Report - mobsquad.docsend.com/view/s/v6kwimx5gk

Report Overview

Submitted URL
mobsquad.docsend.com/view/s/v6kwimx5gk
IP
52.20.78.240
ASN
#14618 AMAZON-AES
Submitted
2023-02-28 10:20:00
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
d5doxliz2zm8u.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	137 kB	54.230.245.97
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
www.dropbox.com	1994	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	17 kB	162.125.71.18
d.dropbox.com	1300	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.1 kB	162.125.7.20
l.evidon.com	8143	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	382 B	35.153.171.204
mobsquad.docsend.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	32 kB	3.232.242.170
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.88.63.243
widget.intercom.io	2417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	4.0 kB	54.230.111.95
js.intercomcdn.com	2440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	753 B	144 kB	54.230.111.118
ocsp.r2m02.amazontrust.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.0 kB	54.230.80.227
cfl.dropboxstatic.com	13598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	624 B	104.16.100.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	216.58.211.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	796 B	93.184.220.29
c.evidon.com	1097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	40 kB	23.32.100.208
api-iam.intercom.io	2892	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	980 B	3.7 kB	54.145.101.148
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	630 B	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
d2qvtfnm75xrxf.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	2.3 MB	143.204.42.185
consent.dropbox.com	27413	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	649 B	1.3 kB	143.204.55.68
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	943 B	54.230.245.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-28 10:19:49	high	162.125.71.18	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use
2023-02-28 10:19:51	high	162.125.7.20	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	mobsquad.docsend.com/view/s/v6kwimx5gk	4.1 kB	2023-03-14	2023-03-14
Pretty URL mobsquad.docsend.com/view/s/v6kwimx5gk IP 3.232.242.170 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:06:57 Last Seen2023-03-14 14:06:57 Times Seen1 Hash d5c8b040900bdbbcef941c1d2af9ec9c 83e633d7ecb726aa2f87ce046ab2648dd085e276 028265c2cc50be8497e56311ccfb7ad7eaa1afcc11e4601d8c7e91926208979c Loading...

	mobsquad.docsend.com/view/s/v6kwimx5gk	777 B	2023-03-07	2024-04-20
Pretty URL mobsquad.docsend.com/view/s/v6kwimx5gk IP 3.232.242.170 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-04-20 22:15:48 Times Seen487 Hash eed47e70bb30c26af1d2b05cb6cbb36e a6280e737500da85f94d5dd1b4bcf53e8ab7ebb6 33f828b1c1cc8d01a5365dda26f42257988e5ab755e9d1c9c06c8b650564b612 Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflkUW-u7.js	114 kB	2023-03-14	2023-03-14
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflkUW-u7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:24:58 Last Seen2023-03-14 16:07:02 Times Seen1 Hash 9145bebbbaec6810f3c366554936ef88 febb4c026272a5e244f13e47cdcd94541fe299af 4e1f58de635bd9618f317c1482f92da3766ce6ff9e8944d1f34bdc857f838ca0 Loading...

	c.evidon.com/sitenotice/3401/dropbox/settings.js	5.7 kB	2023-03-14	2023-04-02
Pretty URL c.evidon.com/sitenotice/3401/dropbox/settings.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:08:30 Last Seen2023-04-02 21:30:46 Times Seen66 Hash dcb013ce5f00abe84675f6343f644539 eaf1302710b93f286a640d04e80d04d67cee8a02 a15aeb744bf1016099ba1d237c3b6940b184ce7de278b87d8caa7e55226a2dd2 Loading...

	mobsquad.docsend.com/view/s/v6kwimx5gk	77 B	2023-03-12	2024-02-05
Pretty URL mobsquad.docsend.com/view/s/v6kwimx5gk IP 3.232.242.170 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:13:33 Last Seen2024-02-05 11:03:35 Times Seen37 Hash ad3a2eb5789d7523efb35897620d6712 5eb67afc82f0179bb3f98a0efdf34b87c267827f 2ebe1a24d5c6baafa871bb8f135b7a9f128451f0e06c673a5b20bd15ce3781d1 Loading...

	www.dropbox.com/pithos/privacy_consent_service	13 kB	2023-03-14	2023-03-14
Pretty URL www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18 ASN #19679 DROPBOX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:04:56 Last Seen2023-03-14 14:06:57 Times Seen1 Hash 15ace7be344a5ba6e6fd445e16fdf98d c435ff280a8c07484bc582c2da3d127bdab31c48 728a03cb551d17acdb414e4ff96a35033e439d4c6814b5836a050d37949da74a Loading...

	c.evidon.com/sitenotice/evidon-banner.js	13 kB	2023-03-09	2023-03-26
Pretty URL c.evidon.com/sitenotice/evidon-banner.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:10:59 Last Seen2023-03-26 13:12:38 Times Seen50 Hash 953f08dcce4b8af3f743056f673c8514 4e8acdae78b9b5f1c228cb28de23cca6ad5b3c4e f82f137e8e73611fa376c19abe5d768d8880cfce9082c8cb8a5819d3350bc881 Loading...

	c.evidon.com/sitenotice/evidon-sitenotice-tag.js	75 kB	2023-03-14	2023-03-14
Pretty URL c.evidon.com/sitenotice/evidon-sitenotice-tag.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:15:16 Last Seen2023-03-14 19:54:04 Times Seen1 Hash cb2105494dcc7cb6f8bc6c5d1426206f 4a736e5c0e7c31b457f57cc98509ef3264ff2d11 a44162c418c39ee0b59b03f61b64d683c44f55c9db294aa3203819b7ce8d77bb Loading...

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-7a10312517d58e959a0532c1fe7d2fc9797a55ac978e6292a5df8439ff3a879a.js	17 kB	2023-03-14	2023-03-14
Pretty URL d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-7a10312517d58e959a0532c1fe7d2fc9797a55ac978e6292a5df8439ff3a879a.js IP 143.204.42.185 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:49:43 Last Seen2023-03-14 14:26:50 Times Seen1 Hash 1b58372bb1b1d01b857195d3ddd8e65c f5ff920a3efaad9e56f1ddb6b1c7767153955b09 7a10312517d58e959a0532c1fe7d2fc9797a55ac978e6292a5df8439ff3a879a Loading...

	www.dropbox.com/pithos/privacy_consent	9.2 kB	2023-03-14	2023-03-14
Pretty URL www.dropbox.com/pithos/privacy_consent IP 162.125.71.18 ASN #19679 DROPBOX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:06:57 Last Seen2023-03-14 14:06:57 Times Seen1 Hash 94836ed2c6bc34f208fa3cee32b0f5f6 752c2ebeb4e01045cf5d8a437debc9fda90610b2 3efb8cd9ffbb319ad60383dc928385fc06d7df232011ca5a7ee2582c884228c0 Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflZTDgHZ.js	224 kB	2023-03-14	2023-03-14
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflZTDgHZ.js IP 104.16.100.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 00:09:22 Last Seen2023-03-14 14:34:13 Times Seen1 Hash 6530e01d9e50931a609ad1625db2b360 8986c54dcfe8e5524aefe9c924451a6cda752828 63e7e3fa1b76942b94aa3678b1e7ca562ffd4ab523564410802479e204df76ea Loading...

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-c20fb70cf9a2ff29b19e90e6e691c4fb5a97e72301aa06450d1bcdf8d83f4e13.js	7.1 MB	2023-03-14	2023-03-14
Pretty URL d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-c20fb70cf9a2ff29b19e90e6e691c4fb5a97e72301aa06450d1bcdf8d83f4e13.js IP 143.204.42.185 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:49:43 Last Seen2023-03-14 14:06:57 Times Seen1 Hash 9b1bd0f10aceacc28c9d8d9c5c6ce700 ee516e6e26c6cbb92bd1c663d5536334163f83f1 c20fb70cf9a2ff29b19e90e6e691c4fb5a97e72301aa06450d1bcdf8d83f4e13 Loading...

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fmobsquad.docsend.com&sandbox_redirect=false	569 B	2023-03-07	2023-04-05
Pretty URL consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fmobsquad.docsend.com&sandbox_redirect=false IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:27 Last Seen2023-04-05 02:11:39 Times Seen83 Hash 61b81b2411a67a89aad55835c4e864f2 623c4e487131583d402815eb75cfced9b694017d 929203495e37db6972ddc172e9664002093c6bb973da2ca7a5001c26d680d2de Loading...

	c.evidon.com/sitenotice/3401/snthemes.js	125 kB	2023-03-07	2023-04-02
Pretty URL c.evidon.com/sitenotice/3401/snthemes.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2023-04-02 21:30:48 Times Seen64 Hash 0e8f664fca39681028b4b07b5be34f2d 7298f430eb83f9116df80423cf956d09d0e6f8c4 4f71436a97288b116c8b61d62030fa6549acb42827ca7f7aeaacab78132190a8 Loading...

	c.evidon.com/sitenotice/3401/translations/en.js	43 kB	2023-03-14	2023-04-02
Pretty URL c.evidon.com/sitenotice/3401/translations/en.js IP 23.32.100.208 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:08:30 Last Seen2023-04-02 21:30:47 Times Seen66 Hash 657b6bb22752382cbdc4208cce7687cb b5eca88f80bab534624fbdd43c59522d25ea75bf 85856b6da83b941b434643e4558d1edc658cb46c69063c6aa770c7289ab4fa9b Loading...

	widget.intercom.io/widget/lv6lji7h	8.5 kB	2023-03-14	2023-03-14
Pretty URL widget.intercom.io/widget/lv6lji7h IP 54.230.111.95 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:06:57 Last Seen2023-03-14 14:09:27 Times Seen1 Hash 24ea39799707adf1eea2b8078a41f28b c68564732c69d8d73889f4ce9adc2f265e89611e 7eefbe26eabd984ecab4173dec9817d2321a1a8fb4ab279f67c943bb85496418 Loading...

	mobsquad.docsend.com/view/s/v6kwimx5gk	303 B	2023-03-13	2023-05-22
Pretty URL mobsquad.docsend.com/view/s/v6kwimx5gk IP 3.232.242.170 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:16:17 Last Seen2023-05-22 21:46:59 Times Seen88 Hash c4ba3ed09b1b5daa4f5669df1358fa6f ed09f1f1c6d2f8786e864ef84805732132ada42f 45b6408e534ecfd1ba65fa3d47b9de7614090e311914216653a59f305e94ffce Loading...

	mobsquad.docsend.com/view/s/v6kwimx5gk	31 B	2023-03-07	2024-04-20
Pretty URL mobsquad.docsend.com/view/s/v6kwimx5gk IP 3.232.242.170 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-04-20 22:15:48 Times Seen468 Hash 997bc267a126a1af0b147e52ee2274ec 283f5eea465445d4a02d6b006954adabe6ae86b1 f37819c0a8f3d5b4aefb1c1a91f921d9b7b5f9377e136614329bc495b993087a Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-25 07:59:17 Times Seen14298 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (71)

	URL	IP	Response	Size
	mobsquad.docsend.com/view/s/v6kwimx5gk	3.232.242.170	301 Moved Permanently	0 B
URL HTTP/1.1 mobsquad.docsend.com/view/s/v6kwimx5gk IP 3.232.242.170:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /view/s/v6kwimx5gk HTTP/1.1 Host: mobsquad.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:47 GMT Content-Type: text/html Transfer-Encoding: chunked Location: https://mobsquad.docsend.com/view/s/v6kwimx5gk Vary: Origin Via: 1.1 vegur`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash fa03c1ea82feaa081cf4094641ce1152 5c62e5281662a4010eb4cb45f3bd4bacae1c9153 7b72ac559134398cedcb17bbca3ea3e5467a05a7da769ee2f83f4f762af62918 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7B72AC559134398CEDCB17BBCA3EA3E5467A05A7DA769EE2F83F4F762AF62918" Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14915 Expires: Tue, 28 Feb 2023 14:28:23 GMT Date: Tue, 28 Feb 2023 10:19:48 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b44b6d7bebf34d0393567b22a63a93fa a1a85b268bc8073d8e4622ceb78b78a1b39af96a 4b69973af6e9c5a78d94e8661b08d9349176a515e7bfb3386b10ace4c6f1ae21 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4B69973AF6E9C5A78D94E8661B08D9349176A515E7BFB3386B10ACE4C6F1AE21" Last-Modified: Tue, 28 Feb 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13037 Expires: Tue, 28 Feb 2023 13:57:05 GMT Date: Tue, 28 Feb 2023 10:19:48 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 28 Feb 2023 10:08:02 GMT content-type: application/json age: 706 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1fc53096a9ed90534f34db55765fe755 00462323483a73d48261b8e8a0981bec58ef832a bcfb9a09fd0882661e1eddc5bde947142897dfe816d535ed2cbfb1aa34823bd7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BCFB9A09FD0882661E1EDDC5BDE947142897DFE816D535ED2CBFB1AA34823BD7" Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2169 Expires: Tue, 28 Feb 2023 10:55:57 GMT Date: Tue, 28 Feb 2023 10:19:48 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash b5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: VnYbUBdDWmXtvxA/KYOYBm0XJZJk7RD3BGXppUx5ZwSCwhGPwbEPDDlF+P8g9a33AueykBedukw= x-amz-request-id: G5M7QGX996TF7031 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 28 Feb 2023 10:14:31 GMT age: 317 last-modified: Sat, 18 Feb 2023 20:28:27 GMT etag: "b5ba6334e73496995e3e3a9ecd0eb323" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 28 Feb 2023 10:19:48 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 221db661ae9ef49ade2cc726d8850e1c 391f8ca716b320f122c5f9d99e16ffbffdf13856 ca676a91bb5946b49048eb884d8353bca303cf7bc99fb507e2e8c3225d24a5d4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 28 Feb 2023 10:19:48 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Fri, 24 Feb 2023 15:57:43 GMT Expires: Fri, 03 Mar 2023 15:57:42 GMT Etag: "391f8ca716b320f122c5f9d99e16ffbffdf13856" Cache-Control: max-age=278873,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7a086c8ac9081c02-OSL`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 28 Feb 2023 10:03:35 GMT age: 973 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a518b418b3b845c6c4f61b595d07d29e fa6b54344b3e4dfb5c6f16090825264152907bd6 b797e9b583b27d9c7288b67ecd1c8fc0da8a0ff8ac6d335f3d6e0bed653f2aed HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B797E9B583B27D9C7288B67ECD1C8FC0DA8A0FF8AC6D335F3D6E0BED653F2AED" Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14239 Expires: Tue, 28 Feb 2023 14:17:07 GMT Date: Tue, 28 Feb 2023 10:19:48 GMT Connection: keep-alive`

	mobsquad.docsend.com/view/s/v6kwimx5gk	3.232.242.170	200 OK	13 kB
URL HTTP/1.1 mobsquad.docsend.com/view/s/v6kwimx5gk IP 3.232.242.170:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4078) Size 13 kB (13214 bytes) Hash 8966cf55351eeaa6a648101800d1bbce 362758edbd95de37b8ba6786f3cd6fac8c6953a1 8cb9dbeefacd2cf7241fa96e2e00724cf8fd2273853ef960d1ef4252c82209f0 HTTP Headers `GET /view/s/v6kwimx5gk HTTP/1.1 Host: mobsquad.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:48 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"f0895c2e1032b542ac73cf08942697dc" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-VEVEy7WYMEMFsLL8JwkJtw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=xJ8gMOG%2BV6HbyE0JGb%2FnvmtOsmOH2j61PXzohCLosUVes2km5ls83L3C2A0zbLMp%2BWu2E%2FplYZ01ENCR%2BhazmMaQOcC9r4xMsz0yn5o%3D--zODzIdWdyKLsAUUg--fdUNQPouzpBSEvIoNNUjCQ%3D%3D; domain=.docsend.com; path=/; expires=Wed, 28 Feb 2024 10:19:48 GMT; SameSite=None; secure _dss_=4fb0683bffcf0833dc51b179fd5db052; domain=.docsend.com; path=/; secure; HttpOnly; SameSite=None X-Request-Id: c7fc7ca5-c390-49bf-afca-0fe2d4424194 X-Runtime: 0.356014 Vary: Accept-Encoding, Origin Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	push.services.mozilla.com/	52.88.63.243	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.88.63.243:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: GLgGaGlEQnxL+ohJAGnfsg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: OFoUtBRtv/FJvDj/YMAfgT4kxFg=`

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-089ee3fcb441f77ed904dc29b6ee06cd951e19219c0d26fbf4af29ef3239cb18.css	143.204.42.185	200 OK	23 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-089ee3fcb441f77ed904dc29b6ee06cd951e19219c0d26fbf4af29ef3239cb18.css IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 23 kB (23201 bytes) Hash 9a5bee58329b77929c1019a550d357c2 576560cfc65e12a13af8f00e808442b69ac4815a 1f0e90ec13db1b405bc34622452095f0ff62b5ab559a8e50077c3d3bd68a1d5c HTTP Headers `GET /assets/javascripts/presentation-089ee3fcb441f77ed904dc29b6ee06cd951e19219c0d26fbf4af29ef3239cb18.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Fri, 24 Feb 2023 17:27:27 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) Content-Encoding: br Date: Tue, 28 Feb 2023 04:06:47 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: -MsI2-3e9Ahr5Om2cU7PhzgFibHe2Z8yPqLn6sns29h-ae2Jsu4zww== Age: 28483

	d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css	143.204.42.185	200 OK	948 B
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type exported SGML document, ASCII text Size 948 B (948 bytes) Hash a7ace942f4f580ee5902c36fed888af9 ca1c01b03c6763b0f458af9eea82b8f00b430141 514da21f8d0805b785cf184f4beaa6bc62f6c6de58fd489f7d9f52e9087b62e0 HTTP Headers `GET /assets/ie_specific_hacks_v2.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 06:04:01 GMT Last-Modified: Mon, 27 Feb 2023 21:01:05 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: hIAYb9dg7XVC1ZZPKSS9QnNdWFj6ydXzYed8JeAvJbQHTHskAsyzWA== Age: 15348

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-7a10312517d58e959a0532c1fe7d2fc9797a55ac978e6292a5df8439ff3a879a.js	143.204.42.185	200 OK	5.0 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/langpacks/en-7a10312517d58e959a0532c1fe7d2fc9797a55ac978e6292a5df8439ff3a879a.js IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (16766) Size 5.0 kB (5015 bytes) Hash 2ce3e96eebf5f9b9878b3b7f988b980a ab564e170a78adb7fea9cb0ede89684d6906ce6d bec61cd7996fc17f316887ce8bd692d69ac61479c193855101ed5ff7e8702d06 HTTP Headers `GET /assets/javascripts/langpacks/en-7a10312517d58e959a0532c1fe7d2fc9797a55ac978e6292a5df8439ff3a879a.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Mon, 27 Feb 2023 21:49:45 GMT Last-Modified: Mon, 27 Feb 2023 20:20:16 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ALqtV_qnUU8VawaVYVf49FBRquZP62l2Tk4AMEPqDw2w9FJgUCYjmQ== Age: 45004

	d2qvtfnm75xrxf.cloudfront.net/assets/stylesheets/presentation-f65de2c1bb1c28992583e764e3ba6dd2e9eef9b64a51c0b4a0d8ddebcd2692a8.css	143.204.42.185	200 OK	103 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/stylesheets/presentation-f65de2c1bb1c28992583e764e3ba6dd2e9eef9b64a51c0b4a0d8ddebcd2692a8.css IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 103 kB (103038 bytes) Hash c03dce0f18141df2be9291eb89046dcb 3c5f343d013e241c702beca63e046240f7482030 413e25b6ea61b86000751a3b77da04484d485b090b3bca5f684c6c6f1a8ffdbd HTTP Headers `GET /assets/stylesheets/presentation-f65de2c1bb1c28992583e764e3ba6dd2e9eef9b64a51c0b4a0d8ddebcd2692a8.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Thu, 23 Feb 2023 18:42:14 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront) Content-Encoding: gzip Date: Mon, 27 Feb 2023 20:04:40 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: iOvpipNLFtO_dOwWYK-F0RyiVS0WczFEVHSI8G6w7YuiTFmTcmgn2w== Age: 51441

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6b1e856a0ebbdc1a22b0a9253398f992 e712ead8041d97b860f587501f7ba13d3e29cf53 937f7555179a0dcbab6da37e4e31598853e25e7dfd52edb1ea9a3f24611c779e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 28 Feb 2023 10:19:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash dab604c66d26c32d16fab15f3a36333b ca7b7a050309d9df586c4f0c218c95750e543cb6 04ef2bdc3c81486e82cc87903b57329673b527cee60cbedd688cefa63ad56653 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5532 Cache-Control: max-age=87575 Content-Type: application/ocsp-response Date: Tue, 28 Feb 2023 10:19:49 GMT Etag: "63fc72c0-1d7" Expires: Wed, 01 Mar 2023 10:39:24 GMT Last-Modified: Mon, 27 Feb 2023 09:07:12 GMT Server: ECS (ska/F6FD) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6b1e856a0ebbdc1a22b0a9253398f992 e712ead8041d97b860f587501f7ba13d3e29cf53 937f7555179a0dcbab6da37e4e31598853e25e7dfd52edb1ea9a3f24611c779e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 28 Feb 2023 10:19:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2	54.230.245.97	200 OK	43 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 IP 54.230.245.97:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 43308, version 1.66\012- data Size 43 kB (43308 bytes) Hash 93b6f18ec99bcb7c3fa7ea570a75e240 60b9e3062fe532cbc18b897fac542c56a03544c7 43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db HTTP Headers GET /assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 43308 Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:49 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) Vary: Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: XbN-PIaeCVYjOykNeJ3MNXpW5UF-n-cUlFCrOsSEPAQmR0DXtDdEgw==

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2	54.230.245.97	200 OK	46 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 IP 54.230.245.97:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 46188, version 1.66\012- data Size 46 kB (46188 bytes) Hash dfc5e24cbc1b134e0c00c61e84ec999a d3b1a8ef1d0f6f9162986479252570525719f203 b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3 HTTP Headers GET /assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 46188 Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:49 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) Vary: Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: xkoazeBD80Dz3gEimyzkRcDHX5uA_iYE-HwOnsWhY0hKT12ba3O4Tg==

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3832f6a88f40012d5b398e620abae7a7 1adf92bafe271660fc4582228137562c9f0da2db d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A" Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13456 Expires: Tue, 28 Feb 2023 14:04:06 GMT Date: Tue, 28 Feb 2023 10:19:50 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3832f6a88f40012d5b398e620abae7a7 1adf92bafe271660fc4582228137562c9f0da2db d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A" Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13456 Expires: Tue, 28 Feb 2023 14:04:06 GMT Date: Tue, 28 Feb 2023 10:19:50 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3832f6a88f40012d5b398e620abae7a7 1adf92bafe271660fc4582228137562c9f0da2db d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A" Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13456 Expires: Tue, 28 Feb 2023 14:04:06 GMT Date: Tue, 28 Feb 2023 10:19:50 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3832f6a88f40012d5b398e620abae7a7 1adf92bafe271660fc4582228137562c9f0da2db d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A" Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13456 Expires: Tue, 28 Feb 2023 14:04:06 GMT Date: Tue, 28 Feb 2023 10:19:50 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg	34.120.237.76	200 OK	9.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.1 kB (9093 bytes) Hash 2a5f3d376fe6a3a78a5d1fe136f962fb 3e9b03cc296e954d63526a4e7e75beea3130fc3b c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9093 x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Az9D3HqmoAMFeBQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0 x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: S8s54RJtScNtsl6uEFtBEHnTj4lb3l5xIWR96Kvr_SdwQQQMgSKNxA== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Feb 2023 21:44:19 GMT age: 45331 etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F697b9bc2-7dc0-4651-9c09-c5e279d30324.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F697b9bc2-7dc0-4651-9c09-c5e279d30324.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11106 bytes) Hash e586b2de9a9b1bfcb27339c626d987f3 3204937ce5df2ea3d1902d6528f02c5e338d0677 1580664a48e5e8f1394e63cc679ab89c784139cbfd80bab7e19146a9d8576b72 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F697b9bc2-7dc0-4651-9c09-c5e279d30324.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11106 x-amzn-requestid: f2ed08ef-ec47-4a51-853c-a4442638e406 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BBI8RGj0IAMF2Nw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63fd21e7-1a60225c5f6652b04ebf15d9;Sampled=0 x-amzn-remapped-date: Mon, 27 Feb 2023 21:34:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 4XrcjpvoA_sp31uI3sbz74ObTetsO1BRiPC2f_I7Cyi_TjVbOwUKKw== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Feb 2023 21:47:09 GMT age: 45161 etag: "3204937ce5df2ea3d1902d6528f02c5e338d0677" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496d9ca3-1298-4c86-b146-fbbf2f41a947.jpeg	34.120.237.76	200 OK	5.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496d9ca3-1298-4c86-b146-fbbf2f41a947.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.1 kB (5142 bytes) Hash 29ecdc1c9ef030ef78e15c53b9c38336 de02c427695429e312515460e33accd950b19d33 dbb40e4d9741045ea52337c9ae3e482702c975fded33599f3a20e7c6995c9090 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496d9ca3-1298-4c86-b146-fbbf2f41a947.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5142 x-amzn-requestid: 190b38bb-de7f-4bb3-8420-6e40bf210cc9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BBKa9FpgoAMF_sA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63fd2445-6d1eabaf42bfb0110a06bd71;Sampled=0 x-amzn-remapped-date: Mon, 27 Feb 2023 21:44:37 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: OZuxavT66pg-M2Jl41y4t9UL2RPqph2rBYmTliBijG7RAwqZJ83lkg== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Feb 2023 22:10:43 GMT age: 43747 etag: "de02c427695429e312515460e33accd950b19d33" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e02c64-639c-4f05-b3cf-20409c83958f.png	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e02c64-639c-4f05-b3cf-20409c83958f.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12560 bytes) Hash 9b3eea57a1e2f30ca653881fec23a469 5ef9a8b112a861f76f8e9535d5177b87d2b94101 45402417031fdbcfab70ff00418353fc13030b07dafab046c454cc2c8e59765f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e02c64-639c-4f05-b3cf-20409c83958f.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12560 x-amzn-requestid: 10e07436-1099-442a-ac5b-79cbc171f293 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BBI7eEHToAMFRcw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63fd21e2-2954354823c91c3977c1dad3;Sampled=0 x-amzn-remapped-date: Mon, 27 Feb 2023 21:34:26 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: pj1nymVrrN_9r2aeGJzV045cBAUYCtiSF3yv5cnaJ68M_AW2DNwqow== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Feb 2023 22:13:57 GMT age: 43553 etag: "5ef9a8b112a861f76f8e9535d5177b87d2b94101" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F105f07cf-6106-48d2-99c3-affa6c6e0a6d.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F105f07cf-6106-48d2-99c3-affa6c6e0a6d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9904 bytes) Hash 2d46291156ff3bdbd40f1d4a4c42e77f f2e79f97208b8fddcd63e7f70d59607ae05b8a13 90edb5cb98d0f66e25a3fe5d30f9687638b5e07550021e61710928f1404fee70 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F105f07cf-6106-48d2-99c3-affa6c6e0a6d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9904 x-amzn-requestid: ddc24735-aeb9-49ae-b8b0-bda5984f4b5e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: A_KFzER4oAMFhwg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63fc56f1-45af2bdd352680e743cc443b;Sampled=0 x-amzn-remapped-date: Mon, 27 Feb 2023 07:08:33 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: -KvF7-TyYsiHh8jf4gKMIz3WbnXHJUXl2rCyAxQAktRsFcJq-Saa_w== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Feb 2023 07:23:26 GMT age: 10584 etag: "f2e79f97208b8fddcd63e7f70d59607ae05b8a13" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3522243-5d97-4af8-b226-ab57b3bee6ce.jpeg	34.120.237.76	200 OK	5.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3522243-5d97-4af8-b226-ab57b3bee6ce.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.7 kB (5676 bytes) Hash 9c31845a0e9bfa6eefa096b10b1748e6 3ac78dbfb5e00eced4d80ead89637db5d5569b59 89da1434d398527a658be5746929afdc17064ea30d05b094b860557d101a2043 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3522243-5d97-4af8-b226-ab57b3bee6ce.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5676 x-amzn-requestid: c688d38f-fe89-4583-a61f-bd21fdc64325 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BBJiUGmboAMFWTw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63fd22db-17d51fe00701a6f13222bc9e;Sampled=0 x-amzn-remapped-date: Mon, 27 Feb 2023 21:38:35 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: s_upibi5k7u8Zwn4SsH_pwULbXvvkqlotySoutc4EZ21inzz0P1cMQ== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Feb 2023 22:13:33 GMT age: 43577 etag: "3ac78dbfb5e00eced4d80ead89637db5d5569b59" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-c20fb70cf9a2ff29b19e90e6e691c4fb5a97e72301aa06450d1bcdf8d83f4e13.js	143.204.42.185	200 OK	2.1 MB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/javascripts/presentation-c20fb70cf9a2ff29b19e90e6e691c4fb5a97e72301aa06450d1bcdf8d83f4e13.js IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (15729) Size 2.1 MB (2105503 bytes) Hash a880cb8fd85e2fb57836ac47e51d2dd1 d7279371bd238467d27756ebd40f630789654531 e57088281459122d806d00025ba86cbcafa8244e9dcbb1d93628d4e1724ab203 HTTP Headers `GET /assets/javascripts/presentation-c20fb70cf9a2ff29b19e90e6e691c4fb5a97e72301aa06450d1bcdf8d83f4e13.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:49 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Mon, 27 Feb 2023 21:21:22 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: v8dgwN5QEJWxbNBO8m3wxTTLeVEbau5_GYBogtDQx6kv2zfuuc9LaA==

	d5doxliz2zm8u.cloudfront.net/assets/content-text-ZM7DFLCS-9728840f3e10d5a96e4e61a0396463dc79b8f2596b664fc16ec34bd71fe37bad.svg	54.230.245.97	200 OK	544 B
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/content-text-ZM7DFLCS-9728840f3e10d5a96e4e61a0396463dc79b8f2596b664fc16ec34bd71fe37bad.svg IP 54.230.245.97:0 ASN #16509 AMAZON-02 File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (544), with no line terminators Size 544 B (544 bytes) Hash 59a660662ca48fef609650d3b44f63a4 8d4162a3f3cbf5bace151c366e33efb2f7ba21e6 9728840f3e10d5a96e4e61a0396463dc79b8f2596b664fc16ec34bd71fe37bad HTTP Headers `GET /assets/content-text-ZM7DFLCS-9728840f3e10d5a96e4e61a0396463dc79b8f2596b664fc16ec34bd71fe37bad.svg HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Content-Type: image/svg+xml Content-Length: 544 Connection: keep-alive Server: nginx Last-Modified: Fri, 16 Dec 2022 23:47:03 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) Date: Tue, 28 Feb 2023 05:31:16 GMT Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: kxSXHSYsVkVYOgNVIhYC-XV2I0-Hbd-f-RkxP6jlM1giw50GanuViw== Age: 17315`

	mobsquad.docsend.com/favicon-196x196.png	3.232.242.170	200 OK	4.1 kB
URL HTTP/1.1 mobsquad.docsend.com/favicon-196x196.png IP 3.232.242.170:0 ASN #14618 AMAZON-AES File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data Size 4.1 kB (4131 bytes) Hash 6664c3890e329c7609151e0081f5e7cb 6216d5de79d8b245676a86f8b862880837345e2a 8a5ec44c12b172efd970c30a7414ccb37bbb09a2932816826111dfa36509e568 HTTP Headers GET /favicon-196x196.png HTTP/1.1 Host: mobsquad.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/view/s/v6kwimx5gk Cookie: _v_=xJ8gMOG%2BV6HbyE0JGb%2FnvmtOsmOH2j61PXzohCLosUVes2km5ls83L3C2A0zbLMp%2BWu2E%2FplYZ01ENCR%2BhazmMaQOcC9r4xMsz0yn5o%3D--zODzIdWdyKLsAUUg--fdUNQPouzpBSEvIoNNUjCQ%3D%3D; _dss_=4fb0683bffcf0833dc51b179fd5db052 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:51 GMT Content-Type: image/png Content-Length: 4131 Last-Modified: Mon, 27 Feb 2023 21:01:05 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Vary: Origin Via: 1.1 vegur`

	mobsquad.docsend.com/favicon-16x16.png	3.232.242.170	200 OK	393 B
URL HTTP/1.1 mobsquad.docsend.com/favicon-16x16.png IP 3.232.242.170:0 ASN #14618 AMAZON-AES File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 393 B (393 bytes) Hash a8c678babc40c4ac6d8c70fc560094d4 66002c0719ddbd75c837f5a939689ea6df13b6dc a3a247c77537c4c4fd58b68212a30df836bd05efa48d280d9c20b187f7ef7fb1 HTTP Headers GET /favicon-16x16.png HTTP/1.1 Host: mobsquad.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/view/s/v6kwimx5gk Cookie: _v_=xJ8gMOG%2BV6HbyE0JGb%2FnvmtOsmOH2j61PXzohCLosUVes2km5ls83L3C2A0zbLMp%2BWu2E%2FplYZ01ENCR%2BhazmMaQOcC9r4xMsz0yn5o%3D--zODzIdWdyKLsAUUg--fdUNQPouzpBSEvIoNNUjCQ%3D%3D; _dss_=4fb0683bffcf0833dc51b179fd5db052 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:51 GMT Content-Type: image/png Content-Length: 393 Last-Modified: Mon, 27 Feb 2023 21:01:05 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Vary: Origin Via: 1.1 vegur`

	d2qvtfnm75xrxf.cloudfront.net/profile_pictures/d907a4af-2fbf-40c9-a698-d806d0e01040/4tzh1KvQpWAZvf8M9YQQ_Screen%20Shot%202018-02-08%20at%207.24.24%20PM.png	143.204.42.185	200 OK	5.5 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/profile_pictures/d907a4af-2fbf-40c9-a698-d806d0e01040/4tzh1KvQpWAZvf8M9YQQ_Screen%20Shot%202018-02-08%20at%207.24.24%20PM.png IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type PNG image data, 123 x 123, 8-bit/color RGBA, non-interlaced\012- data Size 5.5 kB (5535 bytes) Hash 619fb221a5cd29e17a876978b2829f46 c198b8371d8164c47feff1dc1417bbb9efd040b7 60ac13f62081c9c36386a591f5e239f7e04afb19e97cf9452b2a8bc6669e2449 HTTP Headers GET /profile_pictures/d907a4af-2fbf-40c9-a698-d806d0e01040/4tzh1KvQpWAZvf8M9YQQ_Screen%20Shot%202018-02-08%20at%207.24.24%20PM.png HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 5535 Connection: keep-alive Date: Tue, 28 Feb 2023 10:19:52 GMT Last-Modified: Tue, 13 Feb 2018 12:55:53 GMT ETag: "619fb221a5cd29e17a876978b2829f46" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ZYc7Ee3ETzkh0xYSDmgiLetkV6Wxm3Pna6rY9gkCsEUpxT2uMNZ2Rg==`

	d2qvtfnm75xrxf.cloudfront.net/companies%2Flogos%2F10271%2F85eae70f-dc4e-4364-adca-c144b8cebaff%2FTs8KvrBRmGVgmvbAocLh_mobquad-360x80_white.png?Expires=1677579648&Signature=jS9VvlFaJenuRrqkrIcLN5dFACGxlKMSDCfFfNpv8BXBWbayXA8reURKuNbJKveJKJsAfCG54iv-gKlHYsIUqx8SZmA6QuYhgFi9eDyLSoH9xM4v6pt4Od9cUgB2sp9F2RrmWZa0VjmVSa5Vt9omYehCTGylARs-N7lauAGiPj7ht0Vc1nONeQJKGyrA0EqPJMeaN7Fk-XD-xXjjNfYIE6TpHEwQcVizgPWSVwDTnAB~XCtaYmRuwh~TSca6~oLNAZz5Mc7nT1nv-RVU8LENBu-eZ-M3SpE58PmpOGUQMqB0BBGqJLSNBFdPM4EmrjWBoReWfi9ghZTdBy89UkiutQ__&Key-Pair-Id=K3IVFO0KFGPSF4	143.204.42.185	200 OK	4.8 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/companies%2Flogos%2F10271%2F85eae70f-dc4e-4364-adca-c144b8cebaff%2FTs8KvrBRmGVgmvbAocLh_mobquad-360x80_white.png?Expires=1677579648&Signature=jS9VvlFaJenuRrqkrIcLN5dFACGxlKMSDCfFfNpv8BXBWbayXA8reURKuNbJKveJKJsAfCG54iv-gKlHYsIUqx8SZmA6QuYhgFi9eDyLSoH9xM4v6pt4Od9cUgB2sp9F2RrmWZa0VjmVSa5Vt9omYehCTGylARs-N7lauAGiPj7ht0Vc1nONeQJKGyrA0EqPJMeaN7Fk-XD-xXjjNfYIE6TpHEwQcVizgPWSVwDTnAB~XCtaYmRuwh~TSca6~oLNAZz5Mc7nT1nv-RVU8LENBu-eZ-M3SpE58PmpOGUQMqB0BBGqJLSNBFdPM4EmrjWBoReWfi9ghZTdBy89UkiutQ__&Key-Pair-Id=K3IVFO0KFGPSF4 IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type PNG image data, 273 x 60, 8-bit gray+alpha, non-interlaced\012- data Size 4.8 kB (4819 bytes) Hash 304384ab8241ea503ab55929b675fedb 89053170a483b2dac664f4a448d1507d3327bdfa df9a535af484e88a36ad5ca89bd0f31ec520421a8ad5064dee26c1606add5b58 HTTP Headers GET /companies%2Flogos%2F10271%2F85eae70f-dc4e-4364-adca-c144b8cebaff%2FTs8KvrBRmGVgmvbAocLh_mobquad-360x80_white.png?Expires=1677579648&Signature=jS9VvlFaJenuRrqkrIcLN5dFACGxlKMSDCfFfNpv8BXBWbayXA8reURKuNbJKveJKJsAfCG54iv-gKlHYsIUqx8SZmA6QuYhgFi9eDyLSoH9xM4v6pt4Od9cUgB2sp9F2RrmWZa0VjmVSa5Vt9omYehCTGylARs-N7lauAGiPj7ht0Vc1nONeQJKGyrA0EqPJMeaN7Fk-XD-xXjjNfYIE6TpHEwQcVizgPWSVwDTnAB~XCtaYmRuwh~TSca6~oLNAZz5Mc7nT1nv-RVU8LENBu-eZ-M3SpE58PmpOGUQMqB0BBGqJLSNBFdPM4EmrjWBoReWfi9ghZTdBy89UkiutQ__&Key-Pair-Id=K3IVFO0KFGPSF4 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Content-Length: 4819 Connection: keep-alive Date: Tue, 28 Feb 2023 10:19:52 GMT Last-Modified: Sun, 11 Feb 2018 20:21:09 GMT ETag: "304384ab8241ea503ab55929b675fedb" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: QTtU_vXnchCp46EVulns5__0iumbTnSYaUPzuPTCY9murVay5tchpg==`

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4073 Origin: https://mobsquad.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-vP+AxOcC9IYxihKZG4rP' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-vP+AxOcC9IYxihKZG4rP' 'nonce-/sdwsQ8gHBQEbF5mQBeA' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MTIyNjA4NTQ5NTc0NTM1MTk0NzIwMDAxMzMwMTI3ODg5MjgzMTE%3D; expires=Sun, 27 Feb 2028 10:19:51 GMT; HttpOnly; Path=/; SameSite=None; Secure t=6YP2DUXpmoLtKYNou3vpOKRi; Domain=dropbox.com; expires=Fri, 27 Feb 2026 10:19:51 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=6YP2DUXpmoLtKYNou3vpOKRi; expires=Fri, 27 Feb 2026 10:19:51 GMT; Path=/; SameSite=None; Secure __Host-ss=ce-gkxH57o; expires=Fri, 27 Feb 2026 10:19:51 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 27 Feb 2028 10:19:51 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 28 Feb 2023 10:19:51 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 2e28783f57a04ec595725a544c414217 X-Firefox-Spdy: h2

	mobsquad.docsend.com/view/s/v6kwimx5gk/header_image	3.232.242.170	302 Found	550 B
URL HTTP/1.1 mobsquad.docsend.com/view/s/v6kwimx5gk/header_image IP 3.232.242.170:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document, ASCII text, with very long lines (645), with no line terminators Size 550 B (550 bytes) Hash 57341978b15cde5d7ccfec0da01afd23 108bf174252c1517c6d6931680f4b5924421edcb aea07c82fd9fd11e41ba82b01d215f776f08d3ade8c0c4975c9abe5935e4d2ee HTTP Headers GET /view/s/v6kwimx5gk/header_image HTTP/1.1 Host: mobsquad.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/view/s/v6kwimx5gk Cookie: _v_=xJ8gMOG%2BV6HbyE0JGb%2FnvmtOsmOH2j61PXzohCLosUVes2km5ls83L3C2A0zbLMp%2BWu2E%2FplYZ01ENCR%2BhazmMaQOcC9r4xMsz0yn5o%3D--zODzIdWdyKLsAUUg--fdUNQPouzpBSEvIoNNUjCQ%3D%3D; _dss_=4fb0683bffcf0833dc51b179fd5db052 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 302 Found Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:51 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Location: https://d2qvtfnm75xrxf.cloudfront.net/bundle_headers%2F1857ad52-f59c-496e-abe6-cb31870f9c8a%2FoIgZmU0KRkSkLhtuahgb_if-kids-in-third-grade-can-handle-coding-so-can-you.jpg?Expires=1677579651&Signature=aRB~31Ynlc~4AnaYJJ-zJxVfRa-rhzkGob6QxRwqvzYKDpb3JQDJXpbYao2rtnDa2~dH1Sn8HYe9F33spd54Fwb6YPkekf0aekTuTeO64ppxF-aQmhe25O0SorPkybLlr428vGYu1lPdmi-lS5fls4jd2V2xXyEk52OjrQ-1HOTu3Je6c01JV0YCW4EBFFIMjQGUKiO2znc6fTuGiU-c-buaHYtocMUvORoSGH60iFO8rREMM60X6HCTcsy8rVKqgTzPwECdLGk3TokB~VUpmuJ7PUIaXXAiANegOgpSeMicAPGgMIHHiP0hcFDIRVPQp2fCjGKc5NA9xTCOvwhHaQ__&Key-Pair-Id=K3IVFO0KFGPSF4 Cache-Control: no-cache Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-dHbAbXSuctD6yysgF4F3SQ=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=KtYmAyHad1qNegz76%2BHhEhibTd6FHXFMl2UQyyX6oJIzt50GQm9ulTYS5I5tfBD0i03bx7p7wm6eh0QZzFuDT%2Fla5XEqY7fITGiJYHA%3D--rNq5L2gWozOno8BZ--R4whvx7tK3ylsfxABR2zig%3D%3D; domain=.docsend.com; path=/; expires=Wed, 28 Feb 2024 10:19:51 GMT; SameSite=None; secure X-Request-Id: 06318d05-348a-41dc-80c5-a924c929e573 X-Runtime: 0.041925 Vary: Accept-Encoding, Origin Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4041 Origin: https://mobsquad.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-z2b8Vn/ROLVXEQvCI70Y' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-z2b8Vn/ROLVXEQvCI70Y' 'nonce-CdYFJbKsXpcDocv2bEMr' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MTA2MDA0MzM4MzY0ODE0OTg3NjI1MjEzODk5ODMxNTUxMTcxOTMz; expires=Sun, 27 Feb 2028 10:19:51 GMT; HttpOnly; Path=/; SameSite=None; Secure t=VMUWw173fQgOqQfTwXpTia4c; Domain=dropbox.com; expires=Fri, 27 Feb 2026 10:19:51 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=VMUWw173fQgOqQfTwXpTia4c; expires=Fri, 27 Feb 2026 10:19:51 GMT; Path=/; SameSite=None; Secure __Host-ss=PYrCte9x7Q; expires=Fri, 27 Feb 2026 10:19:51 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 27 Feb 2028 10:19:51 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 28 Feb 2023 10:19:51 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: b04a9bc21d7f446a9c9df5efa2c77410 X-Firefox-Spdy: h2

	mobsquad.docsend.com/metrics/events	3.232.242.170	204 No Content	0 B
URL HTTP/1.1 mobsquad.docsend.com/metrics/events IP 3.232.242.170:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/events HTTP/1.1 Host: mobsquad.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-data; boundary=---------------------------15945634587745012081879801688 Content-Length: 1085 Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://mobsquad.docsend.com/view/s/v6kwimx5gk Cookie: _v_=xJ8gMOG%2BV6HbyE0JGb%2FnvmtOsmOH2j61PXzohCLosUVes2km5ls83L3C2A0zbLMp%2BWu2E%2FplYZ01ENCR%2BhazmMaQOcC9r4xMsz0yn5o%3D--zODzIdWdyKLsAUUg--fdUNQPouzpBSEvIoNNUjCQ%3D%3D; _dss_=4fb0683bffcf0833dc51b179fd5db052 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:51 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-y9tIuIQrXZrN3bvxz4eOyw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: 2acb5815-039d-41e0-ab68-ff691df5841d X-Runtime: 0.015191 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Vary: Origin Via: 1.1 vegur

	mobsquad.docsend.com/metrics/properties	3.232.242.170	204 No Content	0 B
URL HTTP/1.1 mobsquad.docsend.com/metrics/properties IP 3.232.242.170:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/properties HTTP/1.1 Host: mobsquad.docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: ImyGL1W2X2YwQESVUv8TaFgfP+BWO+VW2P+UoqsYJn2fKXNNBg2mesHaqOpsSdjIqbb7AybpviFjNztZ55laCQ== X-Requested-With: XMLHttpRequest Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://mobsquad.docsend.com/view/s/v6kwimx5gk Cookie: _v_=KtYmAyHad1qNegz76%2BHhEhibTd6FHXFMl2UQyyX6oJIzt50GQm9ulTYS5I5tfBD0i03bx7p7wm6eh0QZzFuDT%2Fla5XEqY7fITGiJYHA%3D--rNq5L2gWozOno8BZ--R4whvx7tK3ylsfxABR2zig%3D%3D; _dss_=4fb0683bffcf0833dc51b179fd5db052 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Content-Length: 0 HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:51 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-NUF5Ob8sz+2vUGvjgrcI6g=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: faf607f1-5ddf-401a-8b69-d3685f4f951c X-Runtime: 0.013496 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Vary: Origin Via: 1.1 vegur

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fmobsquad.docsend.com&sandbox_redirect=false	143.204.55.68	200 OK	854 B
URL HTTP/2 consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fmobsquad.docsend.com&sandbox_redirect=false IP 143.204.55.68:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text Size 854 B (854 bytes) Hash dc63fb23d6563676b3090bae3f02ccde dd6c4202705f760dd5744caee7ccb31f703fc880 c8bce4b4bc1b212ffc445ae939680990a6f4b23eed318c8b9a7f1e21facd1ab1 HTTP Headers GET /?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fmobsquad.docsend.com&sandbox_redirect=false HTTP/1.1 Host: consent.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mobsquad.docsend.com/ Connection: keep-alive Cookie: t=qLv6Joya85aFcUkO2Qjy4DHE; locale=en Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/html content-length: 854 date: Tue, 28 Feb 2023 10:19:53 GMT last-modified: Tue, 06 Sep 2022 19:00:36 GMT x-amz-version-id: jF1fSWiqtJx.5E0VeuXfyr4mbqFqvdbZ etag: "dc63fb23d6563676b3090bae3f02ccde" server: AmazonS3 x-cache: Miss from cloudfront via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: lDg1Bcsn2YgMcviV6dkQZggWei7-vMZ1QpHaQZF6IOF4vh96I1Vs2Q== X-Firefox-Spdy: h2`

	d.dropbox.com/crashdash/proxy/sessions	162.125.7.20	200 OK	0 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.7.20:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Referer: https://mobsquad.docsend.com/ Origin: https://mobsquad.docsend.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods: POST access-control-allow-origin: * content-length: 0 date: Tue, 28 Feb 2023 10:19:52 GMT server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: b1216a9db6b3470e9b7758ee76821392 X-Firefox-Spdy: h2`

	d2qvtfnm75xrxf.cloudfront.net/bundle_headers%2F1857ad52-f59c-496e-abe6-cb31870f9c8a%2FoIgZmU0KRkSkLhtuahgb_if-kids-in-third-grade-can-handle-coding-so-can-you.jpg?Expires=1677579651&Signature=aRB~31Ynlc~4AnaYJJ-zJxVfRa-rhzkGob6QxRwqvzYKDpb3JQDJXpbYao2rtnDa2~dH1Sn8HYe9F33spd54Fwb6YPkekf0aekTuTeO64ppxF-aQmhe25O0SorPkybLlr428vGYu1lPdmi-lS5fls4jd2V2xXyEk52OjrQ-1HOTu3Je6c01JV0YCW4EBFFIMjQGUKiO2znc6fTuGiU-c-buaHYtocMUvORoSGH60iFO8rREMM60X6HCTcsy8rVKqgTzPwECdLGk3TokB~VUpmuJ7PUIaXXAiANegOgpSeMicAPGgMIHHiP0hcFDIRVPQp2fCjGKc5NA9xTCOvwhHaQ__&Key-Pair-Id=K3IVFO0KFGPSF4	143.204.42.185	200 OK	47 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/bundle_headers%2F1857ad52-f59c-496e-abe6-cb31870f9c8a%2FoIgZmU0KRkSkLhtuahgb_if-kids-in-third-grade-can-handle-coding-so-can-you.jpg?Expires=1677579651&Signature=aRB~31Ynlc~4AnaYJJ-zJxVfRa-rhzkGob6QxRwqvzYKDpb3JQDJXpbYao2rtnDa2~dH1Sn8HYe9F33spd54Fwb6YPkekf0aekTuTeO64ppxF-aQmhe25O0SorPkybLlr428vGYu1lPdmi-lS5fls4jd2V2xXyEk52OjrQ-1HOTu3Je6c01JV0YCW4EBFFIMjQGUKiO2znc6fTuGiU-c-buaHYtocMUvORoSGH60iFO8rREMM60X6HCTcsy8rVKqgTzPwECdLGk3TokB~VUpmuJ7PUIaXXAiANegOgpSeMicAPGgMIHHiP0hcFDIRVPQp2fCjGKc5NA9xTCOvwhHaQ__&Key-Pair-Id=K3IVFO0KFGPSF4 IP 143.204.42.185:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x400, components 3\012- data Size 47 kB (47170 bytes) Hash a48a8227799c6388bb79691518c9b2ae 7a6daa2920ebea0da24d13f8c8891efc813eab22 35e00c1e0ccf6be8a41860f450d01af79f16f4f2d9e36bdd07852f726574d5e6 HTTP Headers GET /bundle_headers%2F1857ad52-f59c-496e-abe6-cb31870f9c8a%2FoIgZmU0KRkSkLhtuahgb_if-kids-in-third-grade-can-handle-coding-so-can-you.jpg?Expires=1677579651&Signature=aRB~31Ynlc~4AnaYJJ-zJxVfRa-rhzkGob6QxRwqvzYKDpb3JQDJXpbYao2rtnDa2~dH1Sn8HYe9F33spd54Fwb6YPkekf0aekTuTeO64ppxF-aQmhe25O0SorPkybLlr428vGYu1lPdmi-lS5fls4jd2V2xXyEk52OjrQ-1HOTu3Je6c01JV0YCW4EBFFIMjQGUKiO2znc6fTuGiU-c-buaHYtocMUvORoSGH60iFO8rREMM60X6HCTcsy8rVKqgTzPwECdLGk3TokB~VUpmuJ7PUIaXXAiANegOgpSeMicAPGgMIHHiP0hcFDIRVPQp2fCjGKc5NA9xTCOvwhHaQ__&Key-Pair-Id=K3IVFO0KFGPSF4 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mobsquad.docsend.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 47170 Connection: keep-alive Date: Tue, 28 Feb 2023 10:19:53 GMT Last-Modified: Wed, 18 Apr 2018 00:57:48 GMT ETag: "a48a8227799c6388bb79691518c9b2ae" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: iFCqCl2ID_oUex5KdSxMA2DTVx6tJI-ZUjFdfVVjSvJ6QCPFYiTtNg==`

	d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2	54.230.245.97	200 OK	45 kB
URL HTTP/1.1 d5doxliz2zm8u.cloudfront.net/assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2 IP 54.230.245.97:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 45008, version 1.66\012- data Size 45 kB (45008 bytes) Hash 38846f0a3b6bb0b9d1b4f21b61e57c54 8893fa19d5550ae165dcdee85935d67677e5888d 39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff HTTP Headers GET /assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2 HTTP/1.1 Host: d5doxliz2zm8u.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 45008 Connection: keep-alive Server: nginx Date: Tue, 28 Feb 2023 10:19:52 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 06 Dec 2022 19:39:39 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) Vary: Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: zaBvITH3ruFxKIME_u_DkpDE4zqAl9xikHZyUCRizi7T_WYD7iEyhg==

	d.dropbox.com/crashdash/proxy/sessions	162.125.7.20	202 Accepted	21 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.7.20:0 ASN #19679 DROPBOX File type JSON data\012- , ASCII text, with no line terminators Size 21 B (21 bytes) Hash 1807ffa1d44e667592a0f91c668ba65b 4d48849fa0f6917c9c57ed958680e9a1e722382b 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a HTTP Headers POST /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Bugsnag-Api-Key: 0bca6a0a-c303-4b27-84cb-60ebe421858a Bugsnag-Payload-Version: 1 Bugsnag-Sent-At: 2023-02-28T10:19:51.428Z Content-Length: 549 Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 202 Accepted access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 bugsnag-session-uuid: 1679e643-4494-45a1-9c2d-8fa9633b0409 content-security-policy: sandbox; default-src 'none'; frame-ancestors 'none' content-type: application/json date: Tue, 28 Feb 2023 10:19:52 GMT referrer-policy: strict-origin-when-cross-origin via: 1.1 google x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 21 server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: 43041f3da0ad4b4f9627f59d112ba299 X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/snthemes.js	23.32.100.208	200 OK	5.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/snthemes.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (65536), with no line terminators Size 5.7 kB (5695 bytes) Hash 9a975aa3305c4011b3e07119d2376913 4545dc0986810ba851360f910219b34ce7c4446d 400f7ad9cb8378b5839d4f3449381d936f37fd0762f8507d283304c82068d122 HTTP Headers `GET /sitenotice/3401/snthemes.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "0e8f664fca39681028b4b07b5be34f2d:1659131785.898398" last-modified: Fri, 29 Jul 2022 21:56:25 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Mar 2023 10:19:52 GMT date: Tue, 28 Feb 2023 10:19:52 GMT content-length: 5695 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/dropbox/settings.js	23.32.100.208	301 Moved Permanently	0 B
URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settings.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /sitenotice/3401/dropbox/settings.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 301 Moved Permanently server: AkamaiGHost content-length: 0 location: https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js date: Tue, 28 Feb 2023 10:19:52 GMT vary: Origin cache-control: max-age=432000, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2`

	c.evidon.com/sitenotice/3401/translations/en.js	23.32.100.208	200 OK	6.6 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/translations/en.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (42787), with no line terminators Size 6.6 kB (6584 bytes) Hash c5d467fd5818f85d5066106b4acb1056 c8302ad096a473b1cf2f3a46a6e5e2e0fbc7022a af64972f1271bbf13e0186512d3f4740628b523b82f56c23ac33f3546a54e5b5 HTTP Headers `GET /sitenotice/3401/translations/en.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "657b6bb22752382cbdc4208cce7687cb:1677001491.712443" last-modified: Tue, 21 Feb 2023 17:44:51 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Mar 2023 10:19:52 GMT date: Tue, 28 Feb 2023 10:19:52 GMT content-length: 6584 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/evidon-sitenotice-tag.js	23.32.100.208	200 OK	20 kB
URL HTTP/2 c.evidon.com/sitenotice/evidon-sitenotice-tag.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (65536), with no line terminators Size 20 kB (19643 bytes) Hash 21dbd750fcdb23e531678708616a9efa c9c3cb1f886dc50a9b1b8d7078728da6ce32831b b8c0b54d49f74675c9b5181e022604eda3f441b10e33c2acf38e7f26b9e5dd14 HTTP Headers `GET /sitenotice/evidon-sitenotice-tag.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "cb2105494dcc7cb6f8bc6c5d1426206f:1677004064.187755" last-modified: Tue, 21 Feb 2023 18:27:44 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Mar 2023 10:19:52 GMT date: Tue, 28 Feb 2023 10:19:52 GMT content-length: 19643 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/dropbox/settingsV2.js	23.32.100.208	200 OK	1.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settingsV2.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (5665), with no line terminators Size 1.7 kB (1739 bytes) Hash 9fc9edffc1f73630f77b4929bb120dcb 9e38c6ea96581cfcb3a147cc9bdae7b5a90dd11f 9680d501bfe65dd0e8823eadb470617005def411de6be197642edfa2c794e404 HTTP Headers `GET /sitenotice/3401/dropbox/settingsV2.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "dcb013ce5f00abe84675f6343f644539:1677001492.000343" last-modified: Tue, 21 Feb 2023 17:44:51 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Mar 2023 10:19:52 GMT date: Tue, 28 Feb 2023 10:19:52 GMT content-length: 1739 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4073 Origin: https://mobsquad.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-yycOg063pXRabuvU48jP' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-yycOg063pXRabuvU48jP' 'nonce-sm4qIoQfuCjmfZR5XzPD' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MjU5NzM0MTQzNjc1ODYyMjIxNzU5NTgwMTcxMTk0MDk1ODU3NDE%3D; expires=Sun, 27 Feb 2028 10:19:52 GMT; HttpOnly; Path=/; SameSite=None; Secure t=epPVjfw-AnDPHDqT3u2H5Y9G; Domain=dropbox.com; expires=Fri, 27 Feb 2026 10:19:52 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=epPVjfw-AnDPHDqT3u2H5Y9G; expires=Fri, 27 Feb 2026 10:19:52 GMT; Path=/; SameSite=None; Secure __Host-ss=KykC-iqD1o; expires=Fri, 27 Feb 2026 10:19:52 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 27 Feb 2028 10:19:52 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 28 Feb 2023 10:19:52 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 28d002f5dd4e4a9d830f2df9996d1247 X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/evidon-banner.js	23.32.100.208	200 OK	3.5 kB
URL HTTP/2 c.evidon.com/sitenotice/evidon-banner.js IP 23.32.100.208:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (12607), with no line terminators Size 3.5 kB (3535 bytes) Hash 304674456118422bd448366f7bb05879 c6549199a4fb419c05a3513238a89002307034b9 29f57f0aeee0a530b881df6908e653f58c6d570b05174b2e1a6bba2a75c4e068 HTTP Headers `GET /sitenotice/evidon-banner.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "953f08dcce4b8af3f743056f673c8514:1677004064.749361" last-modified: Tue, 21 Feb 2023 18:27:44 GMT server: AkamaiNetStorage content-encoding: gzip expires: Thu, 02 Mar 2023 10:19:52 GMT date: Tue, 28 Feb 2023 10:19:52 GMT content-length: 3535 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 6b2e5f1ea0a61821fb461c582a20806d c298bac10ccfe70fff5d98d0cbcb316f8b7f41c1 422bd4a0c2b24456c6edd6840601bbfd6188a34fc7b817ca918470266a9ea0b3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=129426 Date: Tue, 28 Feb 2023 10:19:53 GMT Etag: "63fd1890-1d7" Expires: Wed, 01 Mar 2023 22:16:59 GMT Last-Modified: Mon, 27 Feb 2023 20:54:40 GMT Server: ECS (nyb/1D17) X-Cache: Miss from cloudfront Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: L4eSX_2VDEiTtzPrYsC0dbg6sDKZFOEkO9FKUmaTUJ_Vb2vsnWVgQA== Age: 4939

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 6b2e5f1ea0a61821fb461c582a20806d c298bac10ccfe70fff5d98d0cbcb316f8b7f41c1 422bd4a0c2b24456c6edd6840601bbfd6188a34fc7b817ca918470266a9ea0b3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=129376 Date: Tue, 28 Feb 2023 10:19:53 GMT Etag: "63fd1890-1d7" Expires: Wed, 01 Mar 2023 22:16:09 GMT Last-Modified: Mon, 27 Feb 2023 20:54:40 GMT Server: ECS (nyb/1D11) X-Cache: Miss from cloudfront Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: g8rF3INNitbIZ92Dt6nAiVS8XdBtYIJaJPrhjJioFykD_QgAAHHTGQ== Age: 4889

	l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://mobsquad.docsend.com/	35.153.171.204	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://mobsquad.docsend.com/ IP 35.153.171.204:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://mobsquad.docsend.com/ HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Tue, 28 Feb 2023 10:19:53 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://mobsquad.docsend.com/	35.153.171.204	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://mobsquad.docsend.com/ IP 35.153.171.204:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://mobsquad.docsend.com/ HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Tue, 28 Feb 2023 10:19:53 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	widget.intercom.io/widget/lv6lji7h	54.230.111.95	200 OK	3.3 kB
URL HTTP/2 widget.intercom.io/widget/lv6lji7h IP 54.230.111.95:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8520), with no line terminators Size 3.3 kB (3260 bytes) Hash 2ef5ee6723d61f51484f903f99a0415d cd28194b8f3a05785656acc0fc28523547efc8fb cc04d3bc0fab8344fc10f1778450520507eadac2849402eea3f4a84e670066c8 HTTP Headers `GET /widget/lv6lji7h HTTP/1.1 Host: widget.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 3260 last-modified: Tue, 28 Feb 2023 09:51:59 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: E.P8V1Fze7KO1vHIsU45DXCVl6ErYHUn accept-ranges: bytes server: AmazonS3 date: Tue, 28 Feb 2023 10:07:30 GMT cache-control: max-age=900, s-maxage=900, public etag: "2ef5ee6723d61f51484f903f99a0415d" x-cache: Error from cloudfront via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: SNrhHtvpw-kvusr6OWVqCXg3PDY6bR-9oLDWofXq94QiFHzlZRQDlw== age: 756 vary: Accept-Encoding, Origin X-Firefox-Spdy: h2

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash ecf70bad94fadad945038d6453b5f00e f1dc4d6cc5bbff4c4da5545b87d12c3140a6099b ec0e41f2a22294e698b45803ea0e46cc8ec54f2e1030c5e6e26f6cd3e66341d9 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=161856 Date: Tue, 28 Feb 2023 10:19:53 GMT Etag: "63fd99e8-1d7" Expires: Thu, 02 Mar 2023 07:17:29 GMT Last-Modified: Tue, 28 Feb 2023 06:06:32 GMT Server: ECS (bsa/EB11) X-Cache: Miss from cloudfront Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: Y64lIzf2BGW-zoWk7ybiqL_T8AkPjeoWV2UelNg5usHQJ0BOv1wjjQ== Age: 4257

	js.intercomcdn.com/frame.b8a5c4cd.js	54.230.111.118	200 OK	142 kB
URL HTTP/2 js.intercomcdn.com/frame.b8a5c4cd.js IP 54.230.111.118:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 142 kB (141979 bytes) Hash d06c7105d7100cb7a5760c9cddc6867d e0c4d61639a295571b973f7b386e4edc31e143d7 0647a171f6a5f408b0f31bd74d5bf996dadb743101826c17e8c509d1f82c0daf HTTP Headers `GET /frame.b8a5c4cd.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 141979 date: Tue, 28 Feb 2023 09:52:19 GMT last-modified: Tue, 28 Feb 2023 09:50:04 GMT etag: "d06c7105d7100cb7a5760c9cddc6867d" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000, s-maxage=7200, public content-encoding: gzip x-amz-version-id: JPuC6Jqyt.KqDNxvZ9oZnz5ywJS4bRVb accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: FduG9DYfjzGU5GOZJo_jwEmEUr02qEHPQinTgQ-GZNgbHD0yvArC3A== age: 1655 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.110	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.110:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 848cf9cbd1d01dfdf38996295f09cebb 9c88d1c23e71a40729d77db26df132ab4da8ac58 866f870bf0f8c4e40f0c412336a66b362a39546c11672d8535f1d7dcbb00b285 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Tue, 28 Feb 2023 10:19:53 GMT Last-Modified: Tue, 28 Feb 2023 10:16:32 GMT Server: ECS (nyb/1D24) X-Cache: Miss from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: z71t347cfGol_A3Nx_U22HYaL9Yl_5ISAHhqq43LEPlN7-fw4N-3Tw== Age: 201`

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4073 Origin: https://mobsquad.docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-G9vGVsIfg5AfvvypfAYs' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-G9vGVsIfg5AfvvypfAYs' 'nonce-wn3VVaVWhxBtLojR7Rgu' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MTY5NTA5Mjk4ODc4NzQ4NTQ5NzY0MTM2OTI3Mjk2OTEyNzg3NjQ5; expires=Sun, 27 Feb 2028 10:19:54 GMT; HttpOnly; Path=/; SameSite=None; Secure t=EwR85bXlpfPXwCTXGQV0PXio; Domain=dropbox.com; expires=Fri, 27 Feb 2026 10:19:54 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=EwR85bXlpfPXwCTXGQV0PXio; expires=Fri, 27 Feb 2026 10:19:54 GMT; Path=/; SameSite=None; Secure __Host-ss=g7wYYssBRk; expires=Fri, 27 Feb 2026 10:19:54 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 27 Feb 2028 10:19:54 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Tue, 28 Feb 2023 10:19:54 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: cd33d7f0c47f4ea987818ca48fa63c58 X-Firefox-Spdy: h2

	api-iam.intercom.io/messenger/web/ping	54.145.101.148	200 OK	1.8 kB
URL HTTP/2 api-iam.intercom.io/messenger/web/ping IP 54.145.101.148:0 ASN #14618 AMAZON-AES File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4335), with no line terminators Size 1.8 kB (1779 bytes) Hash ac20bb59aa0becf47b8666c57028093f 9ce5f0558c3554c3733ba91b5071db1f468cc4e1 8864208af38f24e988f5454ff8f736c3f6e8d62d86771e1fe312758881554081 HTTP Headers `POST /messenger/web/ping HTTP/1.1 Host: api-iam.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 361 Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 28 Feb 2023 10:19:54 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate x-ratelimit-limit: 13333 x-ratelimit-reset: 1677579600 strict-transport-security: max-age=31556952; includeSubDomains; preload x-ratelimit-remaining: 13307 access-control-allow-origin: https://mobsquad.docsend.com vary: Accept,Accept-Encoding x-intercom-version: 24fca5ab8075181bf515b5343581f8dfbbca1209 x-xss-protection: 1; mode=block content-encoding: gzip x-request-id: 0004eeuprl2s70lro3r0 access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA access-control-allow-credentials: true access-control-allow-methods: POST, GET, OPTIONS etag: W/"c875f38c6fe366c5a601008101a532a6" x-runtime: 0.356944 x-frame-options: SAMEORIGIN x-content-type-options: nosniff server: nginx x-ami-version: ami-0a9c6b4ceb8ee8995 X-Firefox-Spdy: h2

	www.dropbox.com/pithos/privacy_consent_service	162.125.71.18	307 Temporary Redirect	0 B
URL HTTP/2 www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers GET /pithos/privacy_consent_service HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Cookie: gvc=MzIyMjkzNzkwMzk5MDE0OTMzODYwNjc5NDIzMzQ5MDcwMzE3ODc5; t=qLv6Joya85aFcUkO2Qjy4DHE; __Host-js_csrf=qLv6Joya85aFcUkO2Qjy4DHE; locale=en; __Host-logged-out-session=ChA645nwi%2F3wCdA8fvIePq2YEMWq958GGi5BRjE1V0xhMFRjaVBQdWVXS1ZjV3dVQzg5TVZUM09kTlowMkdRUXBxLUROQVlB Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 307 Temporary Redirect content-security-policy: sandbox location: https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service referrer-policy: strict-origin-when-cross-origin set-cookie: t=qLv6Joya85aFcUkO2Qjy4DHE; Domain=dropbox.com; expires=Fri, 27 Feb 2026 10:19:52 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=qLv6Joya85aFcUkO2Qjy4DHE; expires=Fri, 27 Feb 2026 10:19:52 GMT; Path=/; SameSite=None; Secure __Host-ss=1u4BuwydVE; expires=Fri, 27 Feb 2026 10:19:52 GMT; HttpOnly; Path=/; SameSite=Strict; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/html; charset=utf-8 date: Tue, 28 Feb 2023 10:19:51 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 2e22fc538c67498681527dae7a525320 X-Firefox-Spdy: h2

	www.dropbox.com/pithos/host%3Amobsquad.docsend.com/privacy_consent	162.125.71.18	200 OK	0 B
URL HTTP/2 www.dropbox.com/pithos/host%3Amobsquad.docsend.com/privacy_consent IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers GET /pithos/host%3Amobsquad.docsend.com/privacy_consent HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mobsquad.docsend.com/ Connection: keep-alive Cookie: gvc=MzIyMjkzNzkwMzk5MDE0OTMzODYwNjc5NDIzMzQ5MDcwMzE3ODc5; t=qLv6Joya85aFcUkO2Qjy4DHE; __Host-js_csrf=qLv6Joya85aFcUkO2Qjy4DHE; locale=en Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-OmRxn1pc7v4sJtM6FT9W' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-OmRxn1pc7v4sJtM6FT9W' 'nonce-dmF3awMv3ppSgF4dCo8P' referrer-policy: strict-origin-when-cross-origin set-cookie: t=qLv6Joya85aFcUkO2Qjy4DHE; Domain=dropbox.com; expires=Fri, 27 Feb 2026 10:19:49 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=qLv6Joya85aFcUkO2Qjy4DHE; expires=Fri, 27 Feb 2026 10:19:49 GMT; Path=/; SameSite=None; Secure __Host-ss=1u4BuwydVE; expires=Fri, 27 Feb 2026 10:19:49 GMT; HttpOnly; Path=/; SameSite=Strict; Secure __Host-logged-out-session=ChA645nwi%2F3wCdA8fvIePq2YEMWq958GGi5BRjE1V0xhMFRjaVBQdWVXS1ZjV3dVQzg5TVZUM09kTlowMkdRUXBxLUROQVlB; HttpOnly; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-server-response-time: 60 x-xss-protection: 1; mode=block content-type: text/javascript; charset=UTF-8 date: Tue, 28 Feb 2023 10:19:49 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 5dc2a9d16e234596b0a33c24c7326b70 X-Firefox-Spdy: h2

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflZTDgHZ.js	104.16.100.29	200 OK	0 B
URL HTTP/2 cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflZTDgHZ.js IP 104.16.100.29:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/metaserver/static/pithos/privacy_consent.bundle-vflZTDgHZ.js HTTP/1.1 Host: cfl.dropboxstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mobsquad.docsend.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 28 Feb 2023 10:19:49 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding last-modified: Tue, 14 Feb 2023 01:15:59 GMT x-dropbox-request-id: 12cd9099f0eb70ad9ac0b6f0ed66362d x-content-type-options: nosniff x-cached: HIT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public, immutable access-control-allow-origin: * timing-allow-origin: https://www.dropbox.com cf-cache-status: HIT age: 1170120 server: cloudflare cf-ray: 7a086c940f560afa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	js.intercomcdn.com/vendor.d69e03b4.js	54.230.111.118	200 OK	0 B
URL HTTP/2 js.intercomcdn.com/vendor.d69e03b4.js IP 54.230.111.118:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /vendor.d69e03b4.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 108502 date: Tue, 28 Feb 2023 09:52:19 GMT last-modified: Tue, 28 Feb 2023 09:50:04 GMT etag: "95e86fd0e8605b83a6c1c890569df143" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000, s-maxage=7200, public content-encoding: gzip x-amz-version-id: vXl91Qz5xru9pqXJU0kYkLyEladvDj1g accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: HiwjwsCyYvcJnIrT2ZGlPycXsmWLz6enMo5l8MwJVvkh-JLk3rJz6g== age: 1655 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	api-iam.intercom.io/messenger/web/ping	54.145.101.148	200 OK	0 B
URL HTTP/2 api-iam.intercom.io/messenger/web/ping IP 54.145.101.148:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers `POST /messenger/web/ping HTTP/1.1 Host: api-iam.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 474 Origin: https://mobsquad.docsend.com Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Tue, 28 Feb 2023 10:19:55 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate x-ratelimit-limit: 13333 x-ratelimit-reset: 1677579600 strict-transport-security: max-age=31556952; includeSubDomains; preload x-ratelimit-remaining: 13304 access-control-allow-origin: https://mobsquad.docsend.com vary: Accept,Accept-Encoding x-intercom-version: 24fca5ab8075181bf515b5343581f8dfbbca1209 x-xss-protection: 1; mode=block content-encoding: gzip x-request-id: 00016f6m0gvadkgbno7g access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA access-control-allow-credentials: true access-control-allow-methods: POST, GET, OPTIONS etag: W/"d5df7e31d51a7973f2c23c9eb2e8518c" x-runtime: 0.248923 x-frame-options: SAMEORIGIN x-content-type-options: nosniff server: nginx x-ami-version: ami-0a9c6b4ceb8ee8995 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Open+Sans:700,600,400,400italic,300,300italic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 28 Feb 2023 10:19:49 GMT date: Tue, 28 Feb 2023 10:19:49 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.dropbox.com/pithos/privacy_consent	162.125.71.18	307 Temporary Redirect	0 B
URL HTTP/2 www.dropbox.com/pithos/privacy_consent IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers `GET /pithos/privacy_consent HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mobsquad.docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 307 Temporary Redirect content-security-policy: sandbox location: https://www.dropbox.com/pithos/host%3Amobsquad.docsend.com/privacy_consent referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MzIyMjkzNzkwMzk5MDE0OTMzODYwNjc5NDIzMzQ5MDcwMzE3ODc5; expires=Sun, 27 Feb 2028 10:19:49 GMT; HttpOnly; Path=/; SameSite=None; Secure t=qLv6Joya85aFcUkO2Qjy4DHE; Domain=dropbox.com; expires=Fri, 27 Feb 2026 10:19:49 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=qLv6Joya85aFcUkO2Qjy4DHE; expires=Fri, 27 Feb 2026 10:19:49 GMT; Path=/; SameSite=None; Secure __Host-ss=1u4BuwydVE; expires=Fri, 27 Feb 2026 10:19:49 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Sun, 27 Feb 2028 10:19:49 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/html; charset=utf-8 date: Tue, 28 Feb 2023 10:19:48 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 8b238b2ba3aa4c92b24dc46d0a87d66d X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML