 2023 14:55:13 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4shC_cgILW44N7PH--NZzzjCjsOsv-0b1Sw7WGkGt9aZ5dbjUyfnXA==
Age: 6466
l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0®ulationid=0®ulationconsenttypeid=1&d=https%3A%2F%2Fwww.hellosign.com%2F
3.208.81.236204 No Content 0 B URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0®ulationid=0®ulationconsenttypeid=1&d=https%3A%2F%2Fwww.hellosign.com%2F
IP 3.208.81.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/v3/3401/59514/1/1/2/2/104138?consent=0®ulationid=0®ulationconsenttypeid=1&d=https%3A%2F%2Fwww.hellosign.com%2F HTTP/1.1
Host: l.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://consent.dropbox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 31 Jan 2023 15:24:17 GMT
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0®ulationid=0®ulationconsenttypeid=1&d=https%3A%2F%2Fwww.hellosign.com%2F
3.208.81.236204 No Content 0 B URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0®ulationid=0®ulationconsenttypeid=1&d=https%3A%2F%2Fwww.hellosign.com%2F
IP 3.208.81.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/v3/3401/59514/1/4/2/2/104138?consent=0®ulationid=0®ulationconsenttypeid=1&d=https%3A%2F%2Fwww.hellosign.com%2F HTTP/1.1
Host: l.evidon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://consent.dropbox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 31 Jan 2023 15:24:17 GMT
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Taviraj:wght@400;500&display=swap&subset=latin,latin-ext
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Taviraj:wght@400;500&display=swap&subset=latin,latin-ext
IP 142.250.74.74:0
GET /css2?family=Taviraj:wght@400;500&display=swap&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 15:24:14 GMT
date: Tue, 31 Jan 2023 15:24:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.dropbox.com/pithos/host%3Awww.hellosign.com/privacy_consent
162.125.71.18200 OK 0 B URL HTTP/2 www.dropbox.com/pithos/host%3Awww.hellosign.com/privacy_consent
IP 162.125.71.18:0
GET /pithos/host%3Awww.hellosign.com/privacy_consent HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellosign.com/
Connection: keep-alive
Cookie: gvc=MTQ4ODIxMjM1ODI3Mzg2OTMzMzY2OTQ3NTMwOTM4MzU2ODIxMjg2; t=9H9bis6Vo3Je49Q-B8UFjikD; __Host-js_csrf=9H9bis6Vo3Je49Q-B8UFjikD; locale=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-cache, no-store
content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-9x0Xzz7hPQ6O0a7NO+yk' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-9x0Xzz7hPQ6O0a7NO+yk' 'nonce-hThE/MmBsfx9Ro5P1Kcz'
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=9H9bis6Vo3Je49Q-B8UFjikD; Domain=dropbox.com; expires=Fri, 30 Jan 2026 15:24:15 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=9H9bis6Vo3Je49Q-B8UFjikD; expires=Fri, 30 Jan 2026 15:24:15 GMT; Path=/; SameSite=None; Secure
__Host-ss=Of8Y2nxBa0; expires=Fri, 30 Jan 2026 15:24:15 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
__Host-logged-out-session=ChDrWxUhzvWe25BSWg0+eHdZEJ%2Fl5J4GGi5BRnI1Y0p2QmtMdUc3OFJxQmJHenlmYVFhMXNpUFFNTWVwUjNNQ3BwZVV3N1Vn; HttpOnly; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-server-response-time: 22
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=UTF-8
date: Tue, 31 Jan 2023 15:24:15 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: aa87ad1981ba4f539ace3e8602616fa6
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d40ffedb7ae_ISO.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d40ffedb7ae_ISO.svg
IP 54.230.111.7:0
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d40ffedb7ae_ISO.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 07 Jan 2023 07:58:24 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"ad1c06009cf4fd9dc4e565cbf32fa001"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Ag.KP2tgZIAF.N6mb6WCYxAucOaEFWAc
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 2100352
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jdBT8UXkVQzEusXlqdlbhTvOKg828h5q9miQSGmJsHvUDPHRN8KCRQ==
X-Firefox-Spdy: h2
info.hellosign.com/js/forms2/js/forms2.min.js
104.17.73.206200 OK 0 B URL HTTP/2 info.hellosign.com/js/forms2/js/forms2.min.js
IP 104.17.73.206:0
GET /js/forms2/js/forms2.min.js HTTP/1.1
Host: info.hellosign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 15:24:15 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 20:56:20 GMT
etag: "22289e-33e51-5f217594de500"
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2308
expires: Tue, 31 Jan 2023 19:24:15 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=_wUDkLZa_6IuhZYe7eHbhhbQo38t587Z2.XPUCso3dA-1675178655-0-AUP465xkihpvEVa6tkdYFPSH9rmOSAbQztTUYdBrC9H5Y039FNPRNJDXIMDxsbtyZihB+GYMP+exxiT+9JhL164=; path=/; expires=Tue, 31-Jan-23 15:54:15 GMT; domain=.info.hellosign.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 792374024f25b4ed-OSL
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0df6daedb368_HelloSign_DBXlogo_nospace.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0df6daedb368_HelloSign_DBXlogo_nospace.svg
IP 54.230.111.7:0
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0df6daedb368_HelloSign_DBXlogo_nospace.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 18 Jan 2023 02:39:09 GMT
last-modified: Mon, 20 Dec 2021 15:58:28 GMT
etag: W/"e0635955399a9e344975dfa7234c4df7"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: B8i7WRdoFLeq4EN_oGNcV_4DjeX9Vxqj
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1169106
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HcEE7kHDdGad38OKQidb97ErT-kGYQmrjMGKeYKMqGxxBHEpvY5xAw==
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/4551770/domain/hellosign.com/token
54.230.111.8200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/4551770/domain/hellosign.com/token
IP 54.230.111.8:0
GET /partner/4551770/domain/hellosign.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Tue, 31 Jan 2023 15:11:58 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L225X5xcgmmDPWF8iGXUjhR0SR4zokGaAejgu9-24JMYXnno18V28Q==
age: 738
X-Firefox-Spdy: h2
www.hellosign.com/integration
54.194.170.100404 Not Found 0 B URL HTTP/2 www.hellosign.com/integration
IP 54.194.170.100:0
GET /integration HTTP/1.1
Host: www.hellosign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Tue, 31 Jan 2023 15:24:14 GMT
content-type: text/html
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: W/"d43ec9091cc9316c633105e1ed8a1531"
last-modified: Fri, 27 Jan 2023 01:09:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-served-by: cache-iad-kjyo7100062-IAD, cache-dub4330-DUB
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675178654.413145,VS0,VE148
vary: Accept-Encoding,x-wf-forwarded-proto
x-cluster-name: eu-west-1-prod-edge-blue
X-Firefox-Spdy: h2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61c0a8113e6c0db0dcedae5a
54.230.245.223200 OK 0 B URL HTTP/2 d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61c0a8113e6c0db0dcedae5a
IP 54.230.245.223:0
GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=61c0a8113e6c0db0dcedae5a HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 31 Jan 2023 08:14:43 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
age: 68320
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5hwzMdPeVfnfYo5DEU-hOPi17cRtvU28EDhTHKJdHS8SaCjpte_sEw==
X-Firefox-Spdy: h2
reveal.clearbit.com/v1/companies/reveal?variable=reveal&authorization=pk_94abb29bd783b4657c3b3b489f932413
18.134.250.23200 OK 0 B URL HTTP/2 reveal.clearbit.com/v1/companies/reveal?variable=reveal&authorization=pk_94abb29bd783b4657c3b3b489f932413
IP 18.134.250.23:0
GET /v1/companies/reveal?variable=reveal&authorization=pk_94abb29bd783b4657c3b3b489f932413 HTTP/1.1
Host: reveal.clearbit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
x-api-version: 2018-03-28
x-account-id: 17b4044f-5593-4a13-8d0b-614be1b6d2c5
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 15:24:15 GMT
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0dc0a9edb7aa_Mastercard.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0dc0a9edb7aa_Mastercard.svg
IP 54.230.111.7:0
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0dc0a9edb7aa_Mastercard.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 12 Jan 2023 01:17:03 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"8b6bde9fc4527849a0ac6bcfdbed96eb"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Pj9aGIDJ2NjiE7UtYoACnRdK4ElK6OxJ
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1692432
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: teHEgwk0RXtzXQzAdgIkNmIIvR1xIhFSN38iUOv7ZfbKcvywf74QAA==
X-Firefox-Spdy: h2
dropboxinc.tt.omtrdc.net/rest/v1/delivery?client=dropboxinc&sessionId=7b25d8a3521149d59188e892d554eda5&version=2.8.0
54.77.201.84200 OK 0 B URL HTTP/2 dropboxinc.tt.omtrdc.net/rest/v1/delivery?client=dropboxinc&sessionId=7b25d8a3521149d59188e892d554eda5&version=2.8.0
IP 54.77.201.84:0
POST /rest/v1/delivery?client=dropboxinc&sessionId=7b25d8a3521149d59188e892d554eda5&version=2.8.0 HTTP/1.1
Host: dropboxinc.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1635
Origin: https://www.hellosign.com
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 15:24:16 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://www.hellosign.com
access-control-allow-credentials: true
x-request-id: d6797a34843237b58ef31e4e87bc9112
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
X-Firefox-Spdy: h2
assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d734fedb7ab_CPA.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d734fedb7ab_CPA.svg
IP 54.230.111.7:0
GET /61c0a8113e6c0db0dcedae5a/61c0a8113e6c0d734fedb7ab_CPA.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellosign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 14 Jan 2023 06:39:30 GMT
last-modified: Mon, 20 Dec 2021 15:58:47 GMT
etag: W/"61d783931c6058f48456a15b73a31f35"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 2ty52KA1gOQtgoSJbNA66ULSFH1_pq5V
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
age: 1500286
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: du1jThBplffmAoMrRDpzABPJz8NRkBfpWT2B2xNEEYx_L7WwjGbhxA==
X-Firefox-Spdy: h2