urlscan.io logo urlscan.io
SecurityTrails logo

app.hellofax.com Open in urlscan Pro
52.3.22.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.hellofax.com/editor/view/super_group_guid/373192e242b71f1330578d0f822a5f5e9deadf93?utm_campaign=received_fax&...
Effective URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group...
Submission: On December 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 64 HTTP transactions. The main IP is 52.3.22.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.hellofax.com. The Cisco Umbrella rank of the primary domain is 469370.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 18th 2023. Valid for: a year.
This is the only time app.hellofax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 52.3.22.111 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
12 2600:9000:223... 16509 (AMAZON-02)
2 4 2620:100:6022... 19679 (DROPBOX)
5 2a00:1450:400... 15169 (GOOGLE)
1 35.186.247.156 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.32.27.23 16509 (AMAZON-02)
9 2600:9000:223... 16509 (AMAZON-02)
3 108.128.70.10 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 18.66.112.65 16509 (AMAZON-02)
3 104.18.37.212 13335 (CLOUDFLAR...)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 63.140.62.108 15224 (OMNITURE)
1 1 34.255.242.39 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
64 22
7    52.3.22.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-22-111.compute-1.amazonaws.com
app.hellofax.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2600:9000:223c:9e00:f:df32:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.hellosign.com
4    2620:100:6022:18::a27d:4212 (United States)

ASN19679 (DROPBOX, US)
www.dropbox.com
5    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700::6810:641d (United States)

ASN13335 (CLOUDFLARENET, US)
cfl.dropboxstatic.com
4    2606:4700:4400::ac40:9a56 (United States)

ASN13335 (CLOUDFLARENET, US)
client-api.arkoselabs.com
1    13.32.27.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-23.fra56.r.cloudfront.net
marketing.hellofax.com
9    2600:9000:223e:7400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
3    108.128.70.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-70-10.eu-west-1.compute.amazonaws.com
dpm.demdex.net
dropbox.demdex.net
1    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    18.66.112.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-65.fra56.r.cloudfront.net
t.contentsquare.net
3    104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)
js.zi-scripts.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    63.140.62.108 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-108.data.adobedc.net
dpiprodesntls.112.2o7.net
1    34.255.242.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-242-39.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
12 hellosign.com
cdn.hellosign.com — Cisco Umbrella Rank: 59801
3 MB
9 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1001
141 KB
8 hellofax.com
app.hellofax.com — Cisco Umbrella Rank: 469370
marketing.hellofax.com — Cisco Umbrella Rank: 801731
17 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 629
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
5 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
386 KB
4 arkoselabs.com
client-api.arkoselabs.com — Cisco Umbrella Rank: 21762
107 KB
4 dropboxstatic.com
cfl.dropboxstatic.com — Cisco Umbrella Rank: 7048
19 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
4 dropbox.com
www.dropbox.com — Cisco Umbrella Rank: 2721
11 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 9404
3 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
dropbox.demdex.net — Cisco Umbrella Rank: 109229
5 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
2 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1110
517 B
1 2o7.net
dpiprodesntls.112.2o7.net — Cisco Umbrella Rank: 139629
272 B
1 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3083
76 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763
15 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 171
324 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
944 B
64 20
Domain Requested by
12 cdn.hellosign.com app.hellofax.com
cdn.hellosign.com
9 tags.tiqcdn.com cfl.dropboxstatic.com
tags.tiqcdn.com
7 app.hellofax.com 1 redirects app.hellofax.com
cdn.hellosign.com
www.googletagmanager.com
5 www.googletagmanager.com app.hellofax.com
www.google-analytics.com
tags.tiqcdn.com
www.googletagmanager.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 client-api.arkoselabs.com cdn.hellosign.com
client-api.arkoselabs.com
4 cfl.dropboxstatic.com www.dropbox.com
4 www.google-analytics.com www.googletagmanager.com
cdn.hellosign.com
4 www.dropbox.com 2 redirects app.hellofax.com
marketing.hellofax.com
3 js.zi-scripts.com tags.tiqcdn.com
js.zi-scripts.com
2 dpm.demdex.net tags.tiqcdn.com
1 www.google.de
1 www.google.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 cm.everesttech.net 1 redirects
1 dpiprodesntls.112.2o7.net tags.tiqcdn.com
1 dropbox.demdex.net tags.tiqcdn.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 t.contentsquare.net tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 marketing.hellofax.com cfl.dropboxstatic.com
1 sentry.io cdn.hellosign.com
1 fonts.googleapis.com app.hellofax.com
64 24

This site contains links to these domains. Also see Links.

Domain
de.hellosign.com
Subject Issuer Validity Valid
*.hellofax.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-18 -
2024-02-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.hellosign.com
Amazon RSA 2048 M02		 2023-05-15 -
2024-06-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
cfl.dropboxstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-14 -
2024-02-24		 a year crt.sh
arkoselabs.com
Cloudflare Inc ECC CA-3		 2023-08-23 -
2024-08-22		 a year crt.sh
marketing.hellofax.com
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-25		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
zi-scripts.com
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.112.2o7.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh

This page contains 5 frames:

Primary Page: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Frame ID: 5695C377DD8DB4D22B29435B321BC429
Requests: 28 HTTP requests in this frame

Frame: https://marketing.hellofax.com/account/logIn
Frame ID: F1962700A293335F2BBAD17AEC6AD7AC
Requests: 30 HTTP requests in this frame

Frame: https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
Frame ID: EE53E9B761E022DF502128C452AE4FCB
Requests: 1 HTTP requests in this frame

Frame: https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
Frame ID: 560113D2E31B93474CC9B362F988CE9F
Requests: 3 HTTP requests in this frame

Frame: https://dropbox.demdex.net/dest5.html?d_nsid=0
Frame ID: 5C90178D29871AFA40AA1AB967AD2D0B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden | Dropbox Fax

Page URL History Show full URLs

  1. https://app.hellofax.com/editor/view/super_group_guid/373192e242b71f1330578d0f822a5f5e9deadf93?utm_ca... HTTP 302
    https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

92 %
HTTPS

59 %
IPv6

20
Domains

24
Subdomains

22
IPs

4
Countries

3580 kB
Transfer

16739 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.hellofax.com/editor/view/super_group_guid/373192e242b71f1330578d0f822a5f5e9deadf93?utm_campaign=received_fax&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original HTTP 302
    https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.dropbox.com/pithos/marketing_tracker_client,ux_analytics,hellosign_marketing_utils,privacy_consent HTTP 307
  • https://www.dropbox.com/pithos/host%3Aapp.hellofax.com/marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent
Request Chain 32
  • https://www.dropbox.com/pithos/marketing_tracker_service HTTP 307
  • https://www.dropbox.com/pithos/host%3Amarketing.hellofax.com/marketing_tracker_service
Request Chain 52
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4551770%26time%3D1702651618842%26url%3Dhttps%253A%252F%252Fmarketing.hellofax.com%252Faccount%252FlogIn%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true&liSync=true&e_ipv6=AQKY0Wna-VrJ0QAAAYxt8eiGgru6PBAaxCJlcb0nXxZwmZwRhTX8Bl1Wdwzp7JRwAVCi30t0dfHv
Request Chain 55
  • https://cm.everesttech.net/cm/dd?d_uuid=09757420249134724183264986195042213497 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXxm4wAAALQ98gO-

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request logIn
app.hellofax.com/account/
Redirect Chain
  • https://app.hellofax.com/editor/view/super_group_guid/373192e242b71f1330578d0f822a5f5e9deadf93?utm_campaign=received_fax&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=or...
  • https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_f...
7 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.22.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-22-111.compute-1.amazonaws.com
Software
Apache /
Resource Hash
34e18b2cfba137b9d72544cdcb79f4e17368ad22ba011534e5f49a4b275a73c3
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-6luTMW5i5l+FkmWUka6LEJMF' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://cdn.arkoselabs.com https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellofax.com/csp_report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy base-uri 'none'; connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-6luTMW5i5l+FkmWUka6LEJMF' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://cdn.arkoselabs.com https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellofax.com/csp_report; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2787
Content-Security-Policy
base-uri 'none'; connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-6luTMW5i5l+FkmWUka6LEJMF' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://cdn.arkoselabs.com https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellofax.com/csp_report; upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Dec 2023 14:46:56 GMT
P3P
CP="NOP3PPOLICY"
Referrer-Policy
origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Security-Policy
base-uri 'none'; connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-6luTMW5i5l+FkmWUka6LEJMF' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://cdn.arkoselabs.com https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellofax.com/csp_report; upgrade-insecure-requests
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Ua-Compatible
IE=Edge
X-Webkit-Csp
base-uri 'none'; connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-6luTMW5i5l+FkmWUka6LEJMF' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://cdn.arkoselabs.com https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellofax.com/csp_report; upgrade-insecure-requests

Redirect headers

Connection
keep-alive
Content-Length
369
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Dec 2023 14:46:56 GMT
Location
https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
P3P
CP="NOP3PPOLICY"
Server
Apache
Strict-Transport-Security
max-age=31536000
css
fonts.googleapis.com/ 		3 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Taviraj:regular,500&subset=latin,latin-ext
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b890a5515826939e15c9e7fe54394236b2949ec05ffc5c6a1b948725e3282507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 14:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 14:46:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 14:46:56 GMT
hellospa.css
cdn.hellosign.com/1.170.0/build/ 		755 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/hellospa.css
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d2d582253a9612e4b73123fc1c9d331d4096d680c4f4d6bef9b87553d3b638b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 21:12:31 GMT
x-amz-version-id
hPoox0QoyU83Bubru7BwR338UBf4SrUi
content-encoding
br
last-modified
Wed, 06 Dec 2023 17:36:22 GMT
server
AmazonS3
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"4f4ca7e2be20f55365dfc757d2775cef"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
63265
x-amz-cf-id
OpZ1tdYz11lSdESPHlI3OjIxznxRRub4GEH5ppn3QKi52N6WnU5Y2Q==
marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent
www.dropbox.com/pithos/host%3Aapp.hellofax.com/
Redirect Chain
  • https://www.dropbox.com/pithos/marketing_tracker_client,ux_analytics,hellosign_marketing_utils,privacy_consent
  • https://www.dropbox.com/pithos/host%3Aapp.hellofax.com/marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent
13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dropbox.com/pithos/host%3Aapp.hellofax.com/marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Server
2620:100:6022:18::a27d:4212 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
ab8bc1a5f98f2bd1443236f850dd106fd22a4baaea73c8ccf195e40d9095b3f4
Security Headers
Name Value
Content-Security-Policy base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-0lvY242vfP5scLdMzWde' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-0lvY242vfP5scLdMzWde' 'nonce-NCGVW+iGemR55XI5BwzL'
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-0lvY242vfP5scLdMzWde' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-0lvY242vfP5scLdMzWde' 'nonce-NCGVW+iGemR55XI5BwzL'
date
Fri, 15 Dec 2023 14:46:57 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id
15776d47f53c4ed0b335d5c6f06fbefc
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-server-response-time
26
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, no-store

Redirect headers

content-security-policy
sandbox
date
Fri, 15 Dec 2023 14:46:56 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id
d0e5b9999b2b4eeca2f361aa9ed471fc
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://www.dropbox.com/pithos/host%3Aapp.hellofax.com/marketing_tracker_client%2Cux_analytics%2Chellosign_marketing_utils%2Cprivacy_consent
cache-control
no-cache, no-store
de-DE.js
cdn.hellosign.com/1.170.0/build/translations/ 		602 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/translations/de-DE.js
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e652d172a3f800eacf884c6feb172f7b11865fbf023ff7e55488039f3aa31c85

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
JGb.YqHv08A7NDZGEPQUd86p6Am9Q5ND
content-encoding
br
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 10:44:09 GMT
x-amz-cf-pop
FRA56-P2
age
14568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:22 GMT
server
AmazonS3
etag
W/"38156b475f759da83d1beb8b0ab7cfef"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
SVAWxHZg5iwlgwRGnvT3_O16LklBWpSA4UuGuNAeEOLb3lq_bRjRAw==
jquery3.js
cdn.hellosign.com/1.170.0/build/ 		3 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/jquery3.js
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
898013fecc16a8b97144874415bd404e2bce5331aea8dfdf69737a464befb256

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:44:27 GMT
x-amz-version-id
nyL6BwFzGGI4vv0bF_Jj3bCOYcl29FUm
content-encoding
br
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
28950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:22 GMT
server
AmazonS3
etag
W/"d0e50fc475d83451fbe390c12dd15b56"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
q6vDKB_9TUlWh-MI3Y-ygDSdRzmiAN98fhS9o9WDheCIP2sddtdt-Q==
common.js
cdn.hellosign.com/1.170.0/build/ 		5 MB
921 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/common.js
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f30976d3fd94b82d08550368ad72dc3df0de52b1588b125d395edafda0850c6b

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 17:25:43 GMT
x-amz-version-id
3YfAaZudI2DEcypbKejgpW67DMJ89vaa
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
76873
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:20 GMT
server
AmazonS3
etag
W/"3c2959066c3c74b68bdb7b22d4154bd7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
60R74CyPb-o6oJdAMcwOYcwfsILxrvsK9zBmRkUvs-dyvXTWTxIBbA==
hellospa.js
cdn.hellosign.com/1.170.0/build/ 		3 MB
525 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/hellospa.js
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5095b438c5c3406dffd886ce0302fad1dd27a574b9f6af78cbe6c61262be13bf

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:44:27 GMT
x-amz-version-id
CNKy63NZLjmTAxXdQ3DoBpgK5VXpBfiL
content-encoding
br
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
28950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:22 GMT
server
AmazonS3
etag
W/"9917c16f0ce4ea5faad380d0c5369bf4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
-f4Cd01Uih_4BTMUaRQiEjapU-ixuGMa0KiUBZTD1KPoW0cUgVwnJQ==
csp_report
app.hellofax.com/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.hellofax.com/csp_report
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.22.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-22-111.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 15 Dec 2023 14:46:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
P3P
CP="NOP3PPOLICY"
Cache-Control
private
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		209 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVPHMZ
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1d3b08c54cf2ba7e7da99aa494a11b0d3b32e6bfb244e06d86874277207e44f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75625
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Dec 2023 14:46:57 GMT
/
sentry.io/api/5173472/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/5173472/envelope/?sentry_key=6e9fe57ccbc44ee289523c7c1a3272d4&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hellofax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
3.90ba33314669a0b8259a.js
cdn.hellosign.com/1.170.0/build/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/3.90ba33314669a0b8259a.js
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31743d9a50ef3ac4bbfebac59adce67f9154333e000fcd195d752270b80cf1f6

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
XXm6eWQ58Ohd2_mXcbVbIJDlNyAozW.S
content-encoding
br
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 03:22:30 GMT
x-amz-cf-pop
FRA56-P2
age
41068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:18 GMT
server
AmazonS3
etag
W/"27570c061526925133ff3fa79b3675ea"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
KDawkVCJ6pRRLZrPnWrMcWqrUSRP00r3VYvcqjw1TtftDirvVnnKCQ==
vendors~hellospa-IntegrationEditTemplate~hellospa-integrationstatus~hellospa-signinpage.abf2e0d06d600f94d0ac.js
cdn.hellosign.com/1.170.0/build/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/vendors~hellospa-IntegrationEditTemplate~hellospa-integrationstatus~hellospa-signinpage.abf2e0d06d600f94d0ac.js
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
399e14eebd377396e2f588fff370a6d79f5e1383fc3d18764ec02b985ca80995

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Ix7dqGlBwYjKDqkDrHDfMUGz9O734xsu
content-encoding
br
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 05:04:50 GMT
x-amz-cf-pop
FRA56-P2
age
34927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:23 GMT
server
AmazonS3
etag
W/"886417ab2e59c3a81511024f5b2905fb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
MKOyp1pXCFG9rDS4o05O96P6ElnmX5aYq7dcJSdv1qxwZ8ubCGn8_g==
eccf2ef4db7a0ee425fa.style.css
cdn.hellosign.com/1.170.0/build/chunks/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/chunks/eccf2ef4db7a0ee425fa.style.css
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f0d139b1c99109845472b43ff0feeb268efa27244d769a199cb3cae8720ad72

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
CZzQ63d2agqhWxvl24uY1E0p3xha2tY_
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 08:18:23 GMT
x-amz-cf-pop
FRA56-P2
age
23315
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:20 GMT
server
AmazonS3
etag
W/"431da5e3e4459e9f3b0c452d2041b72c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
MTdD9CGW1vntdJQLKuRLzmf_4kvOvdLvZtdwUB37EJICNQcELA49nA==
hellospa-signinpage.dfb9188b4aff98ebd625.js
cdn.hellosign.com/1.170.0/build/ 		1 MB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/hellospa-signinpage.dfb9188b4aff98ebd625.js
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e086c43486d9f8fb031cb0ac8f2f3e9585c16aa254001bed8f884e9d629eb0f

Request headers

Referer
https://app.hellofax.com/
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:37:09 GMT
x-amz-version-id
LFcDXe77QpnLOxCU5sl3H8H.65sEBB38
content-encoding
br
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
50989
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 17:36:21 GMT
server
AmazonS3
etag
W/"257cdac648e20b6b5f2b3b3010d21b63"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hellofax.com
vary
Accept-Encoding,Origin,Access-Control-Request-Method
access-control-allow-credentials
true
x-amz-cf-id
Uahh2H8KK1OTAOAeshCfaNT2shE2h4ELUSufdx-fX-gjkJFIPzKSvQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVPHMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 13:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5072
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Dec 2023 15:22:25 GMT
93b6f18ec99bcb7c3fa7ea570a75e240.woff2
cdn.hellosign.com/1.170.0/build/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/93b6f18ec99bcb7c3fa7ea570a75e240.woff2
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db

Request headers

Referer
https://cdn.hellosign.com/1.170.0/build/hellospa.css
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:26:03 GMT
x-amz-version-id
NL9tpDdXBros3ZICR3Qy4apHkgzy3r7b
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
19254
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
43308
last-modified
Wed, 06 Dec 2023 17:36:19 GMT
server
AmazonS3
etag
"93b6f18ec99bcb7c3fa7ea570a75e240"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://app.hellofax.com
vary
Origin,Access-Control-Request-Method
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
31wF1cMzB5PM7hVhpzvN1gLEzmhDV60NomybddS_riQsIba1rybiQw==
sign-up-data
app.hellofax.com/api/ 		972 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.hellofax.com/api/sign-up-data?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.22.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-22-111.compute-1.amazonaws.com
Software
Apache /
Resource Hash
84e825d9f29da3e7c0cedb32cf652562c6ae5cb7ec8ff8a3bbe55483914cd85b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
X-CSRF-Token
09041e6f868d634c4862457f72735f5e3f1661c63465b7e0f971812c5334b5bf
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=production,sentry-release=hellosign%401.170.0,sentry-public_key=6e9fe57ccbc44ee289523c7c1a3272d4,sentry-trace_id=5f9e25dd7a894656bd331a84dadad085,sentry-sample_rate=0.015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
sentry-trace
5f9e25dd7a894656bd331a84dadad085-bc5c1a04128c2df6-0

Response headers

Date
Fri, 15 Dec 2023 14:46:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Content-Encoding
gzip
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
P3P
CP="NOP3PPOLICY"
Cache-Control
private
Connection
keep-alive
Content-Length
690
hellosign_marketing_utils.bundle-vflf5vldD.js
cfl.dropboxstatic.com/static/metaserver/static/pithos/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfl.dropboxstatic.com/static/metaserver/static/pithos/hellosign_marketing_utils.bundle-vflf5vldD.js
Requested by
Host: www.dropbox.com
URL: https://www.dropbox.com/pithos/marketing_tracker_client,ux_analytics,hellosign_marketing_utils,privacy_consent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:641d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3d5b5a3675b5cd6c89898d88860079ccbb26a56e9a91eb699c114ab3a7dbaf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
966223
x-dropbox-request-id
1aaa16e82a7c5385805d7c5559a22c6f
alt-svc
h3=":443"; ma=86400
x-cached
MISS
last-modified
Fri, 01 Dec 2023 21:22:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public, immutable
timing-allow-origin
https://www.dropbox.com
cf-ray
835f7aa15e6f6945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
marketing_tracker_client.bundle-vflqz_v1A.js
cfl.dropboxstatic.com/static/metaserver/static/pithos/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfl.dropboxstatic.com/static/metaserver/static/pithos/marketing_tracker_client.bundle-vflqz_v1A.js
Requested by
Host: www.dropbox.com
URL: https://www.dropbox.com/pithos/marketing_tracker_client,ux_analytics,hellosign_marketing_utils,privacy_consent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:641d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f5a331a1a6514cce7f29a30c3191ee8e1820db3e9201134346037cf0077944
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
966224
x-dropbox-request-id
3ff60d33f8ab3a7d154b4d8747d4e810
alt-svc
h3=":443"; ma=86400
x-cached
HIT
last-modified
Fri, 01 Dec 2023 21:22:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public, immutable
timing-allow-origin
https://www.dropbox.com
cf-ray
835f7aa15e696945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ux_analytics.bundle-vflH4tjYr.js
cfl.dropboxstatic.com/static/metaserver/static/pithos/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfl.dropboxstatic.com/static/metaserver/static/pithos/ux_analytics.bundle-vflH4tjYr.js
Requested by
Host: www.dropbox.com
URL: https://www.dropbox.com/pithos/marketing_tracker_client,ux_analytics,hellosign_marketing_utils,privacy_consent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:641d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8244771a0c26d715992d14f3939431c983b59e1f41b1f29656f176f4451d85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
617728
x-dropbox-request-id
e20331564ac8540de4fdf1dea4dd1e7d
alt-svc
h3=":443"; ma=86400
x-cached
HIT
last-modified
Fri, 08 Dec 2023 08:29:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public, immutable
timing-allow-origin
https://www.dropbox.com
cf-ray
835f7aa15e6c6945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
csp_report
app.hellofax.com/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.hellofax.com/csp_report
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.22.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-22-111.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 15 Dec 2023 14:46:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
P3P
CP="NOP3PPOLICY"
Cache-Control
private
Connection
keep-alive
collect
www.google-analytics.com/j/ 		15 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=501164948&t=pageview&_s=1&dl=https%3A%2F%2Fapp.hellofax.com%2Faccount%2FlogIn%3Fon_login_redirect_url%3Dhttps%253A%252F%252Fapp.hellofax.com%252Feditor%252Fview%252Fsuper_group_guid%252F373192e242b71f1330578d0f822a5f5e9deadf93%253Futm_campaign%253Dreceived_fax%2526utm_source%253Ddefault%2526utm_channel%253Dproduct_promo%2526utm_medium%253Demail%2526utm_content%253Doriginal&ul=en-us&de=UTF-8&dt=Anmelden%20%7C%20Dropbox%20Fax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=1285723206&gjid=1636635233&cid=652352641.1702651617&tid=UA-15982871-1&_gid=1925964426.1702651617&_r=1&_slc=1&gtm=45He3bt0n71PVPHMZv71685682&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1388326991
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3d076a24efbb6b49b52c96eb0c52e93d49358ed1ea979624f632f866121b5eb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.hellofax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 14:46:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.hellofax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-35FKHQ91LL&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e4dca3421380a61f8e0bf307c6e6269e1563911e38b1a8ffa4770bb10a5a493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86649
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 14:46:57 GMT
ebee194a9b773f166dc16096f8614aaa.woff2
cdn.hellosign.com/1.170.0/build/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/ebee194a9b773f166dc16096f8614aaa.woff2
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00f90db31f42975fcdc5fa1f70660568be68792ec11be2aac36362f435a6e555

Request headers

Referer
https://cdn.hellosign.com/1.170.0/build/hellospa.css
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:27:03 GMT
x-amz-version-id
GDnqw19mymzBOxW1gNd8xLOUCykBidJi
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
19195
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
54666
last-modified
Wed, 06 Dec 2023 17:36:20 GMT
server
AmazonS3
etag
"ebee194a9b773f166dc16096f8614aaa"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://app.hellofax.com
vary
Origin,Access-Control-Request-Method
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
X8isW6PI3hLFLD72r7qqgJLfJXPLXXBcR2D0X9nrEPNTN4oN6LNdPA==
dfc5e24cbc1b134e0c00c61e84ec999a.woff2
cdn.hellosign.com/1.170.0/build/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hellosign.com/1.170.0/build/dfc5e24cbc1b134e0c00c61e84ec999a.woff2
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9e00:f:df32:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3

Request headers

Referer
https://cdn.hellosign.com/1.170.0/build/hellospa.css
Origin
https://app.hellofax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:26:03 GMT
x-amz-version-id
45hlKzf7YwwsPPl2ccaRZLcnecCgZevC
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
19254
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46188
last-modified
Wed, 06 Dec 2023 17:36:20 GMT
server
AmazonS3
etag
"dfc5e24cbc1b134e0c00c61e84ec999a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://app.hellofax.com
vary
Origin,Access-Control-Request-Method
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
Y9v0ogmtLZbuuT5x3OYP7I27zmz5rM6TAOo4LfP__yc-IVpyBeezoQ==
api.js
client-api.arkoselabs.com/v2/07071A28-2099-0596-6DA4-8CCD9C580290/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client-api.arkoselabs.com/v2/07071A28-2099-0596-6DA4-8CCD9C580290/api.js
Requested by
Host: cdn.hellosign.com
URL: https://cdn.hellosign.com/1.170.0/build/hellospa-signinpage.dfb9188b4aff98ebd625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7720e106b0efffdcdfe994e457788e9f96d93d86f4c656fb76c448f05d590c8
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
808197
x-amz-request-id
E2BS8BCCGKQECE1T
x-amz-server-side-encryption
AES256
cache-tag
07071A28-2099-0596-6DA4-8CCD9C580290,client-api
capi-worker-type
universal
alt-svc
h3=":443"; ma=86400
x-amz-id-2
av6hc4O635Xs3oJjWVarZCJ/fu/vIiHyrIKvXCJuCGWeo8sC4R2ZDjHhW1M6toHyKKYZ4go3jo0=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 03:58:45 GMT
server
cloudflare
etag
W/"5d924a5bf2298e22942325de6b45ba91"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=31536000
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray
835f7aa23c609a2f-FRA
cf-request-time
12
logIn
marketing.hellofax.com/account/ Frame F196 		627 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://marketing.hellofax.com/account/logIn
Requested by
Host: cfl.dropboxstatic.com
URL: https://cfl.dropboxstatic.com/static/metaserver/static/pithos/marketing_tracker_client.bundle-vflqz_v1A.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5df5c5894b67857c31f6007cd4ac6dcb931eff17b791a44929a743a43eefa325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://app.hellofax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
627
content-type
text/html
date
Fri, 15 Dec 2023 14:46:58 GMT
etag
"85c876eb10030058f29245148995cc2d"
last-modified
Wed, 31 May 2023 19:16:09 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-id
XEuyRCiujpXDYNdfPuam5Ks3Ghp8KD3ItBuQxzaF8VaQkt7PG60Gzw==
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
x-content-type-options
nosniff
csp_report
app.hellofax.com/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.hellofax.com/csp_report
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-35FKHQ91LL&cx=c&_slc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.22.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-22-111.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 15 Dec 2023 14:46:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
P3P
CP="NOP3PPOLICY"
Cache-Control
private
Connection
keep-alive
csp_report
app.hellofax.com/ Frame F196 		0
873 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.hellofax.com/csp_report
Requested by
Host: app.hellofax.com
URL: https://app.hellofax.com/account/logIn?on_login_redirect_url=https%3A%2F%2Fapp.hellofax.com%2Feditor%2Fview%2Fsuper_group_guid%2F373192e242b71f1330578d0f822a5f5e9deadf93%3Futm_campaign%3Dreceived_fax%26utm_source%3Ddefault%26utm_channel%3Dproduct_promo%26utm_medium%3Demail%26utm_content%3Doriginal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.22.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-22-111.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 15 Dec 2023 14:46:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
P3P
CP="NOP3PPOLICY"
Cache-Control
private
Connection
keep-alive
enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
client-api.arkoselabs.com/v2/2.3.1/ Frame EE53 		0
0
enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
client-api.arkoselabs.com/v2/2.3.1/ Frame 5601 		903 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
Requested by
Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/07071A28-2099-0596-6DA4-8CCD9C580290/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9fc786ee10b31dbdbeb9b4807d77b12171656f1af7c0a6b8fb20ca1fca8963
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.hellofax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
827298
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000, immutable
cache-tag
keyless,client-api
capi-worker-type
universal
cf-cache-status
HIT
cf-ray
835f7aa2acf49a2f-FRA
cf-request-time
16
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 14:46:57 GMT
last-modified
Mon, 04 Dec 2023 03:58:45 GMT
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-amz-id-2
0wcI/mTFCul2cLnRnwr0815GJ8+d9WGh2xiLjIISP1gTbC6+7YXNy2UbQDT67j4BdJDU26m5xMc=
x-amz-request-id
9RDMXRY21KBF3JHZ
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
x-xss-protection
1; mode=block
enforcement.db38df7eed55a4641d0eec2d11e1ff6a.js
client-api.arkoselabs.com/v2/2.3.1/ Frame 5601 		227 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.js
Requested by
Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3cacb5fb7ed935b55ad13c2fb1c1474d67721dcdbfb9a0b9a49c23a5f078fd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
Origin
https://client-api.arkoselabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
827298
x-amz-request-id
GRH20EMXNET6N6DM
x-amz-server-side-encryption
AES256
cache-tag
keyless,client-api
capi-worker-type
universal
alt-svc
h3=":443"; ma=86400
x-amz-id-2
44AtJKZBiU26KVhF96U7sgTZ5UO/IoEncW9LKE7Ac7qPhpLNJx01oXj5LVNkc3N/xuLddcPu8Uk=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 03:58:45 GMT
server
cloudflare
etag
W/"e17204019383bd627daee622474da924"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray
835f7aa30e252ba4-FRA
cf-request-time
45
marketing_tracker_service
www.dropbox.com/pithos/host%3Amarketing.hellofax.com/ Frame F196
Redirect Chain
  • https://www.dropbox.com/pithos/marketing_tracker_service
  • https://www.dropbox.com/pithos/host%3Amarketing.hellofax.com/marketing_tracker_service
8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dropbox.com/pithos/host%3Amarketing.hellofax.com/marketing_tracker_service
Requested by
Host: marketing.hellofax.com
URL: https://marketing.hellofax.com/account/logIn
Protocol
H2
Server
2620:100:6022:18::a27d:4212 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
d2c8cda95dbfce8cae5db2be5007a4dd1007aa5cfda581cdc88ec6cef8c97340
Security Headers
Name Value
Content-Security-Policy base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-0lvY242vfP5scLdMzWde' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-0lvY242vfP5scLdMzWde' 'nonce-NCGVW+iGemR55XI5BwzL'
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-0lvY242vfP5scLdMzWde' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-0lvY242vfP5scLdMzWde' 'nonce-NCGVW+iGemR55XI5BwzL'
date
Fri, 15 Dec 2023 14:46:58 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id
e155a34125004efbb5773b55e67a92da
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-server-response-time
12
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, no-store

Redirect headers

content-security-policy
sandbox
date
Fri, 15 Dec 2023 14:46:57 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id
7a50cb0004d7459eaa8b938e144637a8
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://www.dropbox.com/pithos/host%3Amarketing.hellofax.com/marketing_tracker_service
cache-control
no-cache, no-store
settings
client-api.arkoselabs.com/v2/07071A28-2099-0596-6DA4-8CCD9C580290/ Frame 5601 		342 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client-api.arkoselabs.com/v2/07071A28-2099-0596-6DA4-8CCD9C580290/settings
Requested by
Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66afc51e9b78b84d9f1f0b37e65bebb9ea207a5fbd0aea2c6bd056c3da08c6f4
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
804699
x-amz-request-id
F8130ZRVXY76V3T7
cache-tag
07071A28-2099-0596-6DA4-8CCD9C580290,client-api
capi-worker-type
universal
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kFyFfJ2eR+xQZ/y6DUtYpj2WJCjQckfZ2deXdOKO1PL1E7zJkBkbLABHx11nO0RSf4zWqK0XlVvLz8hDAxcXkw==
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 07:15:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=31536000
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray
835f7aa43fe92ba4-FRA
cf-request-time
18
marketing_tracker_service.bundle-vflNsB26s.js
cfl.dropboxstatic.com/static/metaserver/static/pithos/ Frame F196 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfl.dropboxstatic.com/static/metaserver/static/pithos/marketing_tracker_service.bundle-vflNsB26s.js
Requested by
Host: www.dropbox.com
URL: https://www.dropbox.com/pithos/marketing_tracker_service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:641d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f69ae2d72403d99cd10691ad3408698e157e537cc6582da8800180b97aa4757
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
983294
x-dropbox-request-id
61c91b7a8a0af0e46b3b7a80fb11c3de
alt-svc
h3=":443"; ma=86400
x-cached
HIT
last-modified
Fri, 01 Dec 2023 21:22:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public, immutable
timing-allow-origin
https://www.dropbox.com
cf-ray
835f7aa7aef06945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
utag.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		334 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Requested by
Host: cfl.dropboxstatic.com
URL: https://cfl.dropboxstatic.com/static/metaserver/static/pithos/marketing_tracker_service.bundle-vflNsB26s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
558384278bc6c4a09a3b17b72e073283a7688aaf1851f258ac8031232960a344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
va0FjpwrO5YXnb95GPTvPosGiMXVLg94
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:45:40 GMT
last-modified
Fri, 03 Nov 2023 19:08:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
92
x-amz-server-side-encryption
AES256
etag
W/"e25e513a639a50d87fade1c1f2efbd62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
HMMqxjZUxjjMWG1irhord4Q6AoQ9wSANhISSqm7IsEKHXRcMJ1v0tw==
utag.5.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		116 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.5.js?utv=ut4.48.202305311647
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d4e7c0fe15f346bf82979e0e54085e47845e5202f67097d36f5feff86230774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cqHltglh7ymas9jMvfmm6ZdjiCc44LSR
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:43:27 GMT
last-modified
Fri, 03 Nov 2023 19:08:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
232
x-amz-server-side-encryption
AES256
etag
W/"bf4e63d5182f02357029d1c71880445f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
mhT9rQ_W1KxRDg3gnN3o9kCf1GW-yQP39KXbfdCN1n696TbLuUR-UQ==
id
dpm.demdex.net/ Frame F196 		366 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1702651618711
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.70.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-70-10.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1a70f1682f16f4f19385f1a6ce7534fe6a3a345875154996600837f14e18607c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://marketing.hellofax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v054-08dbc1c84.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Fri, 15 Dec 2023 14:46:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
NFW1iOSNQzA=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://marketing.hellofax.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
309
expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.8.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.8.js?utv=ut4.48.202210281627
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de47ceb67cc51572396319e10e90637228d99596f6cd079498bbf2e13088f712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
nmCvz2x5OyjHuIkxwadQHwyAUuYzD9Cm
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:46:58 GMT
last-modified
Fri, 03 Nov 2023 19:08:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
101
x-amz-server-side-encryption
AES256
etag
W/"3bc81a1b1d735ecd48470029fec4480e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
aqykZQ5-Oo8PzhPaj5xsCRj3tdJNbyaMVHDtgvzZvdWeMMBH_HnK5g==
utag.40.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.40.js?utv=ut4.48.202205092237
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
501ae839c4797cdc797f1f013311d5761803d3968c161de188b929b0cadc3b1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
XcprnlFBmeWQQSSRIEVZFrgfUZ31UYoh
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:46:58 GMT
last-modified
Fri, 03 Nov 2023 19:08:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
101
x-amz-server-side-encryption
AES256
etag
W/"c51aee805b468eefa7a3a43e9051b982"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
wlya4cU5LsjmbCvy60CsaeYfEfiLz4Lfuu6MMuAZOkHrDCOjUGJJNQ==
utag.135.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.135.js?utv=ut4.48.202210262301
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da6f27e82cb30d2ec5482d2363a60ebd87f38f89850ff7d695d4c0e8bbb448d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
gLvexeK95zNPrrc5i6H5xA.cviuKvWOQ
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:46:58 GMT
last-modified
Fri, 03 Nov 2023 19:08:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
101
x-amz-server-side-encryption
AES256
etag
W/"f40a85b2e9a5a4a9ec75b4512e15b13e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
rdmwWZ1M6f4b_HR1x5kLYkwDn6TOG8yZbQRMyb6kXrOrZVWgtwqkdA==
utag.162.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.162.js?utv=ut4.48.202301192130
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c857561215d3421347b028b265769e94c754204e63c3486c5df84d4568eb68a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
iWXUjQ6E81Bym6za69AfQU7gBSL_AZuW
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:43:27 GMT
last-modified
Fri, 03 Nov 2023 19:08:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
220
x-amz-server-side-encryption
AES256
etag
W/"bcb8a83f1d17df01a3bd6c8e6a5fb2b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
6ny3d5g7e-FPtMV3Ls2ipWbmSMOApT2z3b02E86eJnb2JEHygz420w==
utag.204.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.204.js?utv=ut4.48.202303071825
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
329700a28093e55ae988f5902bc8074e60ff60ae1873390701d12715c935b47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
wD1C6QVbkAucV_w4KxE0GODTMQ8ddp6o
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:44:53 GMT
last-modified
Fri, 03 Nov 2023 19:08:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
149
x-amz-server-side-encryption
AES256
etag
W/"939d700e2b22f7896ab57c020a7d3159"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
YGgOvdhMM8KlIxOE_gfo49UP3scRXlY_EjgabMf6MOiqO36Q8D_v-Q==
utag.206.js
tags.tiqcdn.com/utag/dropbox/hellosign/prod/ Frame F196 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.206.js?utv=ut4.48.202308100443
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d205ed7d573510e6beab38aa6c819a5fde5a9417f44c55c312f0bc9482bb1582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
NsmtXWYgtUeb0pPYAfkQfQrlHWdxMPqN
content-encoding
br
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 14:46:58 GMT
last-modified
Fri, 03 Nov 2023 19:08:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
100
x-amz-server-side-encryption
AES256
etag
W/"80563ef45eb0a004d1f15491cbb2b513"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
hBGV75d8s762ir2ygDorFSMdUJNSMB5lcmuK-BbnsvzXdQK172Ytpw==
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame F196 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=63277
accept-ranges
bytes
content-length
15541
4a39e5c4777d0.js
t.contentsquare.net/uxa/ Frame F196 		327 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/4a39e5c4777d0.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-65.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26f03ac15032f752185c6ce4d9e341bd66cf5b6de2008715383b19b1aba26a0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 09:01:13 GMT
content-encoding
br
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
77631
last-modified
Wed, 13 Dec 2023 08:59:58 GMT
server
AmazonS3
etag
"2739adee3c3dcc9da3874aa8d2aad560"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
jL6BQ-bVZbML7n2CbikH5WDFXjDxtq2JQSHlUd7XFx_v9b0xK7DbSA==
zi-tag.js
js.zi-scripts.com/ Frame F196 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.206.js?utv=ut4.48.202308100443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:59 GMT
x-amz-version-id
lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 11 Dec 2023 12:17:02 GMT
server
cloudflare
via
1.1 1484e663ceddae5460cfdb19a3c7d448.cloudfront.net (CloudFront)
x-amz-cf-pop
BAH53-C1
etag
W/"15c02cdee0df6c26ba3d8c62d912c66c"
age
53324
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cf-ray
835f7aa9896b6a74-TXL
x-amz-cf-id
0Eq780D20gTm_SoPISfFNHFai1neAVcWbWhEpLhQPm0Jw23E5W4xNg==
js
www.googletagmanager.com/gtag/ Frame F196 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152401066-1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfdf885e38e3ca27f32bcc61c8f3f7fbf33761b70631794bafb6e7a4f49fd430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69111
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Dec 2023 14:46:58 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ Frame F196 		2 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=dropbox/hellosign/202311031907&cb=1702651618746
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Fri, 15 Dec 2023 14:39:27 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
452
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
HW5Rwf32cheB-AKKjpQpFa9pEah_zh11uE5xRqGKu8VrDMhSIsWm6A==
js
www.googletagmanager.com/gtag/ Frame F196 		257 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NEGR3E5VTW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152401066-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29ca0d7d668fb29ad310aa32d1549ddaeb108368045aa36d496857671b3e2548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85532
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 14:46:58 GMT
analytics.js
www.google-analytics.com/ Frame F196 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152401066-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 13:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5073
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Dec 2023 15:22:25 GMT
js
www.googletagmanager.com/gtag/ Frame F196 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-983307503&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152401066-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1153ca66bacbed97f4ca4cb6d0cb54ad44a13e3c3f693b4bf5a19df9fca73b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77670
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Dec 2023 14:46:58 GMT
collect
px4.ads.linkedin.com/ Frame F196
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4551770%26time%3D1702651618842%26url%3Dhttps%253A%252F%252Fmarketing.hellofax.com...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true&liSync=true&e_ipv6=AQKY0Wna-VrJ0QAAAYxt8ei...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true&liSync=true&e_ipv6=AQKY0Wna-VrJ0QAAAYxt8eiGgru6PBAaxCJlcb0nXxZwmZwRhTX8Bl1Wdwzp7JRwAVCi30t0dfHv
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:46:59 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E36A0E5E2D38483D8C736158A2D01396 Ref B: FRAEDGE1420 Ref C: 2023-12-15T14:46:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMjXj4rKLMt2AnmV2row==

Redirect headers

date
Fri, 15 Dec 2023 14:46:58 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A998016298BF42A18C7600C5562D8EDC Ref B: FRAEDGE1718 Ref C: 2023-12-15T14:46:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4551770&time=1702651618842&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&cookiesTest=true&liSync=true&e_ipv6=AQKY0Wna-VrJ0QAAAYxt8eiGgru6PBAaxCJlcb0nXxZwmZwRhTX8Bl1Wdwzp7JRwAVCi30t0dfHv
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMjXj0MppN56shE+Qo+g==
dest5.html
dropbox.demdex.net/ Frame 5C90 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dropbox.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.70.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-70-10.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://marketing.hellofax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 15 Dec 2023 14:46:58 GMT
dcs
dcscanary-prod-irl1-1-v067-0bdddab1a.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 8 Nov 2023 19:59:20 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
h2+kJsvBS7Y=
id
dpiprodesntls.112.2o7.net/ Frame F196 		2 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpiprodesntls.112.2o7.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=B2AAF3C959275C660A495E7B%40AdobeOrg&mid=09555581489752949003280824517979417711&ts=1702651618896
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dropbox/hellosign/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.108 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-108.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://marketing.hellofax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 Dec 2023 14:46:58 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://marketing.hellofax.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZXxm4wAAALQ98gO-
dpm.demdex.net/ Frame F196
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=09757420249134724183264986195042213497
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXxm4wAAALQ98gO-
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXxm4wAAALQ98gO-
Protocol
H2
Server
108.128.70.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-70-10.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-01bfda7f3.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 15 Dec 2023 14:46:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
jUK0NFU+SRs=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXxm4wAAALQ98gO-
Date
Fri, 15 Dec 2023 14:46:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
collect
www.google-analytics.com/ Frame F196 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1851995621&t=pageview&_s=1&dl=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&ul=en-us&de=windows-1252&dt=Dropbox&sd=24-bit&sr=1600x1200&vp=&je=0&_u=4EBAAUABAAAAAAAAIg~&cid=1151493919.1702651619&tid=UA-152401066-1&_gid=1484212321.1702651619&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dYmQxMT&gdid=dYmQxMT&z=588247792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 22:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/983307503/ Frame F196 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983307503/?random=1702651618930&cv=11&fst=1702651618930&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9109891155&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&top=https%3A%2F%2Fapp.hellofax.com&hn=www.googleadservices.com&frm=2&tiba=Dropbox&did=dYmQxMT&gdid=dYmQxMT&auid=2066488887.1702651619&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983307503&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c719462d42073cb86a52df6d069dab016ca74a6d28443bdf5cc7338c96d3bfdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 14:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame F196 		105 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c2906b352a0e52a31790aed60af8cc545a4107fbe62882549c9110f0b89e83a2

Request headers

visited_url
https://marketing.hellofax.com/account/logIn
Referer
https://marketing.hellofax.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer 3a903e78361680113288
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Dec 2023 14:47:00 GMT
via
1.1 96778a0742c55958621c27dd7e7f7398.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
BAH53-C1
x-powered-by
Express
etag
W/"69-L8Uvl4iE4OZzXud4Tb1WzWH8nT8"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
835f7aadbaea58f6-TXL
x-amz-cf-id
QBTJtf9ZI1C9GPpI8w-Ie_ZfJMRgxISyRMmFxStACxUKCyn7PLVlHw==
apigw-requestid
P_UDsjYDvHcEMYA=
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://marketing.hellofax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
P_UDjiQKvHcEMjA=
cf-cache-status
DYNAMIC
cf-ray
835f7aab3dbb58f6-TXL
date
Fri, 15 Dec 2023 14:46:59 GMT
server
cloudflare
vary
Access-Control-Request-Headers
via
1.1 f367333500910c6c273feb3cd648ebec.cloudfront.net (CloudFront)
x-amz-cf-id
HyHcJXhFfxETyPAgHzdkW3s36XMXAGkFALHw9RwgYPbWVosnVfvmcw==
x-amz-cf-pop
BAH53-C1
x-cache
Miss from cloudfront
x-powered-by
Express
/
www.google.com/pagead/1p-user-list/983307503/ Frame F196 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/983307503/?random=1702651618930&cv=11&fst=1702648800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9109891155&u_w=1600&u_h=1200&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&frm=2&tiba=Dropbox&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_8fGILJgp3O0IVbEAUNkARIRjTGqvPg&random=588011283&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 14:46:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/983307503/ Frame F196 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/983307503/?random=1702651618930&cv=11&fst=1702648800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9109891155&u_w=1600&u_h=1200&url=https%3A%2F%2Fmarketing.hellofax.com%2Faccount%2FlogIn&frm=2&tiba=Dropbox&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_8fGILJgp3O0IVbEAUNkARIRjTGqvPg&random=588011283&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://marketing.hellofax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 14:46:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.ads.linkedin.com/wa/ Frame F196 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://marketing.hellofax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Dec 2023 14:46:59 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 86A3744434E24946B21B96A832837E82 Ref B: FRAEDGE1718 Ref C: 2023-12-15T14:46:59Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://marketing.hellofax.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYMjXj7Qb5LsTXYY8Efcg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
client-api.arkoselabs.com
URL
https://client-api.arkoselabs.com/v2/2.3.1/enforcement.db38df7eed55a4641d0eec2d11e1ff6a.html

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture string| cookieDomain function| fireConsentCategoriesEvent function| stringifyCategories function| logToMarketingTracker object| dropbox string| puuid object| parts object| pairs string| k object| dataLayer string| locale object| localeMessages object| SENTRY_RELEASE object| SENTRY_RELEASES object| hsIntl object| hsMessages function| $ function| jQuery function| Hammer object| hellofaxJS object| Cookie object| Base64 object| SessionTimeoutMonitor function| getLocalStorage function| TextUtils object| signWebpackJsonp object| WebFont object| __SENTRY__ function| applyFocusVisiblePolyfill function| setImmediate function| clearImmediate object| i18n object| __AMPLITUDE__ function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| addCustomEvent object| dbxPithosConfig object| gaplugins object| gaGlobal object| gaData object| hsMarketingUtils object| pithos object| _DBX_UXA_GLOBAL boolean| _DBX_UXA_historyListenersInstalled function| onArkoseLoad object| arkoseLabsClientApi5ca5bcf5 boolean| _DBX_UXA_isUxaListening object| _DBX_UXA_bufferedClosures

36 Cookies

Domain/Path Name / Value
.hellofax.com/account Name: hs_consent_banner_enabled
Value: true
.app.hellofax.com/ Name: hf_user
Value: 0707e997b35fafa876ee8e6a875ac21f1e4dea8e9858985b689c0be9d7092682:11c51ca409058859ef3e5acc740ecfb2b107863b
.hellofax.com/ Name: hf_ref
Value: KltdKmh0dHBzOi8vYXBwLmhlbGxvZmF4LmNvbS9lZGl0b3Ivdmlldy9zdXBlcl9ncm91cF9ndWlkLzM3MzE5MmUyNDJiNzFmMTMzMDU3OGQwZjgyMmE1ZjVlOWRlYWRmOTM/dXRtX2NhbXBhaWduPXJlY2VpdmVkX2ZheCZ1dG1fc291cmNlPWRlZmF1bHQmdXRtX2NoYW5uZWw9cHJvZHVjdF9wcm9tbyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PW9yaWdpbmFs
.hellofax.com/ Name: hs_puuid
Value: 902a87de4cc4458742e9fb2c99672e93f416b3ac
.hellofax.com/ Name: deferred_login_redirect_url
Value: https://app.hellofax.com/editor/view/super_group_guid/373192e242b71f1330578d0f822a5f5e9deadf93?utm_campaign=received_fax&utm_source=default&utm_channel=product_promo&utm_medium=email&utm_content=original
www.dropbox.com/ Name: gvc
Value: MTg1MTE3ODIyNjk5MTk2MTIyNzI5MTc2NDA3NTAxNTkwMjE1NDc0
.dropbox.com/ Name: t
Value: jEA_x4gvPmbTrRlIeZ1-3P4B
www.dropbox.com/ Name: __Host-js_csrf
Value: jEA_x4gvPmbTrRlIeZ1-3P4B
.dropbox.com/ Name: locale
Value: de
www.dropbox.com/ Name: __Host-logged-out-session
Value: ChDCGHskLlBIamLMqQzMSZ3IEOHN8asGGi5BSWVreTRDZzNMVVhhdTBPQ0haSDNlZ0tMUEdOV3FNMHJIeE9vc1M3T0FRbkZR
.app.hellofax.com/ Name: _ga
Value: GA1.3.652352641.1702651617
.app.hellofax.com/ Name: _gid
Value: GA1.3.1925964426.1702651617
.app.hellofax.com/ Name: _gat_UA-15982871-1
Value: 1
.app.hellofax.com/ Name: _ga_35FKHQ91LL
Value: GS1.3.1702651617.1.0.1702651617.0.0.0
.arkoselabs.com/ Name: _cfuvid
Value: KtKVJ3rj3kGGy7QQH5gcH8RXuy5Fd_c8EpEHdfqnrvk-1702651617654-0-604800000
app.hellofax.com/ Name: AWSALB
Value: mjypnG2TL3kagGoHjjzcuZwJB1E4Ees4UYcettOjC6A5botFznXa7WSgp2MmHTjDW11Zpm8Cdyxldr62fNjv/auWIko3TW15cjNm1JEAdLZRIsVGz2dip+rcECGs
app.hellofax.com/ Name: AWSALBCORS
Value: mjypnG2TL3kagGoHjjzcuZwJB1E4Ees4UYcettOjC6A5botFznXa7WSgp2MmHTjDW11Zpm8Cdyxldr62fNjv/auWIko3TW15cjNm1JEAdLZRIsVGz2dip+rcECGs
.hellofax.com/ Name: hf_ref_lt
Value: KltdKmh0dHBzOi8vYXBwLmhlbGxvZmF4LmNvbS9jc3BfcmVwb3J0
.hellofax.com/ Name: utag_main
Value: v_id:018c6df1e5760002ff6745177dc703074002c06c00b08$_sn:1$_se:1$_ss:1$_st:1702653418679$ses_id:1702651618679%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:hellofax.com
.demdex.net/ Name: demdex
Value: 09757420249134724183264986195042213497
.hellofax.com/ Name: AMCVS_B2AAF3C959275C660A495E7B%40AdobeOrg
Value: 1
.hellofax.com/ Name: _ga
Value: GA1.2.1151493919.1702651619
.hellofax.com/ Name: _gid
Value: GA1.2.1484212321.1702651619
.hellofax.com/ Name: _gcl_au
Value: 1.1.2066488887.1702651619
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: li_sugr
Value: b293bdab-4ed1-4e26-87a3-792e6be35ba9
.linkedin.com/ Name: bcookie
Value: "v=2&ce2e1bc6-e842-440c-859f-c908d67dc421"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3276:u=1:x=1:i=1702651618:t=1702738018:v=2:sig=AQHIjWJpPxmXoZMvBGRH3nu41TW7Rvy-"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXxm4wAAALQ98gO-
.dpm.demdex.net/ Name: dpm
Value: 09757420249134724183264986195042213497
.hellofax.com/ Name: AMCV_B2AAF3C959275C660A495E7B%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19707%7CMCMID%7C09555581489752949003280824517979417711%7CMCAAMLH-1703256418%7C6%7CMCAAMB-1703256418%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1702658819s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19714%7CvVersion%7C5.4.0
.linkedin.com/ Name: UserMatchHistory
Value: AQI3aZA1_AUGdgAAAYxt8ec4ulwUeZImOp7pig_VUeIidxQtFugXzJo1p1hFhKM_ax5TLVVvWZP-pA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLwpRTI1h4NuQAAAYxt8ec4YjZk4V_1AyfmBiX2wzAypd9yP_WBYDATVphByc_aW3dSOYABKOBu8EZYt0F-Jg
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231215144659bb6abd46-5c53-4cd8-8331-2eeac179e91bAQEd4SVjRRScq_VPSRa_sRyABcEgUoiI"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDI2NTE2MTk7MjswMjFp4iuOGwIOEgw4x4iJ92+c9mcVTiX+TmKpGYTP/v9avw==
.marketing.hellofax.com/ Name: _zitok
Value: 7109b4aa44544a1a75281702651620

4 Console Messages

Source Level URL
Text
security error URL: https://cdn.hellosign.com/1.170.0/build/common.js(Line 41)
Message:
Refused to connect to 'https://cfl.dropboxstatic.com/static/metaserver/static/pithos/lang/de.json' because it violates the following Content Security Policy directive: "connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics".
javascript error URL: https://cdn.hellosign.com/1.170.0/build/common.js(Line 41)
Message:
Refused to connect to 'https://cfl.dropboxstatic.com/static/metaserver/static/pithos/lang/de.json' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-35FKHQ91LL&cx=c&_slc=1(Line 160)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-35FKHQ91LL&gtm=45je3bt0v9135747996&_p=1702651616670&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=652352641.1702651617&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fapp.hellofax.com%2Faccount%2FlogIn%3Fon_login_redirect_url%3Dhttps%253A%252F%252Fapp.hellofax.com%252Feditor%252Fview%252Fsuper_group_guid%252F373192e242b71f1330578d0f822a5f5e9deadf93%253Futm_campaign%253Dreceived_fax%2526utm_source%253Ddefault%2526utm_channel%253Dproduct_promo%2526utm_medium%253Demail%2526utm_content%253Doriginal&dt=Anmelden%20%7C%20Dropbox%20Fax&sid=1702651617&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1824' because it violates the following Content Security Policy directive: "connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics".
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-6luTMW5i5l+FkmWUka6LEJMF' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://cdn.arkoselabs.com https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellofax.com/csp_report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy base-uri 'none'; connect-src 'self' https://client-api.arkoselabs.com https://cdn.arkoselabs.com https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-6luTMW5i5l+FkmWUka6LEJMF' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://cdn.arkoselabs.com https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellofax.com/csp_report; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hellofax.com
cdn.hellosign.com
cfl.dropboxstatic.com
client-api.arkoselabs.com
cm.everesttech.net
dpiprodesntls.112.2o7.net
dpm.demdex.net
dropbox.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
js.zi-scripts.com
marketing.hellofax.com
px.ads.linkedin.com
px4.ads.linkedin.com
sentry.io
snap.licdn.com
t.contentsquare.net
tags.tiqcdn.com
www.dropbox.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
client-api.arkoselabs.com
104.18.37.212
108.128.70.10
13.107.42.14
13.32.27.23
18.66.112.65
2600:9000:223c:9e00:f:df32:3c40:93a1
2600:9000:223e:7400:7:2bfb:7c00:93a1
2606:4700:4400::ac40:9a56
2606:4700::6810:641d
2620:100:6022:18::a27d:4212
2620:1ec:21::14
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a02:26f0:480:f::213:7ec6
34.255.242.39
35.186.247.156
52.3.22.111
63.140.62.108
00f90db31f42975fcdc5fa1f70660568be68792ec11be2aac36362f435a6e555
06f5a331a1a6514cce7f29a30c3191ee8e1820db3e9201134346037cf0077944
0e086c43486d9f8fb031cb0ac8f2f3e9585c16aa254001bed8f884e9d629eb0f
1153ca66bacbed97f4ca4cb6d0cb54ad44a13e3c3f693b4bf5a19df9fca73b0c
1a70f1682f16f4f19385f1a6ce7534fe6a3a345875154996600837f14e18607c
1d2d582253a9612e4b73123fc1c9d331d4096d680c4f4d6bef9b87553d3b638b
1f0d139b1c99109845472b43ff0feeb268efa27244d769a199cb3cae8720ad72
26f03ac15032f752185c6ce4d9e341bd66cf5b6de2008715383b19b1aba26a0d
29ca0d7d668fb29ad310aa32d1549ddaeb108368045aa36d496857671b3e2548
31743d9a50ef3ac4bbfebac59adce67f9154333e000fcd195d752270b80cf1f6
329700a28093e55ae988f5902bc8074e60ff60ae1873390701d12715c935b47c
34e18b2cfba137b9d72544cdcb79f4e17368ad22ba011534e5f49a4b275a73c3
399e14eebd377396e2f588fff370a6d79f5e1383fc3d18764ec02b985ca80995
3d076a24efbb6b49b52c96eb0c52e93d49358ed1ea979624f632f866121b5eb7
43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
501ae839c4797cdc797f1f013311d5761803d3968c161de188b929b0cadc3b1a
5095b438c5c3406dffd886ce0302fad1dd27a574b9f6af78cbe6c61262be13bf
558384278bc6c4a09a3b17b72e073283a7688aaf1851f258ac8031232960a344
5df5c5894b67857c31f6007cd4ac6dcb931eff17b791a44929a743a43eefa325
66afc51e9b78b84d9f1f0b37e65bebb9ea207a5fbd0aea2c6bd056c3da08c6f4
6e4dca3421380a61f8e0bf307c6e6269e1563911e38b1a8ffa4770bb10a5a493
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f69ae2d72403d99cd10691ad3408698e157e537cc6582da8800180b97aa4757
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e825d9f29da3e7c0cedb32cf652562c6ae5cb7ec8ff8a3bbe55483914cd85b
898013fecc16a8b97144874415bd404e2bce5331aea8dfdf69737a464befb256
8b3cacb5fb7ed935b55ad13c2fb1c1474d67721dcdbfb9a0b9a49c23a5f078fd
9d4e7c0fe15f346bf82979e0e54085e47845e5202f67097d36f5feff86230774
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ab8244771a0c26d715992d14f3939431c983b59e1f41b1f29656f176f4451d85
ab8bc1a5f98f2bd1443236f850dd106fd22a4baaea73c8ccf195e40d9095b3f4
b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3
b890a5515826939e15c9e7fe54394236b2949ec05ffc5c6a1b948725e3282507
bd9fc786ee10b31dbdbeb9b4807d77b12171656f1af7c0a6b8fb20ca1fca8963
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01
c2906b352a0e52a31790aed60af8cc545a4107fbe62882549c9110f0b89e83a2
c719462d42073cb86a52df6d069dab016ca74a6d28443bdf5cc7338c96d3bfdd
c857561215d3421347b028b265769e94c754204e63c3486c5df84d4568eb68a1
cfdf885e38e3ca27f32bcc61c8f3f7fbf33761b70631794bafb6e7a4f49fd430
d1d3b08c54cf2ba7e7da99aa494a11b0d3b32e6bfb244e06d86874277207e44f
d205ed7d573510e6beab38aa6c819a5fde5a9417f44c55c312f0bc9482bb1582
d2c8cda95dbfce8cae5db2be5007a4dd1007aa5cfda581cdc88ec6cef8c97340
da6f27e82cb30d2ec5482d2363a60ebd87f38f89850ff7d695d4c0e8bbb448d4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de47ceb67cc51572396319e10e90637228d99596f6cd079498bbf2e13088f712
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e652d172a3f800eacf884c6feb172f7b11865fbf023ff7e55488039f3aa31c85
e7720e106b0efffdcdfe994e457788e9f96d93d86f4c656fb76c448f05d590c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30976d3fd94b82d08550368ad72dc3df0de52b1588b125d395edafda0850c6b
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
fc3d5b5a3675b5cd6c89898d88860079ccbb26a56e9a91eb699c114ab3a7dbaf