Report - urlsand.esvalabs.com/?u=docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n

Report Overview

Submitted URL
urlsand.esvalabs.com/?u=docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n
IP
194.39.109.114
ASN
#202053 UpCloud Ltd
Submitted
2023-01-18 05:24:49
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
urlsand.esvalabs.com	162933	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	412 kB	194.39.109.114
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
d2qvtfnm75xrxf.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	2.3 MB	143.204.42.105
cfl.dropboxstatic.com	13598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	112 kB	104.16.100.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	70 kB	34.120.237.76
js.intercomcdn.com	2440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	735 B	141 kB	54.230.111.118
c.evidon.com	1097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	71 kB	104.88.23.136
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.1 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	508 B	46 kB	216.58.207.227
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.93.186
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	845 B	1.5 kB	142.250.74.106
api-iam.intercom.io	2892	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	465 B	974 B	3.93.95.179
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
www.dropbox.com	1994	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	22 kB	162.125.71.18
widget.intercom.io	2417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	6.9 kB	54.230.111.53
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.0 kB	54.230.245.100
d.dropbox.com	1300	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.1 kB	162.125.7.20
nexus-websocket-a.intercom.io	2137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	729 B	281 B	35.174.127.31
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
docsend.com	58938	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	23 kB	3.220.57.224
consent.dropbox.com	27413	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	631 B	1.4 kB	143.204.55.62
l.evidon.com	8143	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	382 B	54.236.105.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-18 05:24:40	high	162.125.71.18	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use
2023-01-18 05:24:42	high	162.125.7.20	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=1	406 B	2023-03-13	2023-03-13
Pretty URL urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=1 IP 194.39.109.114 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:32 Last Seen2023-03-13 01:53:32 Times Seen1 Hash 3c556f144245862bfb9b596326423061 8728ac47a87833d5b8fb6c01bb5a12c47bbeb8ec 6bb6411393038d718689d1cb495457af8ef2397dee1969f8a08d19e31b6ea8e9 Loading...

	urlsand.esvalabs.com/js/redirect.js	1.8 kB	2023-03-09	2024-04-17
Pretty URL urlsand.esvalabs.com/js/redirect.js IP 194.39.109.114 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:22:41 Last Seen2024-04-17 17:08:14 Times Seen57 Hash 70cea999ecc63440734e438c1b1abe83 b997f62f155d28e39f181187f1dd8e4ba8641237 1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892 Loading...

	unknown	0 B	2023-03-07	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-09 01:48:32 Times Seen37454892 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	docsend.com/view/qg82qfqti6sj7mwc	292 B	2023-03-12	2023-03-13
Pretty URL docsend.com/view/qg82qfqti6sj7mwc IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:23:38 Last Seen2023-03-13 19:45:45 Times Seen1 Hash dd2d086a0c37ecbc9497ae2d2ad4f4d5 ceab8107721d747ee65a763f3ca99ab197f8f0a6 76450dd61645b78669c536ed1182e5951d2eeb7dc7c2bf18d172ad9b8bba3aef Loading...

	c.evidon.com/sitenotice/evidon-sitenotice-tag.js	75 kB	2023-03-09	2023-03-13
Pretty URL c.evidon.com/sitenotice/evidon-sitenotice-tag.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:15:50 Last Seen2023-03-13 19:09:27 Times Seen1 Hash b9539a2e77d15a946ad29fbada55c14c 01b157a8436cb78c9ff3364c629b5390429b0308 973e0be9ad095c6bea8d2a9b22df3acbc368ecb234823059ddac700ed103c593 Loading...

	c.evidon.com/sitenotice/3401/translations/en.js	41 kB	2023-03-08	2023-03-14
Pretty URL c.evidon.com/sitenotice/3401/translations/en.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:03:09 Last Seen2023-03-14 06:57:53 Times Seen1 Hash 92ddb3e3355b422d8513e225548bbf64 0d9a331620a7153aa3c70f20fbda54bdc7ed2b8c 83798cc9c57adec03a4547e9cec6a563696f0318ec6e0f885d325e226c34fe06 Loading...

	c.evidon.com/sitenotice/evidon-banner.js	13 kB	2023-03-09	2023-03-26
Pretty URL c.evidon.com/sitenotice/evidon-banner.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:10:59 Last Seen2023-03-26 13:12:38 Times Seen50 Hash 953f08dcce4b8af3f743056f673c8514 4e8acdae78b9b5f1c228cb28de23cca6ad5b3c4e f82f137e8e73611fa376c19abe5d768d8880cfce9082c8cb8a5819d3350bc881 Loading...

	docsend.com/view/qg82qfqti6sj7mwc	777 B	2023-03-07	2024-05-08
Pretty URL docsend.com/view/qg82qfqti6sj7mwc IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-05-08 12:10:06 Times Seen490 Hash eed47e70bb30c26af1d2b05cb6cbb36e a6280e737500da85f94d5dd1b4bcf53e8ab7ebb6 33f828b1c1cc8d01a5365dda26f42257988e5ab755e9d1c9c06c8b650564b612 Loading...

	docsend.com/view/qg82qfqti6sj7mwc	31 B	2023-03-07	2024-05-08
Pretty URL docsend.com/view/qg82qfqti6sj7mwc IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2024-05-08 12:10:06 Times Seen471 Hash 997bc267a126a1af0b147e52ee2274ec 283f5eea465445d4a02d6b006954adabe6ae86b1 f37819c0a8f3d5b4aefb1c1a91f921d9b7b5f9377e136614329bc495b993087a Loading...

	www.dropbox.com/pithos/privacy_consent	8.4 kB	2023-03-09	2023-03-13
Pretty URL www.dropbox.com/pithos/privacy_consent IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:38:10 Last Seen2023-03-13 02:24:41 Times Seen1 Hash f801dfd76683ff287236c16f35a797f1 da21548760c03e366ed9dff93c6ee6dfdfa57d6c 5329dbd1613a73746400524f659d3646e10964d0dcb631ecb1b5964031e931f2 Loading...

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false	569 B	2023-03-07	2023-04-05
Pretty URL consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false IP 143.204.55.62 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:27 Last Seen2023-04-05 02:11:39 Times Seen83 Hash 61b81b2411a67a89aad55835c4e864f2 623c4e487131583d402815eb75cfced9b694017d 929203495e37db6972ddc172e9664002093c6bb973da2ca7a5001c26d680d2de Loading...

	widget.intercom.io/widget/lv6lji7h	19 kB	2023-03-13	2023-03-13
Pretty URL widget.intercom.io/widget/lv6lji7h IP 54.230.111.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:43:35 Last Seen2023-03-13 02:09:13 Times Seen1 Hash 3c32b47900bc41ac49dea0bdf0f2e84c 93acd66a2a56f416e2437b6afd2260ec488d2024 7e8d812aebb4cd5a665439230564c5d54dde8f03df9d959c4e0ea45e8009c985 Loading...

	d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/error_handling-8e2e51488bdfb4cc0305.js	45 kB	2023-03-12	2023-03-13
Pretty URL d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/error_handling-8e2e51488bdfb4cc0305.js IP 143.204.42.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:23:38 Last Seen2023-03-13 02:24:41 Times Seen1 Hash 267c741576d18e6aea1b3895b7213d27 5b5fb1afe00c1f0b2e5212a91ec823ff4cd67a79 fe72e930bcc41f2fe8203ecdcb7a0a9af465b81ce5ddeb264dc00a1d8537ca34 Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflI8ZUCf.js	218 kB	2023-03-09	2023-03-13
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflI8ZUCf.js IP 104.16.100.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:38:10 Last Seen2023-03-13 02:24:41 Times Seen1 Hash 23c65409fc0fefc06169342ec1140e4f 926ce6815529e8e2deaa16672db3885f9c214b01 07c9e72a49276ef981f90698154b1d1cd29fc2fc922c7b480f2fb077f6aac66a Loading...

	www.dropbox.com/pithos/privacy_consent_service	12 kB	2023-03-13	2023-03-13
Pretty URL www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18 ASN #19679 DROPBOX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:32 Last Seen2023-03-13 02:26:47 Times Seen1 Hash 35d8df22df773dacd6605339906f229e 947f0dae94c60fd83747468dc91cd118965a32db 34f649d2f59f67803450247826ffc3cc6ff80939f5bd0abc8c285571df395a9b Loading...

	c.evidon.com/sitenotice/3401/dropbox/settings.js	5.1 kB	2023-03-07	2023-03-14
Pretty URL c.evidon.com/sitenotice/3401/dropbox/settings.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:24:27 Last Seen2023-03-14 06:57:53 Times Seen1 Hash 7119db14253f426ac1ed52da3fd5d054 9377f384c543a5211174e97b4cec458e2a801d34 4a01a147c430ebeffa841da984db9622de37957eed294ed3dcf4fa4deb7422df Loading...

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflWWLiOG.js	108 kB	2023-03-09	2023-03-13
Pretty URL cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflWWLiOG.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:44:01 Last Seen2023-03-13 02:26:47 Times Seen1 Hash 5962e2386091bd167f90be3d2bfebce0 20dfa5db63225cfeff7247adb4f0a7f6c3708bfc 80c1eb8090dba936ebe64133b5d9b5a4eef1e2d726e1873e98228dc06c940800 Loading...

	c.evidon.com/sitenotice/3401/snthemes.js	125 kB	2023-03-07	2023-04-02
Pretty URL c.evidon.com/sitenotice/3401/snthemes.js IP 104.88.23.136 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2023-04-02 21:30:48 Times Seen64 Hash 0e8f664fca39681028b4b07b5be34f2d 7298f430eb83f9116df80423cf956d09d0e6f8c4 4f71436a97288b116c8b61d62030fa6549acb42827ca7f7aeaacab78132190a8 Loading...

	urlsand.esvalabs.com/js/polyfill.js	1.3 kB	2023-03-09	2024-04-17
Pretty URL urlsand.esvalabs.com/js/polyfill.js IP 194.39.109.114 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:22:41 Last Seen2024-04-17 17:08:14 Times Seen62 Hash 62f474cb475f9c1dce9a2a44b2c0f2c4 0372381efe3338706396a1642f318d13f0d5dcdc b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738 Loading...

	urlsand.esvalabs.com/js/helper.js	3.4 kB	2023-03-09	2024-04-17
Pretty URL urlsand.esvalabs.com/js/helper.js IP 194.39.109.114 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:22:41 Last Seen2024-04-17 17:08:14 Times Seen59 Hash dfea07219beb9dcadf13a38c15d0be5d ab1e8b2a17c7553b990c1be0adbb194cadc34ce2 6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b Loading...

	d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/langpacks/en-debcc753ea9b1598d46a.js	9.8 kB	2023-03-12	2023-03-13
Pretty URL d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/langpacks/en-debcc753ea9b1598d46a.js IP 143.204.42.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:53:21 Last Seen2023-03-13 02:24:42 Times Seen1 Hash 1619f8e09e2e931e791285b92a2f5007 ff50ff46feac38710c80d3e913bff3e5bd3cb1a8 6c97291c348e0386c2b5518bae7bbc6ecd7743e2160be6538bce2902fdfb28bf Loading...

	docsend.com/view/qg82qfqti6sj7mwc	2.5 kB	2023-03-13	2023-03-13
Pretty URL docsend.com/view/qg82qfqti6sj7mwc IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:32 Last Seen2023-03-13 01:53:32 Times Seen1 Hash 7b617f09871c1096027492cf75d0c661 c3474e7c5f654a61e3263d6f4c855430a4997b04 15708626181dbcf087fb23b737fb0c6fa458778e22bb428f5cb9d8b9293dbdec Loading...

	docsend.com/view/qg82qfqti6sj7mwc	587 B	2023-03-13	2023-03-13
Pretty URL docsend.com/view/qg82qfqti6sj7mwc IP 3.220.57.224 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:32 Last Seen2023-03-13 01:53:32 Times Seen1 Hash 40a845d6496167f80ae115dd1d82a1fe 4cd2f4f31f6ec6f26a4484434c7122cd87ce8f69 8f4b9b279dc203e8837ee2efab283fd5f965e1512c830cf67586c5adbad809a0 Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-05-09
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-05-09 00:32:22 Times Seen14603 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (86)

	URL	IP	Response	Size
	urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n	194.39.109.114	301 Moved Permanently	162 B
URL HTTP/1.1 urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Wed, 18 Jan 2023 05:24:37 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cc07d664b5dadee6f9120d54904dfa57 df75a55b0b2019684a6c512bee528c51a2c4a756 14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12186 Expires: Wed, 18 Jan 2023 08:47:43 GMT Date: Wed, 18 Jan 2023 05:24:37 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 648bf42163c5d645d8a33cd0a9afebd0 9b9ac85435c4e90647e8379bca54c689058a8929 060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13146 Expires: Wed, 18 Jan 2023 09:03:43 GMT Date: Wed, 18 Jan 2023 05:24:37 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 18 Jan 2023 04:34:21 GMT content-type: application/json age: 3016 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 6c8239f3894cfba54d1f3a9ea1c85db5 a70f2b3bf79f2aa26b0cc0340dd182565c3eb946 64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11579 Expires: Wed, 18 Jan 2023 08:37:36 GMT Date: Wed, 18 Jan 2023 05:24:37 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: 9v4sKYMZRnEW1iCsOcl/qjIIe7YStQ8hD1kCkREVRKVpd+n1OLmFgpDME99SYoINR4fpTTUsPBU= x-amz-request-id: XMBE134CV4516RSW content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 18 Jan 2023 04:45:16 GMT age: 2361 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:37 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 474528f4b1d4694b205c2614f3bc4ade 48cb45b291d76370a712d90e1657ec4e31748a97 044763f06ec506874a45bcd6d8374ac57e53c60fa788f570b59576bcbc72cc02 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "044763F06EC506874A45BCD6D8374AC57E53C60FA788F570B59576BCBC72CC02" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10275 Expires: Wed, 18 Jan 2023 08:15:52 GMT Date: Wed, 18 Jan 2023 05:24:37 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 18 Jan 2023 04:48:57 GMT age: 2140 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 8720730dce33d0026a1a354ac93d4a7d ed5f086bc646a4d93d2344b19ff7821c96e44f7c b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6595 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:38 GMT Last-Modified: Wed, 18 Jan 2023 03:34:43 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471`

	urlsand.esvalabs.com/css/urlsand.css	194.39.109.114	200 OK	1.8 kB
URL HTTP/2 urlsand.esvalabs.com/css/urlsand.css IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type ASCII text Size 1.8 kB (1755 bytes) Hash 8e6b9b536da58525ca395bfa6b5ea661 02de19d96b7d6b428ce8e5ab5919fc50d38fd792 fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957 HTTP Headers `GET /css/urlsand.css HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: text/css content-length: 1755 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-6db" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	urlsand.esvalabs.com/js/polyfill.js	194.39.109.114	200 OK	1.3 kB
URL HTTP/2 urlsand.esvalabs.com/js/polyfill.js IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type ASCII text Size 1.3 kB (1251 bytes) Hash 62f474cb475f9c1dce9a2a44b2c0f2c4 0372381efe3338706396a1642f318d13f0d5dcdc b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738 HTTP Headers `GET /js/polyfill.js HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: application/javascript content-length: 1251 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-4e3" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	urlsand.esvalabs.com/js/helper.js	194.39.109.114	200 OK	3.4 kB
URL HTTP/2 urlsand.esvalabs.com/js/helper.js IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type ASCII text Size 3.4 kB (3399 bytes) Hash dfea07219beb9dcadf13a38c15d0be5d ab1e8b2a17c7553b990c1be0adbb194cadc34ce2 6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b HTTP Headers `GET /js/helper.js HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: application/javascript content-length: 3399 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-d47" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	urlsand.esvalabs.com/js/redirect.js	194.39.109.114	200 OK	1.8 kB
URL HTTP/2 urlsand.esvalabs.com/js/redirect.js IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type ASCII text Size 1.8 kB (1818 bytes) Hash 70cea999ecc63440734e438c1b1abe83 b997f62f155d28e39f181187f1dd8e4ba8641237 1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892 HTTP Headers `GET /js/redirect.js HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: application/javascript content-length: 1818 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-71a" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	urlsand.esvalabs.com/templates/default/img/logo.png	194.39.109.114	200 OK	19 kB
URL HTTP/2 urlsand.esvalabs.com/templates/default/img/logo.png IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type PNG image data, 358 x 52, 8-bit/color RGBA, non-interlaced\012- data Size 19 kB (19237 bytes) Hash f636c0ac12d4ae1e2df61fa355a85ca1 d3d3f5d3a8b6efea1538200d3e9078167fcb3cb0 81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc HTTP Headers `GET /templates/default/img/logo.png HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: image/png content-length: 19237 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-4b25" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	urlsand.esvalabs.com/templates/default/css/urlsandbox.css	194.39.109.114	200 OK	188 kB
URL HTTP/2 urlsand.esvalabs.com/templates/default/css/urlsandbox.css IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type ASCII text, with very long lines (540) Size 188 kB (188286 bytes) Hash d4aef0a46fcd7349c2bec618e5d824fc 4f1eb7aa97b424f4c9484c2a0f6873a6c880198f 3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c HTTP Headers `GET /templates/default/css/urlsandbox.css HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: text/css content-length: 188286 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-2df7e" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 2b02c407fd912449a1b278f0bf3d8574 817bcff5b7c0444426b19027c772bddce84cf130 67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	urlsand.esvalabs.com/templates/default/css/urlsandbox-dark.css	194.39.109.114	200 OK	188 kB
URL HTTP/2 urlsand.esvalabs.com/templates/default/css/urlsandbox-dark.css IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type ASCII text, with very long lines (540) Size 188 kB (188099 bytes) Hash 28244b6d8a9c30b8e866dc49855888a0 de4bffccfdc24d665c4e99be239be34d665b88f6 b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c HTTP Headers `GET /templates/default/css/urlsandbox-dark.css HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: text/css content-length: 188099 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-2dec3" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 2b02c407fd912449a1b278f0bf3d8574 817bcff5b7c0444426b19027c772bddce84cf130 67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d547e6cc07ecb62b49cfb14f223d3b87 7f316e0778cf7e132cf376b92d1f9860e06894f5 4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Size 45 kB (44856 bytes) Hash 565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db HTTP Headers `GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://urlsand.esvalabs.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44856 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 16 Jan 2023 18:52:41 GMT expires: Tue, 16 Jan 2024 18:52:41 GMT cache-control: public, max-age=31536000 age: 124317 last-modified: Mon, 15 Aug 2022 18:20:18 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d547e6cc07ecb62b49cfb14f223d3b87 7f316e0778cf7e132cf376b92d1f9860e06894f5 4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	54.149.93.186	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.149.93.186:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 5WQVny0sxn0HsQSCURm62w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: DGWuRnKYkLxCwiaV+Qf+yr+k5mg=`

	urlsand.esvalabs.com/favicon.ico	194.39.109.114	200 OK	968 B
URL HTTP/2 urlsand.esvalabs.com/favicon.ico IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Size 968 B (968 bytes) Hash 97a251c3476409ea95861b39eca16a2c 4de41d20e5e536fae11f4ccc841b06e41b09e8ae 5325493f9962c98bcecb371060179456aa9aeb8a4bc5ddf429ada9e31873c5f3 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK server: nginx date: Wed, 18 Jan 2023 05:24:38 GMT content-type: image/x-icon content-length: 968 last-modified: Tue, 17 Jan 2023 11:47:00 GMT etag: "63c68ab4-3c8" strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' accept-ranges: bytes X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16021 Expires: Wed, 18 Jan 2023 09:51:40 GMT Date: Wed, 18 Jan 2023 05:24:39 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16021 Expires: Wed, 18 Jan 2023 09:51:40 GMT Date: Wed, 18 Jan 2023 05:24:39 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16021 Expires: Wed, 18 Jan 2023 09:51:40 GMT Date: Wed, 18 Jan 2023 05:24:39 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16021 Expires: Wed, 18 Jan 2023 09:51:40 GMT Date: Wed, 18 Jan 2023 05:24:39 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16021 Expires: Wed, 18 Jan 2023 09:51:40 GMT Date: Wed, 18 Jan 2023 05:24:39 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg	34.120.237.76	200 OK	8.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.9 kB (8889 bytes) Hash 816accd72419764cabc1d038af58446c ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08 d0b6f144ddc797108e6e85b4e835bfbeadd138ef7987661ee9e3d22790db254f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8889 x-amzn-requestid: 10583804-866b-41bc-a99b-6209bd7ae1c2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e6A1eHMCoAMF4kA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c714ef-2351e46019a0918724721b89;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: vPjapwQ2XBhjwPeNVzi3NQ0YSMyseKuyavdCo2CTFoxrRkiKXVu7lw== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google date: Tue, 17 Jan 2023 22:01:08 GMT age: 26611 etag: "ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13111 bytes) Hash d134f7ac9a5ca8ab7a9461bd20706bb7 aa47af3e7517390d10e89f0f18237cfdcc63cbed 3431c8027f09bb284fe48ef8e4458fd43d8cc961250601b3028b83a7ba19f6ce HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13111 x-amzn-requestid: 7a9bb405-c68d-496f-b608-e9d295c44c50 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e0MStGBBIAMFXag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c4c0dd-75d87c0d763744951f13febd;Sampled=0 x-amzn-remapped-date: Mon, 16 Jan 2023 03:13:33 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jkIL919Q7OFO6bACXTrDan0f9D9rgrN0DJMQv1DYPLeWqT1CywCAEg== via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Wed, 18 Jan 2023 04:00:46 GMT age: 5033 etag: "aa47af3e7517390d10e89f0f18237cfdcc63cbed" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13094 bytes) Hash 611a72259b116192667411e884b90843 ee43d356cb1fa30ece3e8c6c0c5d21827017199a 1a6b9636c4417c8e5976b13451cebd7fda585a607f1ef97d25fc0ee9e752f707 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13094 x-amzn-requestid: c51667e3-4c74-4c43-93bb-5dff7d684fb6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e0K84EquoAMFR2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c4beb8-012b4ee95ae813250c703b51;Sampled=0 x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: XgoT6J4DRRw5NtW5DcvadI9YUL4kqOKO0P8MqUhpcigaqtSTAuevUw== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Wed, 18 Jan 2023 04:19:53 GMT age: 3886 etag: "ee43d356cb1fa30ece3e8c6c0c5d21827017199a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg	34.120.237.76	200 OK	7.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.9 kB (7871 bytes) Hash 8069887e5e81584380ef3f819bcfab6e 3794126935a3e08de469ea37d29cba7be412d408 934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7871 x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e6A1UGmeoAMFzpA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: zGNahizGhnMhpQxlxsexepYOI7y_40It8BrZjAd041J8Ws-jBYL0Ng== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Tue, 17 Jan 2023 21:59:12 GMT age: 26727 etag: "3794126935a3e08de469ea37d29cba7be412d408" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13848 bytes) Hash 8656702f08344d3a4658bc43a9074a1f fba424e1d09cbdc839ca320458b51715dafbbccc 0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13848 x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e6BKCGEtoAMFgsQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Tue, 17 Jan 2023 21:59:45 GMT age: 26694 etag: "fba424e1d09cbdc839ca320458b51715dafbbccc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7361 bytes) Hash 26fa7bd40b5c3a3b5a6f95e7fca843b9 d8064f74f1e40bf6be4ea8ab4e319db22026c462 3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7361 x-amzn-requestid: 54e3621a-ec24-4d56-85bf-84239fa7811e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e23ZvGtnIAMFivg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c5d2a4-7ce0e7924c03aeaa3ea684c3;Sampled=0 x-amzn-remapped-date: Mon, 16 Jan 2023 22:41:40 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hamm4_4ud3QWXK2EeTcYUSN7ot6m-d-1z_NN29tSFYP25Itmz25jaA== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Tue, 17 Jan 2023 14:16:01 GMT age: 54518 etag: "d8064f74f1e40bf6be4ea8ab4e319db22026c462" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.sectigo.com/	172.64.155.188	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 63ec55ec31b9e544ae14ae034a51c751 6864f869ebc0c35e8c91fb1d0176dc20edd635bd 3b85ea34cb950b1617327fb7fbac2bc99a0fdda0482265f73b3d6ba5bdc24cb9 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 18 Jan 2023 05:24:39 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 17 Jan 2023 03:57:43 GMT Expires: Tue, 24 Jan 2023 03:57:42 GMT Etag: "6864f869ebc0c35e8c91fb1d0176dc20edd635bd" Cache-Control: max-age=512582,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78b4e7d5898c1c06-OSL`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 2b02c407fd912449a1b278f0bf3d8574 817bcff5b7c0444426b19027c772bddce84cf130 67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	docsend.com/view/qg82qfqti6sj7mwc	3.220.57.224	200 OK	10 kB
URL HTTP/1.1 docsend.com/view/qg82qfqti6sj7mwc IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5461) Size 10 kB (10411 bytes) Hash 9c1893e8fa3801908ade1a6dad6072c1 db1c626ee454244e9dec18e834fdfe0b5762a5aa c27c450f4480cb057478b24ba158960d83c000c45d9c63b41083b3aa4f248404 HTTP Headers `GET /view/qg82qfqti6sj7mwc HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 05:24:40 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked X-Frame-Options: DENY Etag: W/"4497ea0e4c261d76f88fe5994900c1ca" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://js-agent.newrelic.com https://.nr-data.net https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-5pB2VDcmG0D2TS4ZOPyPCw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://.browser-intake-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://.id.opendns.com https://www.google-analytics.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.nr-data.net https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob: Set-Cookie: _v_=yvzCQ%2FJbhmtEMNhP%2F3d9pQNspC26MJAKMMTzDWJA3vi24VB5pnhcHK1Ut4xYFfxQEZ3Ye5sOmCaiG8UlGpWnmY4bg2aTPJiatkGUdEQ%3D--gIZWLspu%2BpXNvsgV--MWezc9J1gG7cdxPdUNbjIw%3D%3D; domain=.docsend.com; path=/; expires=Thu, 18 Jan 2024 05:24:40 GMT; SameSite=None; secure _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; domain=.docsend.com; path=/; expires=Sun, 18 Jan 2043 05:24:40 GMT; SameSite=None; secure _dss_=47a1afec5578e9338744bf24606778d8; domain=.docsend.com; path=/; secure; HttpOnly; SameSite=None X-Request-Id: 986abc51-a20a-4613-a68c-38272028c688 X-Runtime: 0.076177 Vary: Accept-Encoding Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/error_handling-8e2e51488bdfb4cc0305.js	143.204.42.105	200 OK	14 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/error_handling-8e2e51488bdfb4cc0305.js IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (44763), with no line terminators Size 14 kB (13477 bytes) Hash fead8e8f6ce7597cf5b222435f880933 bcc41c5866acd83b64034126abb836455464023f 5707fe99d46a8836ab38f8070a97a0aa51ebadc0f693d83a740d4945f5f89c37 HTTP Headers `GET /packs/js/javascripts/error_handling-8e2e51488bdfb4cc0305.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Tue, 17 Jan 2023 21:54:31 GMT Last-Modified: Tue, 17 Jan 2023 19:36:12 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 1K8PECXZtbWDslQYzegXzVGML62kFCJ6iv2qtLwRDyMnD77vvq36rw== Age: 27009

	d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/presentation-cc45d76f.css	143.204.42.105	200 OK	88 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/presentation-cc45d76f.css IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (65517) Size 88 kB (88058 bytes) Hash 67528b329e7332a144158d6ae0a74e36 e987384350f3c04f16de6d744e90689e8cf5ddd9 d76ae7ec2dfb6d0444a7576da37cda39b60efac33fe07a180f3ca4966a47cfbb HTTP Headers `GET /packs/css/stylesheets/presentation-cc45d76f.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Tue, 17 Jan 2023 22:46:52 GMT Last-Modified: Tue, 17 Jan 2023 22:33:53 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: cDv_wlEju_uy51QzAhajfjMJstMQE0NiPKEZH3GApRuXMH6V-tufyA== Age: 23868

	d2qvtfnm75xrxf.cloudfront.net/packs/css/javascripts/presentation-12b86b17.css	143.204.42.105	200 OK	22 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/packs/css/javascripts/presentation-12b86b17.css IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 22 kB (21834 bytes) Hash 65b72b1a3de11fb0738d36159998c6a8 b70f6cdcbac07f7e90bcff9412f48588f37b26aa da69ab109fe0b47b7e966fc4a65974067215898c106063b6553ff4cbbadce733 HTTP Headers `GET /packs/css/javascripts/presentation-12b86b17.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Tue, 17 Jan 2023 22:46:52 GMT Last-Modified: Tue, 17 Jan 2023 22:33:53 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Zk73KGGRhMPmz7PNnQxitS-KmK_BgbYOdzN1m-9PkAvgRW2JQel9vQ== Age: 23868

	d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css	143.204.42.105	200 OK	948 B
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type exported SGML document, ASCII text Size 948 B (948 bytes) Hash a7ace942f4f580ee5902c36fed888af9 ca1c01b03c6763b0f458af9eea82b8f00b430141 514da21f8d0805b785cf184f4beaa6bc62f6c6de58fd489f7d9f52e9087b62e0 HTTP Headers `GET /assets/ie_specific_hacks_v2.css HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 01:09:32 GMT Last-Modified: Tue, 17 Jan 2023 21:58:17 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: krLvw_fWCZMuvITyv2pWrgcXXhEmM9ynRJij-Z6RiRDN3mz01cSqMQ== Age: 15308

	d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/langpacks/en-debcc753ea9b1598d46a.js	143.204.42.105	200 OK	3.1 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/langpacks/en-debcc753ea9b1598d46a.js IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (9812), with no line terminators Size 3.1 kB (3117 bytes) Hash de7c5ec7622ba340094d26a08a8f6456 c5cbd73b7fe4926b3a4c105cc62fe9ae121d3955 f4bb0a53c94d0f17d96993314ac458bcb3cf32a34cfd9dba9197e330169f7881 HTTP Headers `GET /packs/js/javascripts/langpacks/en-debcc753ea9b1598d46a.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 00:50:04 GMT Last-Modified: Tue, 17 Jan 2023 22:33:53 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: hJuVs_9yVIX2b8qNl8oLKZ9bAxuN1tfvDdF-fWv5QdwyVFT31Yo2Ag== Age: 16475

	d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/presentation-9b1f88dd6e2f34812247.js	143.204.42.105	200 OK	2.1 MB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/presentation-9b1f88dd6e2f34812247.js IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65445) Size 2.1 MB (2099824 bytes) Hash cfb5d1bf904f285c4694a2d9451a77f1 5b89186dd04ae65f16c95e2f5820bfad21d102d8 be17ee84a1a76a8bb02c8d78f2066a3894e409d18eeb51f84dcd153b6db02811 HTTP Headers `GET /packs/js/javascripts/presentation-9b1f88dd6e2f34812247.js HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Tue, 17 Jan 2023 22:46:58 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 17 Jan 2023 22:33:53 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront) Content-Encoding: br Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ws1EwhQ_D8XJ88xayEtH_84tH-rwQVArTkh7X75dkqnYYImDUAgXFQ== Age: 23862

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash c737c7ab4095c23b2852f9f69d9dc49d 6861f0e35dea6b8b44000ca3345f49bfc21ad3d0 f557eb67d3420d5e0f2e4b974686f4c3591db342ba27ab76af7effd042522ca5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6507 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:40 GMT Last-Modified: Wed, 18 Jan 2023 03:36:14 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471`

	d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Regular-Web.woff2	143.204.42.105	200 OK	43 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Regular-Web.woff2 IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 43308, version 1.66\012- data Size 43 kB (43308 bytes) Hash 93b6f18ec99bcb7c3fa7ea570a75e240 60b9e3062fe532cbc18b897fac542c56a03544c7 43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db HTTP Headers `GET /assets/fonts/AtlasGrotesk-Regular-Web.woff2 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 43308 Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 04:55:28 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 17 Jan 2023 21:58:17 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront) Vary: Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: x6sJYwuHXrpXIOvl26xjZaD6M0ad4FrEgCI0BzZrSz4q_OkgWZ-cmg== Age: 1752

	d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Medium-Web.woff2	143.204.42.105	200 OK	46 kB
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Medium-Web.woff2 IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type gzip compressed data, from Unix\012- data Size 46 kB (46349 bytes) Hash 2d0ec0eac0a8754cf9603f35110be529 cbf8ce3d0c0b7e8fb0dc9d85ec5de9898c3850e6 30da5be96bfe809637d0a90fb46f445a4530a759cb80dd203cbacb170c23b269 HTTP Headers `GET /assets/fonts/AtlasGrotesk-Medium-Web.woff2 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/font-woff2 Content-Length: 46188 Connection: keep-alive Server: nginx Date: Tue, 17 Jan 2023 23:24:43 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Last-Modified: Tue, 17 Jan 2023 21:58:17 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront) Vary: Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: jxmvZjsFd9KrWwwHBLrqMyH4U6l7HmESGtaVzvJiiMTk1vvU5gI3Kg== Age: 21597

	d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Medium-Web.woff2	143.204.42.105	304 Not Modified	0 B
URL HTTP/1.1 d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Medium-Web.woff2 IP 143.204.42.105:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /assets/fonts/AtlasGrotesk-Medium-Web.woff2 HTTP/1.1 Host: d2qvtfnm75xrxf.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://docsend.com Connection: keep-alive Referer: https://d2qvtfnm75xrxf.cloudfront.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site If-Modified-Since: Tue, 17 Jan 2023 21:58:17 GMT HTTP/1.1 304 Not Modified Connection: keep-alive Date: Wed, 18 Jan 2023 05:24:40 GMT Server: nginx Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: Access-Control-Max-Age: 604800 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur, 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront) Vary: Origin X-Cache: Hit from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 98wuLVdvL0X8Ho5eei_jPNMzbk_aMoMI0hhbnIsTT3Cn-GO__QrnIQ== Age: 21597

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 7c58acc8ab66874496f33940fa6288ba 9df520efafb7b58335785c3b28b733021d57d659 b4bcd40c5504c7f69649d1b0ee488ef49e4ff06c4ac7d25174b346dee6ff06a6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1146 Cache-Control: max-age=117421 Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:40 GMT Etag: "63c6a5cb-1d7" Expires: Thu, 19 Jan 2023 14:01:41 GMT Last-Modified: Tue, 17 Jan 2023 13:42:35 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 7c58acc8ab66874496f33940fa6288ba 9df520efafb7b58335785c3b28b733021d57d659 b4bcd40c5504c7f69649d1b0ee488ef49e4ff06c4ac7d25174b346dee6ff06a6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1146 Cache-Control: max-age=117421 Content-Type: application/ocsp-response Date: Wed, 18 Jan 2023 05:24:40 GMT Etag: "63c6a5cb-1d7" Expires: Thu, 19 Jan 2023 14:01:41 GMT Last-Modified: Tue, 17 Jan 2023 13:42:35 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471`

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4024 Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-nebLjQSCVH3hUgag9Sma' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-nebLjQSCVH3hUgag9Sma' 'nonce-UU79WOD38l+Tqtus2Fvl' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MjEzNTIwODIzNzc0MjI5MTQ5MzE2MDMwMTk0MDE4OTEzOTUwMTU4; expires=Mon, 17 Jan 2028 05:24:41 GMT; HttpOnly; Path=/; SameSite=None; Secure t=42UPiCI9XqpxPhSYrFAcA3pU; Domain=dropbox.com; expires=Sat, 17 Jan 2026 05:24:41 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=42UPiCI9XqpxPhSYrFAcA3pU; expires=Sat, 17 Jan 2026 05:24:41 GMT; Path=/; SameSite=None; Secure __Host-ss=GMQ043X8F0; expires=Sat, 17 Jan 2026 05:24:41 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Mon, 17 Jan 2028 05:24:41 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Wed, 18 Jan 2023 05:24:41 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 6a7639b71a05451b8f2e17f34d51576a X-Firefox-Spdy: h2

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4057 Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-U8f9+W4F1CkLfs4G7Gdc' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-U8f9+W4F1CkLfs4G7Gdc' 'nonce-KdD0wVaCftPDwkcFBw88' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=NjUxODM1MDQzMDMyOTk1NjU1MjI5MDMzMjQzNzE4NDcwNTA2NjQ%3D; expires=Mon, 17 Jan 2028 05:24:41 GMT; HttpOnly; Path=/; SameSite=None; Secure t=8svDNZhBzVHDTQ0FqgvFsgNS; Domain=dropbox.com; expires=Sat, 17 Jan 2026 05:24:41 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=8svDNZhBzVHDTQ0FqgvFsgNS; expires=Sat, 17 Jan 2026 05:24:41 GMT; Path=/; SameSite=None; Secure __Host-ss=V0Tw4JT1hU; expires=Sat, 17 Jan 2026 05:24:41 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Mon, 17 Jan 2028 05:24:41 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Wed, 18 Jan 2023 05:24:41 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: d46ecb727c3341ac89f208e966e52262 X-Firefox-Spdy: h2

	docsend.com/metrics/events	3.220.57.224	204 No Content	0 B
URL HTTP/1.1 docsend.com/metrics/events IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/events HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-data; boundary=---------------------------184238098638778501801412018133 Content-Length: 1117 Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/view/qg82qfqti6sj7mwc Cookie: _v_=yvzCQ%2FJbhmtEMNhP%2F3d9pQNspC26MJAKMMTzDWJA3vi24VB5pnhcHK1Ut4xYFfxQEZ3Ye5sOmCaiG8UlGpWnmY4bg2aTPJiatkGUdEQ%3D--gIZWLspu%2BpXNvsgV--MWezc9J1gG7cdxPdUNbjIw%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=47a1afec5578e9338744bf24606778d8 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 05:24:41 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-Dq4w42U4KZssZL/Krw27kw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: 59041e16-20a1-428d-ab27-01df2b04ce9c X-Runtime: 0.013805 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflI8ZUCf.js	104.16.100.29	200 OK	111 kB
URL HTTP/2 cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflI8ZUCf.js IP 104.16.100.29:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (43532), with LF, NEL line terminators Size 111 kB (111058 bytes) Hash bf029a63e87dcdd2c4bedf00e8b9059a d026d6db8bf3e7e2c4e37d90805ab1383e2d91cc 8befe8148ffc1d88bf6ba0419f4955b85ed2832b956362d29db04a3d3cb7fb4e HTTP Headers `GET /static/metaserver/static/pithos/privacy_consent.bundle-vflI8ZUCf.js HTTP/1.1 Host: cfl.dropboxstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://docsend.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 18 Jan 2023 05:24:40 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding last-modified: Tue, 20 Dec 2022 08:52:44 GMT x-dropbox-request-id: 2bb78e657fc90cefd800677024a2b164 x-content-type-options: nosniff x-cached: HIT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public, immutable access-control-allow-origin: * timing-allow-origin: https://www.dropbox.com cf-cache-status: HIT age: 2462991 server: cloudflare cf-ray: 78b4e7db7fbc1c12-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	docsend.com/metrics/properties	3.220.57.224	204 No Content	0 B
URL HTTP/1.1 docsend.com/metrics/properties IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /metrics/properties HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-CSRF-Token: OdYkEhTzYVKA3uJ8/KBiBGSalImH6Y1kVjhU88Pc2pCV3A2gOFcJ4pQ0IXr9dzoljJsagOf4/wnQhqDXYCaWjA== X-Requested-With: XMLHttpRequest Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/view/qg82qfqti6sj7mwc Cookie: _v_=yvzCQ%2FJbhmtEMNhP%2F3d9pQNspC26MJAKMMTzDWJA3vi24VB5pnhcHK1Ut4xYFfxQEZ3Ye5sOmCaiG8UlGpWnmY4bg2aTPJiatkGUdEQ%3D--gIZWLspu%2BpXNvsgV--MWezc9J1gG7cdxPdUNbjIw%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=47a1afec5578e9338744bf24606778d8 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Content-Length: 0 HTTP/1.1 204 No Content Content-Length: 0 Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 05:24:41 GMT X-Frame-Options: DENY Cache-Control: no-cache Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com 'nonce-4XEdEF10qj00XmRENacLJg=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: abdbe179-d5ed-4d48-8c70-adf539557a73 X-Runtime: 0.006501 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur

	consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false	143.204.55.62	200 OK	854 B
URL HTTP/2 consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false IP 143.204.55.62:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text Size 854 B (854 bytes) Hash dc63fb23d6563676b3090bae3f02ccde dd6c4202705f760dd5744caee7ccb31f703fc880 c8bce4b4bc1b212ffc445ae939680990a6f4b23eed318c8b9a7f1e21facd1ab1 HTTP Headers GET /?hide_gdpr=false&is_ccpa_enabled=true&gpc_signal=undefined&origin=https%253A%252F%252Fdocsend.com&sandbox_redirect=false HTTP/1.1 Host: consent.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://docsend.com/ Connection: keep-alive Cookie: t=n2Pmd5AsHU0_fp4J0EgbUwJE; locale=en Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/html content-length: 854 last-modified: Tue, 06 Sep 2022 19:00:36 GMT x-amz-version-id: jF1fSWiqtJx.5E0VeuXfyr4mbqFqvdbZ server: AmazonS3 date: Wed, 18 Jan 2023 02:47:42 GMT etag: "dc63fb23d6563676b3090bae3f02ccde" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 2-OAlqICPgEQm-MnzC0DojyYshRaOze5yJWQFFAz48YCtCjPX5-M-w== age: 9420 X-Firefox-Spdy: h2`

	docsend.com/favicon-16x16.png	3.220.57.224	200 OK	393 B
URL HTTP/1.1 docsend.com/favicon-16x16.png IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 393 B (393 bytes) Hash a8c678babc40c4ac6d8c70fc560094d4 66002c0719ddbd75c837f5a939689ea6df13b6dc a3a247c77537c4c4fd58b68212a30df836bd05efa48d280d9c20b187f7ef7fb1 HTTP Headers GET /favicon-16x16.png HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/view/qg82qfqti6sj7mwc Cookie: _v_=yvzCQ%2FJbhmtEMNhP%2F3d9pQNspC26MJAKMMTzDWJA3vi24VB5pnhcHK1Ut4xYFfxQEZ3Ye5sOmCaiG8UlGpWnmY4bg2aTPJiatkGUdEQ%3D--gIZWLspu%2BpXNvsgV--MWezc9J1gG7cdxPdUNbjIw%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=47a1afec5578e9338744bf24606778d8 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 05:24:41 GMT Content-Type: image/png Content-Length: 393 Last-Modified: Tue, 17 Jan 2023 21:58:17 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur`

	docsend.com/favicon-196x196.png	3.220.57.224	200 OK	4.1 kB
URL HTTP/1.1 docsend.com/favicon-196x196.png IP 3.220.57.224:0 ASN #14618 AMAZON-AES File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data Size 4.1 kB (4131 bytes) Hash 6664c3890e329c7609151e0081f5e7cb 6216d5de79d8b245676a86f8b862880837345e2a 8a5ec44c12b172efd970c30a7414ccb37bbb09a2932816826111dfa36509e568 HTTP Headers GET /favicon-196x196.png HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/view/qg82qfqti6sj7mwc Cookie: _v_=yvzCQ%2FJbhmtEMNhP%2F3d9pQNspC26MJAKMMTzDWJA3vi24VB5pnhcHK1Ut4xYFfxQEZ3Ye5sOmCaiG8UlGpWnmY4bg2aTPJiatkGUdEQ%3D--gIZWLspu%2BpXNvsgV--MWezc9J1gG7cdxPdUNbjIw%3D%3D; _us_=BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1; _dss_=47a1afec5578e9338744bf24606778d8 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Connection: keep-alive Server: nginx Date: Wed, 18 Jan 2023 05:24:41 GMT Content-Type: image/png Content-Length: 4131 Last-Modified: Tue, 17 Jan 2023 21:58:17 GMT Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Via: 1.1 vegur`

	widget.intercom.io/widget/lv6lji7h	54.230.111.53	200 OK	6.2 kB
URL HTTP/2 widget.intercom.io/widget/lv6lji7h IP 54.230.111.53:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators Size 6.2 kB (6172 bytes) Hash 7cea0ae85c44d1eba596f54bc9237044 5776d7f17ebf0c79c0e3caec5fd233f0168f7718 1e2fcea3450e6980628ee39214dc63109030725a6d9549dce329fa6ec532fc8a HTTP Headers `GET /widget/lv6lji7h HTTP/1.1 Host: widget.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 6172 last-modified: Tue, 17 Jan 2023 16:19:37 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: It1kzSlwuBxt8YfPWH7YUXzb44X60J9e accept-ranges: bytes server: AmazonS3 date: Wed, 18 Jan 2023 05:11:31 GMT cache-control: max-age=900, s-maxage=900, public etag: "7cea0ae85c44d1eba596f54bc9237044" x-cache: Error from cloudfront via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: XDyy-kNuoNPGDA2nVBXQXiaVPw1l1sGP0Uhq5okrAcki9nk7hoJ_9Q== age: 791 vary: Accept-Encoding, Origin X-Firefox-Spdy: h2

	js.intercomcdn.com/frame.fa6b8de5.js	54.230.111.118	200 OK	139 kB
URL HTTP/2 js.intercomcdn.com/frame.fa6b8de5.js IP 54.230.111.118:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 139 kB (139150 bytes) Hash 244b6c420a9aa582bf878e60f1cdb2f2 ebc9b83485e9fa1c3fef1d0ce1d3c7a1e4b1eea0 6ea2000b3918a5db65674b6b0cd25904395a6e459d8ad9e3f259d11cb41704fc HTTP Headers `GET /frame.fa6b8de5.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 139150 last-modified: Tue, 17 Jan 2023 16:18:07 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: V0mkPrPa1yXkQW9MCkW0JrOLEYfIisOJ accept-ranges: bytes server: AmazonS3 date: Wed, 18 Jan 2023 03:28:45 GMT cache-control: max-age=31536000, s-maxage=7200, public etag: "244b6c420a9aa582bf878e60f1cdb2f2" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: KUQrs4IdN05runH8HqGFLCa9tfBVjdBxHooziwJCLWXFlaHg0OBgJQ== age: 6957 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 244b977451272352732f1817b3a68310 dae26a228c28c9e8d41df427d517bdaf9cdac0d2 2c818da7ccc81eb26e8383cac6f270e8ce9f2e7ad048240b9eee137219d7f56f HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=131334 Date: Wed, 18 Jan 2023 05:24:42 GMT Etag: "63c6cbf1-1d7" Expires: Thu, 19 Jan 2023 17:53:36 GMT Last-Modified: Tue, 17 Jan 2023 16:25:21 GMT Server: ECS (dcb/7F37) X-Cache: Miss from cloudfront Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: CB_nMbAPOn5JU__GcW42jIzgT4TVC33wpGra0tHAo-U_u3EhBOf-JA== Age: 5295

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 0c853c7098dbba4fb67b3355b2f31c7f 8aff517def043bc74d20d1a4de44428b49666dce 2286a744386ec84c215dd583d8a45f2210d22fb1096bfefa275adc4c240885e0 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=107372 Date: Wed, 18 Jan 2023 05:24:42 GMT Etag: "63c66d91-1d7" Expires: Thu, 19 Jan 2023 11:14:14 GMT Last-Modified: Tue, 17 Jan 2023 09:42:41 GMT Server: ECS (nyb/1D16) X-Cache: Miss from cloudfront Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: oPUYKr3v1mZmpLzabgkVzzbED7d0pML_gDbF1lg6uX7OMKdXfS74RQ== Age: 5494

	c.evidon.com/sitenotice/3401/translations/en.js	104.88.23.136	200 OK	38 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/translations/en.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type data Size 38 kB (37570 bytes) Hash 8901c541164be32445525ba69bf95e3b b15734e67d566f2850b579e4035405653b914e9d 0928257dec87639a53d06c9d691564b04a3ee643b3aa294a181235100c32d56a HTTP Headers `GET /sitenotice/3401/translations/en.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "92ddb3e3355b422d8513e225548bbf64:1664899591.798772" last-modified: Tue, 04 Oct 2022 16:06:31 GMT server: AkamaiNetStorage content-encoding: gzip expires: Fri, 20 Jan 2023 05:24:42 GMT date: Wed, 18 Jan 2023 05:24:42 GMT content-length: 6406 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/evidon-sitenotice-tag.js	104.88.23.136	200 OK	20 kB
URL HTTP/2 c.evidon.com/sitenotice/evidon-sitenotice-tag.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (65536), with no line terminators Size 20 kB (19598 bytes) Hash 3b00a7ecdaf4bff1751456e89ce005f4 2645658a488474676e934af157bf2164f8edeb6b b8fb30b4d1bdb4738bf563d499929ccdadda6a489d88faf959f40166268ed300 HTTP Headers `GET /sitenotice/evidon-sitenotice-tag.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "b9539a2e77d15a946ad29fbada55c14c:1671558610.191575" last-modified: Tue, 20 Dec 2022 17:50:10 GMT server: AkamaiNetStorage content-encoding: gzip expires: Fri, 20 Jan 2023 05:24:42 GMT date: Wed, 18 Jan 2023 05:24:42 GMT content-length: 19598 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/snthemes.js	104.88.23.136	200 OK	5.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/snthemes.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (65536), with no line terminators Size 5.7 kB (5695 bytes) Hash 9a975aa3305c4011b3e07119d2376913 4545dc0986810ba851360f910219b34ce7c4446d 400f7ad9cb8378b5839d4f3449381d936f37fd0762f8507d283304c82068d122 HTTP Headers `GET /sitenotice/3401/snthemes.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "0e8f664fca39681028b4b07b5be34f2d:1659131785.898398" last-modified: Fri, 29 Jul 2022 21:56:25 GMT server: AkamaiNetStorage content-encoding: gzip expires: Fri, 20 Jan 2023 05:24:42 GMT date: Wed, 18 Jan 2023 05:24:42 GMT content-length: 5695 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	d.dropbox.com/crashdash/proxy/sessions	162.125.7.20	200 OK	0 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.7.20:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Referer: https://docsend.com/ Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods: POST access-control-allow-origin: * content-length: 0 date: Wed, 18 Jan 2023 05:24:42 GMT server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: 1c9343098430435ea9f6804f7952d201 X-Firefox-Spdy: h2`

	www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service	162.125.71.18	200 OK	3.7 kB
URL HTTP/2 www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service IP 162.125.71.18:0 ASN #19679 DROPBOX File type ASCII text, with very long lines (4100) Size 3.7 kB (3713 bytes) Hash a27023d7216f2ed87993c210f3e28bc3 d69dabfd6f316d07bf0fe7e091680e0690221676 17d0c6df5ab32579d163a0ed91e7ea456d3ad55e536ff1c3fbb52b600e27cae9 HTTP Headers GET /pithos/host%3Aconsent.dropbox.com/privacy_consent_service HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Cookie: gvc=MzYxNzQ0OTYyNjY5MDA1MzU4ODEzODE3OTI0MDU2MDM0OTI1MjQ%3D; t=n2Pmd5AsHU0_fp4J0EgbUwJE; __Host-js_csrf=n2Pmd5AsHU0_fp4J0EgbUwJE; locale=en; __Host-logged-out-session=ChA6d13eD+ef%2Fl9EJ4+EGVLOEJiFnp4GGi5BRmoxb2R2cnRNZ0NzVFJYeDV0Z3UzZ0tQNEpjN1hDeU54ZjI5N01JZ1NqbFpn Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK cache-control: no-cache,no-cache, no-store content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-uVmXQoJzAm9F/fCcNLcN' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-uVmXQoJzAm9F/fCcNLcN' 'nonce-A0bXDciWzErXUESV0vKj' referrer-policy: strict-origin-when-cross-origin set-cookie: t=n2Pmd5AsHU0_fp4J0EgbUwJE; Domain=dropbox.com; expires=Sat, 17 Jan 2026 05:24:42 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=n2Pmd5AsHU0_fp4J0EgbUwJE; expires=Sat, 17 Jan 2026 05:24:42 GMT; Path=/; SameSite=None; Secure __Host-ss=Shz9r-bdTQ; expires=Sat, 17 Jan 2026 05:24:42 GMT; HttpOnly; Path=/; SameSite=Strict; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-server-response-time: 28 x-xss-protection: 1; mode=block content-type: text/javascript; charset=UTF-8 date: Wed, 18 Jan 2023 05:24:41 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 5b1f3511261e43fd82dfc4e52ee56837 X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/3401/dropbox/settingsV2.js	104.88.23.136	200 OK	1.7 kB
URL HTTP/2 c.evidon.com/sitenotice/3401/dropbox/settingsV2.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (5082), with no line terminators Size 1.7 kB (1691 bytes) Hash 181b62cb4ca1877b5952d8864d1ddb04 ebae59485369852733c2648e907227b2a7666bc5 425ce9a30e4efd92bce6af1d1c99a07a276691e091e66dccb9c50746a1830e0f HTTP Headers `GET /sitenotice/3401/dropbox/settingsV2.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "7119db14253f426ac1ed52da3fd5d054:1662485692.434043" last-modified: Tue, 06 Sep 2022 17:34:52 GMT server: AkamaiNetStorage content-encoding: gzip expires: Fri, 20 Jan 2023 05:24:42 GMT date: Wed, 18 Jan 2023 05:24:42 GMT content-length: 1691 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	c.evidon.com/sitenotice/evidon-banner.js	104.88.23.136	200 OK	3.5 kB
URL HTTP/2 c.evidon.com/sitenotice/evidon-banner.js IP 104.88.23.136:0 ASN #16625 AKAMAI-AS File type ASCII text, with very long lines (12607), with no line terminators Size 3.5 kB (3535 bytes) Hash 304674456118422bd448366f7bb05879 c6549199a4fb419c05a3513238a89002307034b9 29f57f0aeee0a530b881df6908e653f58c6d570b05174b2e1a6bba2a75c4e068 HTTP Headers `GET /sitenotice/evidon-banner.js HTTP/1.1 Host: c.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "953f08dcce4b8af3f743056f673c8514:1671558610.744236" last-modified: Tue, 20 Dec 2022 17:50:10 GMT server: AkamaiNetStorage content-encoding: gzip expires: Fri, 20 Jan 2023 05:24:42 GMT date: Wed, 18 Jan 2023 05:24:42 GMT content-length: 3535 vary: Accept-Encoding, Origin cache-control: max-age=172800, private;max-age=86400 access-control-max-age: 108000 access-control-allow-origin: access-control-allow-headers: * access-control-allow-methods: GET,OPTIONS,POST X-Firefox-Spdy: h2

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4057 Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-3MLUSeciYE8LthzIeDbB' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-3MLUSeciYE8LthzIeDbB' 'nonce-K5he+di+X/9Ib0Y+znwe' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=ODYwNDMxNTQ3NDk5Nzc2OTE3NDMyMDczNjgxNzM5NzA5MDYwNzE%3D; expires=Mon, 17 Jan 2028 05:24:42 GMT; HttpOnly; Path=/; SameSite=None; Secure t=lCc1y24axK5MF7N3o-7etwZ8; Domain=dropbox.com; expires=Sat, 17 Jan 2026 05:24:42 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=lCc1y24axK5MF7N3o-7etwZ8; expires=Sat, 17 Jan 2026 05:24:42 GMT; Path=/; SameSite=None; Secure __Host-ss=l-WnZisZzI; expires=Sat, 17 Jan 2026 05:24:42 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Mon, 17 Jan 2028 05:24:42 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Wed, 18 Jan 2023 05:24:42 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 12434176f90648019414383e467a687c X-Firefox-Spdy: h2

	d.dropbox.com/crashdash/proxy/sessions	162.125.7.20	202 Accepted	21 B
URL HTTP/2 d.dropbox.com/crashdash/proxy/sessions IP 162.125.7.20:0 ASN #19679 DROPBOX File type JSON data\012- , ASCII text, with no line terminators Size 21 B (21 bytes) Hash 1807ffa1d44e667592a0f91c668ba65b 4d48849fa0f6917c9c57ed958680e9a1e722382b 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a HTTP Headers POST /crashdash/proxy/sessions HTTP/1.1 Host: d.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Bugsnag-Api-Key: 0bca6a0a-c303-4b27-84cb-60ebe421858a Bugsnag-Payload-Version: 1 Bugsnag-Sent-At: 2023-01-18T05:24:40.621Z Content-Length: 465 Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 202 Accepted access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 bugsnag-session-uuid: 7ba88067-21ae-420a-a817-7e3a844e4ca5 content-security-policy: sandbox; default-src 'none'; frame-ancestors 'none' content-type: application/json date: Wed, 18 Jan 2023 05:24:42 GMT referrer-policy: strict-origin-when-cross-origin via: 1.1 google x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 21 server: envoy x-dropbox-response-origin: far_remote x-dropbox-request-id: 383b6bc6f0764473ae4033df7430d140 X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 48d02ac5cccbaece8636b20ac03136aa dac54ca36f2ae43dd4770dfa2f37dbe94b2f26f4 f827633149251fa94f54653100a41f50499916ffd3b431d6fc3b6e8476a6c5c8 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=127131 Date: Wed, 18 Jan 2023 05:24:42 GMT Etag: "63c6b6ca-1d7" Expires: Thu, 19 Jan 2023 16:43:33 GMT Last-Modified: Tue, 17 Jan 2023 14:55:06 GMT Server: ECS (bsa/EB13) X-Cache: Miss from cloudfront Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: bL8IJPhod-OenUqWT_RnXbqSObaSdq0zBGQYDs1Z_U4NmuzaB7gv5g== Age: 6507

	ocsp.sca1b.amazontrust.com/	54.230.245.100	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.100:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 48d02ac5cccbaece8636b20ac03136aa dac54ca36f2ae43dd4770dfa2f37dbe94b2f26f4 f827633149251fa94f54653100a41f50499916ffd3b431d6fc3b6e8476a6c5c8 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=127131 Date: Wed, 18 Jan 2023 05:24:42 GMT Etag: "63c6b6ca-1d7" Expires: Thu, 19 Jan 2023 16:43:33 GMT Last-Modified: Tue, 17 Jan 2023 14:55:06 GMT Server: ECS (bsa/EB1B) X-Cache: Miss from cloudfront Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 2JN1tqYmfyh04DdveqR4NFAEn5CSr5OTbYutLrT_qLV83eqvej5Kxg== Age: 6507

	l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F	54.236.105.201	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F IP 54.236.105.201:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Wed, 18 Jan 2023 05:24:42 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F	54.236.105.201	204 No Content	0 B
URL HTTP/2 l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F IP 54.236.105.201:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https%3A%2F%2Fdocsend.com%2F HTTP/1.1 Host: l.evidon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://consent.dropbox.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Wed, 18 Jan 2023 05:24:42 GMT x-powered-by: Express etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2`

	nexus-websocket-a.intercom.io/pubsub/5-5t1t3_fMJXVsLdmy0HzNHrEoH76sEu4QHk7jopBlhLVe5PgplYslADFf0tjdKb7IplvGVxTnRIU8Acb6uz6F94-UA3QMSxd8uepN?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined	35.174.127.31	101 Switching Protocols	0 B
URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-5t1t3_fMJXVsLdmy0HzNHrEoH76sEu4QHk7jopBlhLVe5PgplYslADFf0tjdKb7IplvGVxTnRIU8Acb6uz6F94-UA3QMSxd8uepN?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined IP 35.174.127.31:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /pubsub/5-5t1t3_fMJXVsLdmy0HzNHrEoH76sEu4QHk7jopBlhLVe5PgplYslADFf0tjdKb7IplvGVxTnRIU8Acb6uz6F94-UA3QMSxd8uepN?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1 Host: nexus-websocket-a.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://docsend.com Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 4iHmKUkQXT1M8S9+gPLvtg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Server: nginx Date: Wed, 18 Jan 2023 05:24:43 GMT Connection: upgrade Upgrade: websocket Sec-WebSocket-Accept: AGbKzEqfZzZLUrwESMsBp5kmzOE= Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover`

	www.dropbox.com/csp_log?policy_name=docsend	162.125.71.18	204 No Content	0 B
URL HTTP/2 www.dropbox.com/csp_log?policy_name=docsend IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /csp_log?policy_name=docsend HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/csp-report Content-Length: 4057 Origin: https://docsend.com Connection: keep-alive Sec-Fetch-Dest: report Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content cache-control: no-cache,no-cache, no-store content-disposition: attachment content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-Ux2K51sJGCT8PD3+y2Qg' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-Ux2K51sJGCT8PD3+y2Qg' 'nonce-p77aDs3f7CuMRA6cp2tV' referrer-policy: strict-origin-when-cross-origin set-cookie: gvc=MTQ0MjQ1MDU5NzcwMjYxODE2NTM1NTgzNDM3NDY4NTEzNTk5NjU2; expires=Mon, 17 Jan 2028 05:24:44 GMT; HttpOnly; Path=/; SameSite=None; Secure t=IN-kEBqE7g8N3vL7sccrqOvk; Domain=dropbox.com; expires=Sat, 17 Jan 2026 05:24:44 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=IN-kEBqE7g8N3vL7sccrqOvk; expires=Sat, 17 Jan 2026 05:24:44 GMT; Path=/; SameSite=None; Secure __Host-ss=c-wSNB-8Pg; expires=Sat, 17 Jan 2026 05:24:44 GMT; HttpOnly; Path=/; SameSite=Strict; Secure locale=en; Domain=dropbox.com; expires=Mon, 17 Jan 2028 05:24:44 GMT; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/plain; charset=utf-8 date: Wed, 18 Jan 2023 05:24:44 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 21491f62f12e41be9d94072eee08fad7 X-Firefox-Spdy: h2

	api-iam.intercom.io/messenger/web/ping	3.93.95.179	200 OK	0 B
URL HTTP/2 api-iam.intercom.io/messenger/web/ping IP 3.93.95.179:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers `POST /messenger/web/ping HTTP/1.1 Host: api-iam.intercom.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 391 Origin: https://docsend.com Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 18 Jan 2023 05:24:43 GMT content-type: application/json; charset=utf-8 status: 200 OK cache-control: max-age=0, private, must-revalidate x-ratelimit-limit: 13333 x-ratelimit-reset: 1674019490 strict-transport-security: max-age=31556952; includeSubDomains; preload x-ratelimit-remaining: 13316 access-control-allow-origin: https://docsend.com vary: Accept,Accept-Encoding x-intercom-version: 67c61f1008408fd5c55324ccba9cd151d4da6fea x-xss-protection: 1; mode=block content-encoding: gzip x-request-id: 00365kdtjojed9u80ib0 access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA access-control-allow-credentials: true access-control-allow-methods: POST, GET, OPTIONS etag: W/"812a05f4d4ff237e46cb0218e0d4da00" x-runtime: 0.298446 x-frame-options: SAMEORIGIN x-content-type-options: nosniff server: nginx x-ami-version: ami-0705273452fc644ba X-Firefox-Spdy: h2

	urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n	194.39.109.114	302 Found	0 B
URL HTTP/2 urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type Size 0 B (0 bytes) Hash HTTP Headers GET /?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx content-type: text/html; charset=UTF-8 cache-control: no-cache, private date: Wed, 18 Jan 2023 05:24:37 GMT location: //urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=1 strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' X-Firefox-Spdy: h2

	urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=2	194.39.109.114	200 OK	0 B
URL HTTP/2 urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=2 IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type Size 0 B (0 bytes) Hash HTTP Headers `GET /?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=2 HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx content-type: application/json cache-control: no-cache, private date: Wed, 18 Jan 2023 05:24:39 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' X-Firefox-Spdy: h2`

	www.dropbox.com/pithos/host%3Adocsend.com/privacy_consent	162.125.71.18	200 OK	0 B
URL HTTP/2 www.dropbox.com/pithos/host%3Adocsend.com/privacy_consent IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers GET /pithos/host%3Adocsend.com/privacy_consent HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://docsend.com/ Connection: keep-alive Cookie: gvc=MzYxNzQ0OTYyNjY5MDA1MzU4ODEzODE3OTI0MDU2MDM0OTI1MjQ%3D; t=n2Pmd5AsHU0_fp4J0EgbUwJE; __Host-js_csrf=n2Pmd5AsHU0_fp4J0EgbUwJE; locale=en Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK cache-control: no-cache,no-cache, no-store content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-uVmXQoJzAm9F/fCcNLcN' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-uVmXQoJzAm9F/fCcNLcN' 'nonce-A0bXDciWzErXUESV0vKj' referrer-policy: strict-origin-when-cross-origin set-cookie: t=n2Pmd5AsHU0_fp4J0EgbUwJE; Domain=dropbox.com; expires=Sat, 17 Jan 2026 05:24:40 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=n2Pmd5AsHU0_fp4J0EgbUwJE; expires=Sat, 17 Jan 2026 05:24:40 GMT; Path=/; SameSite=None; Secure __Host-ss=Shz9r-bdTQ; expires=Sat, 17 Jan 2026 05:24:40 GMT; HttpOnly; Path=/; SameSite=Strict; Secure __Host-logged-out-session=ChA6d13eD+ef%2Fl9EJ4+EGVLOEJiFnp4GGi5BRmoxb2R2cnRNZ0NzVFJYeDV0Z3UzZ0tQNEpjN1hDeU54ZjI5N01JZ1NqbFpn; HttpOnly; Path=/; SameSite=None; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-server-response-time: 17 x-xss-protection: 1; mode=block content-type: text/javascript; charset=UTF-8 date: Wed, 18 Jan 2023 05:24:40 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: 6d6fc4d08780497e94a95718c0c7da35 X-Firefox-Spdy: h2

	www.dropbox.com/pithos/privacy_consent_service	162.125.71.18	307 Temporary Redirect	0 B
URL HTTP/2 www.dropbox.com/pithos/privacy_consent_service IP 162.125.71.18:0 ASN #19679 DROPBOX File type Size 0 B (0 bytes) Hash HTTP Headers GET /pithos/privacy_consent_service HTTP/1.1 Host: www.dropbox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consent.dropbox.com/ Connection: keep-alive Cookie: gvc=MzYxNzQ0OTYyNjY5MDA1MzU4ODEzODE3OTI0MDU2MDM0OTI1MjQ%3D; t=n2Pmd5AsHU0_fp4J0EgbUwJE; __Host-js_csrf=n2Pmd5AsHU0_fp4J0EgbUwJE; locale=en; __Host-logged-out-session=ChA6d13eD+ef%2Fl9EJ4+EGVLOEJiFnp4GGi5BRmoxb2R2cnRNZ0NzVFJYeDV0Z3UzZ0tQNEpjN1hDeU54ZjI5N01JZ1NqbFpn Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 307 Temporary Redirect cache-control: no-cache,no-cache, no-store content-security-policy: sandbox location: https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service referrer-policy: strict-origin-when-cross-origin set-cookie: t=n2Pmd5AsHU0_fp4J0EgbUwJE; Domain=dropbox.com; expires=Sat, 17 Jan 2026 05:24:41 GMT; HttpOnly; Path=/; SameSite=None; Secure __Host-js_csrf=n2Pmd5AsHU0_fp4J0EgbUwJE; expires=Sat, 17 Jan 2026 05:24:41 GMT; Path=/; SameSite=None; Secure __Host-ss=Shz9r-bdTQ; expires=Sat, 17 Jan 2026 05:24:41 GMT; HttpOnly; Path=/; SameSite=Strict; Secure x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block content-type: text/html; charset=utf-8 date: Wed, 18 Jan 2023 05:24:41 GMT server: envoy strict-transport-security: max-age=31536000; includeSubDomains content-encoding: gzip vary: Accept-Encoding x-dropbox-response-origin: far_remote x-dropbox-request-id: afaac15712f041fa9cf9855ba4e0df13 X-Firefox-Spdy: h2

	js.intercomcdn.com/vendor.1e18dfa4.js	54.230.111.118	200 OK	0 B
URL HTTP/2 js.intercomcdn.com/vendor.1e18dfa4.js IP 54.230.111.118:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /vendor.1e18dfa4.js HTTP/1.1 Host: js.intercomcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 content-length: 108267 last-modified: Tue, 17 Jan 2023 16:18:07 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: QczBrcXcTl7MhGG7iblh5Uwoli9s8sQn accept-ranges: bytes server: AmazonS3 date: Wed, 18 Jan 2023 03:25:52 GMT cache-control: max-age=31536000, s-maxage=7200, public etag: "0150ec6d79e062df337a1b4861633e7a" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: oFXz1UWSwj5uzlnIT2QRcKZyOii6eu_iVoo-V8fpumDcteoxoZPjjg== age: 7130 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=1	194.39.109.114	200 OK	0 B
URL HTTP/2 urlsand.esvalabs.com/?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=1 IP 194.39.109.114:0 ASN #202053 UpCloud Ltd File type Size 0 B (0 bytes) Hash HTTP Headers GET /?u=https://docsend.com/view/qg82qfqti6sj7mwc&e=fe314e73&h=12339cdf&f=y&p=n&l=1 HTTP/1.1 Host: urlsand.esvalabs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 200 OK server: nginx content-type: text/html; charset=UTF-8 cache-control: no-cache, private date: Wed, 18 Jan 2023 05:24:37 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload; x-frame-options: SAMEORIGIN content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline'; x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin feature-policy: fullscreen 'self' X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700 IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Open+Sans:400italic,700italic,400,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://urlsand.esvalabs.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 18 Jan 2023 05:24:38 GMT date: Wed, 18 Jan 2023 05:24:38 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Open+Sans:700,600,400,400italic,300,300italic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://docsend.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 18 Jan 2023 05:24:40 GMT date: Wed, 18 Jan 2023 05:24:40 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL