Submitted URL: http://url7652.firebrand.team/ls/click?upn=u001.SM-2BldfLZiUc-2Bz-2B2igEXsS5QrlmCuJTjSbZliruMZAxVJRBum-2Fe2Txjn9xRBPEA-2Bg1-2F...
Effective URL: https://app.customesignature.com/renewaccount
Submission: On April 30 via api from US — Scanned from DE

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 53 HTTP transactions. The main IP is 164.92.90.31, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is app.customesignature.com. The Cisco Umbrella rank of the primary domain is 143893.
TLS certificate: Issued by R3 on April 20th 2024. Valid for: 3 months.
This is the only time app.customesignature.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.83 11377 (SENDGRID)
1 18 164.92.90.31 14061 (DIGITALOC...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.121.112 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
5 13.32.121.99 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a03:2880:f17... 32934 (FACEBOOK)
2 2600:1901:0:c... 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.35 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
1 1 142.250.186.162 15169 (GOOGLE)
1 1 142.250.186.36 15169 (GOOGLE)
3 20.122.63.128 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
53 19
Apex Domain
Subdomains
Transfer
18 customesignature.com
app.customesignature.com — Cisco Umbrella Rank: 143893
145 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
p.clarity.ms — Cisco Umbrella Rank: 576208
c.clarity.ms — Cisco Umbrella Rank: 1371
28 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1162
184 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 328
px4.ads.linkedin.com — Cisco Umbrella Rank: 6223
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
355 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 20
region1.analytics.google.com — Cisco Umbrella Rank: 2941
www.google.com — Cisco Umbrella Rank: 2
82 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
338 B
2 google.de
www.google.de — Cisco Umbrella Rank: 7278
127 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
284 B
2 stape.io
mxqgjzkc.use.stape.io
804 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
766 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 123
2 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 781
17 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 25448
5 KB
1 firebrand.team
url7652.firebrand.team
254 B
53 16
Domain Requested by
18 app.customesignature.com 1 redirects app.customesignature.com
7 js.stripe.com app.customesignature.com
js.stripe.com
4 www.googletagmanager.com app.customesignature.com
www.googletagmanager.com
3 p.clarity.ms www.clarity.ms
3 px.ads.linkedin.com 2 redirects snap.licdn.com
3 www.facebook.com app.customesignature.com
2 c.clarity.ms 1 redirects
2 px4.ads.linkedin.com app.customesignature.com
2 www.google.de app.customesignature.com
2 region1.analytics.google.com www.googletagmanager.com
2 mxqgjzkc.use.stape.io www.googletagmanager.com
2 connect.facebook.net app.customesignature.com
connect.facebook.net
2 www.clarity.ms app.customesignature.com
www.clarity.ms
1 c.bing.com 1 redirects
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 accounts.google.com app.customesignature.com
1 r.wdfl.co app.customesignature.com
1 url7652.firebrand.team 1 redirects
53 22

This site contains links to these domains. Also see Links.

Domain
www.customesignature.com
customesignature.com
Subject Issuer Validity Valid
app.customesignature.com
R3
2024-04-20 -
2024-07-19
3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh
accounts.google.com
GTS CA 1C3
2024-04-08 -
2024-07-01
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-03-27 -
2024-06-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-09 -
2024-05-07
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
use.stape.io
R3
2024-04-28 -
2024-07-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-08 -
2024-07-01
3 months crt.sh
*.google.de
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-01-30 -
2024-07-30
6 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01
2024-01-14 -
2024-06-27
5 months crt.sh

This page contains 6 frames:

Primary Page: https://app.customesignature.com/renewaccount
Frame ID: 5D165DB4823E058E476D3BBC657629AB
Requests: 48 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-0f7653d01a8a682758def433f9e64e18.html
Frame ID: E6C225A4446517E3E4A5FE378D44D098
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aa62570c3aea896d3d65c621266c3019.html
Frame ID: FB64366CFC48CF7FB28C674A29213A11
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 0B71FCA16EAA875835769B670B2DDB81
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-95189b337c6d3312699a9b4042d0c662.html
Frame ID: D7EC20F0FC7115DF77FA983ACEC3DCFB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-160dc610d981e0e4d28cb362cd4d554c.html
Frame ID: 30819AA214E250CD4F1EA5384728708B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Custom Esignature

Page URL History Show full URLs

  1. http://url7652.firebrand.team/ls/click?upn=u001.SM-2BldfLZiUc-2Bz-2B2igEXsS5QrlmCuJTjSbZliruMZAxVJRBum-2Fe... HTTP 307
    https://url7652.firebrand.team/ls/click?upn=u001.SM-2BldfLZiUc-2Bz-2B2igEXsS5QrlmCuJTjSbZliruMZAxVJRBum-2Fe... HTTP 302
    https://app.customesignature.com/usesignature/9714 HTTP 302
    https://app.customesignature.com/renewaccount Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

92 %
HTTPS

52 %
IPv6

16
Domains

22
Subdomains

19
IPs

4
Countries

891 kB
Transfer

2983 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url7652.firebrand.team/ls/click?upn=u001.SM-2BldfLZiUc-2Bz-2B2igEXsS5QrlmCuJTjSbZliruMZAxVJRBum-2Fe2Txjn9xRBPEA-2Bg1-2FZ4IVwC0VSax8b6BEYwbQ-3D-3D9OpE_PbUlClHa93b-2BCjSJNvuXTDBRZ-2BP-2BdtBxE3F2uLwIogze4CAwhrZJXgh5aKd1ZPmthc83-2B5FvSh4wWa7rt3CftMzJgOd9r7T-2Fmz8lcGm9xgd-2F5eLHw-2BDpqZOdD3cSTIkvI5x262q4nCwItij7fzDHMnZu4HYhVkNg-2B8prF1PSNQExMP-2Fee-2BAsYA3bt-2Fvvx-2FrwJWji9jOO0y-2FePsOr-2FUNugjA8U2LmAxLYD9FVdDbUFVUHzHC-2F6BSHFhs9OzhgY0OFPIUKYW0XznjJ-2Fxo3Rm4lLSPIK50CGAGlVNKDsmVmUYL4TMczjJD25EQ00xkcwy415OBmKh7-2FyNiib963C3GamXJjsAg6HvC0aE7-2FvEuwFfku9f-2FsngSXnLzOxMLf-2BpN-2B1AW8LdgXEGRgMvpEwP-2Bi7BPhoiAgmq6Ky8tJ522hBK0-3D HTTP 307
    https://url7652.firebrand.team/ls/click?upn=u001.SM-2BldfLZiUc-2Bz-2B2igEXsS5QrlmCuJTjSbZliruMZAxVJRBum-2Fe2Txjn9xRBPEA-2Bg1-2FZ4IVwC0VSax8b6BEYwbQ-3D-3D9OpE_PbUlClHa93b-2BCjSJNvuXTDBRZ-2BP-2BdtBxE3F2uLwIogze4CAwhrZJXgh5aKd1ZPmthc83-2B5FvSh4wWa7rt3CftMzJgOd9r7T-2Fmz8lcGm9xgd-2F5eLHw-2BDpqZOdD3cSTIkvI5x262q4nCwItij7fzDHMnZu4HYhVkNg-2B8prF1PSNQExMP-2Fee-2BAsYA3bt-2Fvvx-2FrwJWji9jOO0y-2FePsOr-2FUNugjA8U2LmAxLYD9FVdDbUFVUHzHC-2F6BSHFhs9OzhgY0OFPIUKYW0XznjJ-2Fxo3Rm4lLSPIK50CGAGlVNKDsmVmUYL4TMczjJD25EQ00xkcwy415OBmKh7-2FyNiib963C3GamXJjsAg6HvC0aE7-2FvEuwFfku9f-2FsngSXnLzOxMLf-2BpN-2B1AW8LdgXEGRgMvpEwP-2Bi7BPhoiAgmq6Ky8tJ522hBK0-3D HTTP 302
    https://app.customesignature.com/usesignature/9714 HTTP 302
    https://app.customesignature.com/renewaccount Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&conversionId=12731292&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&conversionId=12731292&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQLV7Q30On_-ZgAAAY8v2uUWEYjfpaWv9ZTFI89qTvO6Ox2Pmj011Uj21I7RFhglFrSpAuwW
Request Chain 41
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQJ4NXNnWS5NxgAAAY8v2uUfBh7P74bTENHmtoGMj6vB22jw_AUVqK2S2btwuE7d_vGurpEk
Request Chain 42
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&label=UJLkCJ__xqoYENT_5o4B&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&value=0&npa=1&pscdl=noapi&auid=1750576780.1714494825&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&eitems=ChEI8K3CsQYQ-_-Q8_X7nrWQARIdABeUbrIFVzdMRPDGnww_nSPubdw2Cjza-FfTj6w&pscrd=IhMIroW2-K7qhQMVNXakBB36ZQ1QMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs HTTP 302
  • https://www.google.com/pagead/1p-conversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&label=UJLkCJ__xqoYENT_5o4B&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&value=0&npa=1&pscdl=noapi&auid=1750576780.1714494825&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIroW2-K7qhQMVNXakBB36ZQ1QMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqe6wJklz1vaZIWkvzg_Nl-3LUK4m3zA&eitems=ChEI8K3CsQYQ-_-Q8_X7nrWQARIdABeUbrIIK8lB561Yeg-h5PlcSaLVAegi4EivD_M&random=2787508674 HTTP 302
  • https://www.google.de/pagead/1p-conversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&label=UJLkCJ__xqoYENT_5o4B&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&value=0&npa=1&pscdl=noapi&auid=1750576780.1714494825&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIroW2-K7qhQMVNXakBB36ZQ1QMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqe6wJklz1vaZIWkvzg_Nl-3LUK4m3zA&eitems=ChEI8K3CsQYQ-_-Q8_X7nrWQARIdABeUbrIIK8lB561Yeg-h5PlcSaLVAegi4EivD_M&random=2787508674&ipr=y
Request Chain 48
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=434533C6DAD64BC0865744D8A55FA484&RedC=c.clarity.ms&MXFR=031D89BD24FE623A3E989DCC20FE6C47 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=434533C6DAD64BC0865744D8A55FA484&MUID=2F507FF13C3C690F11EC6B803DB768E4

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request renewaccount
app.customesignature.com/
Redirect Chain
  • http://url7652.firebrand.team/ls/click?upn=u001.SM-2BldfLZiUc-2Bz-2B2igEXsS5QrlmCuJTjSbZliruMZAxVJRBum-2Fe2Txjn9xRBPEA-2Bg1-2FZ4IVwC0VSax8b6BEYwbQ-3D-3D9OpE_PbUlClHa93b-2BCjSJNvuXTDBRZ-2BP-2BdtBxE3...
  • https://url7652.firebrand.team/ls/click?upn=u001.SM-2BldfLZiUc-2Bz-2B2igEXsS5QrlmCuJTjSbZliruMZAxVJRBum-2Fe2Txjn9xRBPEA-2Bg1-2FZ4IVwC0VSax8b6BEYwbQ-3D-3D9OpE_PbUlClHa93b-2BCjSJNvuXTDBRZ-2BP-2BdtBxE...
  • https://app.customesignature.com/usesignature/9714
  • https://app.customesignature.com/renewaccount
32 KB
8 KB
Document
General
Full URL
https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
55ede7d498ca1e179cdc450072aba4c17a8326e776a273c7d12e3a52986dd20e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
7964
content-type
text/html; charset=UTF-8
date
Tue, 30 Apr 2024 16:33:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
same-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 30 Apr 2024 16:33:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://app.customesignature.com/renewaccount
pragma
no-cache
referrer-policy
same-origin
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
bootstrap.min.css
app.customesignature.com/style/
188 KB
21 KB
Stylesheet
General
Full URL
https://app.customesignature.com/style/bootstrap.min.css?v=2.10
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f5c82d3ee9975982f36f84bab8229952cb222c68b13125671b52a26d65316ce6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:44 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:20 GMT
server
nginx
etag
W/"662113c4-2eefa"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
app.customesignature.com/style/
71 KB
12 KB
Stylesheet
General
Full URL
https://app.customesignature.com/style/style.css?v=2.10
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
23c80f09fb16835f4ec6ee4b9edcb578426d81cc56efbde6653d3a541aa4edde

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:44 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:21 GMT
server
nginx
etag
W/"662113c5-11bcf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
croppie.css
app.customesignature.com/style/
4 KB
1 KB
Stylesheet
General
Full URL
https://app.customesignature.com/style/croppie.css?v=2.10
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ae036cc005d78330ddabc5554ce6841cd8545cf58c33e45994c684053d1e8346

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:44 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:18 GMT
server
nginx
etag
W/"662113c2-fb8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
rw.js
r.wdfl.co/
18 KB
5 KB
Script
General
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3800:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e3fc588f07d5c3e2abb6970eb2580a2976288de1c63c828f22ad415c45bd0d4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 15:49:04 GMT
content-encoding
gzip
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified
Thu, 25 Apr 2024 13:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
2682
x-amz-server-side-encryption
AES256
etag
W/"0b527acb9123f1892ab9ed541546d073"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
SydDK6BfCTzbYx7DtgX0phO-Pi3jM46LVk4LeeAd_ZV3dRkDPgBoJg==
jquery-3.5.1.min.js
app.customesignature.com/script/
87 KB
30 KB
Script
General
Full URL
https://app.customesignature.com/script/jquery-3.5.1.min.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:44 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:25 GMT
server
nginx
etag
W/"662113c9-15d84"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
app.customesignature.com/images/
14 KB
10 KB
Image
General
Full URL
https://app.customesignature.com/images/logo.svg
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
08923b708ed8b0f7e589d0e2a9b9b39c5dc7a27c8674d97135cfa72db247006d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:44 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2024 10:02:02 GMT
server
nginx
etag
W/"65a6541a-369c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
client
accounts.google.com/gsi/
215 KB
82 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4fa00a91e075227fffde8db2c6e59b5cc37ff40420d875832a4c2fccf9a56bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b9mgscsgjIwf1lsucGxw_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-b9mgscsgjIwf1lsucGxw_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 30 Apr 2024 16:33:45 GMT
/
js.stripe.com/v3/
602 KB
148 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-112.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
efa155347cdcf2b35276543e73668e4d554bd7df7385765013869724a7164fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:32:47 GMT
content-encoding
br
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
58
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
last-modified
Tue, 30 Apr 2024 03:10:45 GMT
server
Cloudfront
etag
W/"fff95788de5aa8b1395414ac7b3db7f7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
qRQWaIJKV1DK4A7uQen3KVQ-lN4VXQstM47-Htyl5gbynWIgVBKt1w==
trash-icon.svg
app.customesignature.com/images/
2 KB
900 B
Image
General
Full URL
https://app.customesignature.com/images/trash-icon.svg
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ed70eec973c786112931e9b8aaa9d863db3633cc0fbfb83e88ac41e1e5f1dc63

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2024 10:02:15 GMT
server
nginx
etag
W/"65a65427-69d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrow-right.svg
app.customesignature.com/images/
364 B
389 B
Image
General
Full URL
https://app.customesignature.com/images/arrow-right.svg
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e7e80607091b7102e2178164111c65017c84da6bf863ab82811233e5c3d89b3a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 13:25:10 GMT
server
nginx
etag
W/"66211f36-16c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
right-icon.png
app.customesignature.com/images/
1 KB
1 KB
Image
General
Full URL
https://app.customesignature.com/images/right-icon.png
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
fb4c89d838a9b665c6de9d0ed745270db6f475d9270c9aa15e06fce1ae50ab63

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2024 10:02:05 GMT
server
nginx
etag
W/"65a6541d-522"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
nouislider.min.css
app.customesignature.com/script/nouislider/
3 KB
1 KB
Stylesheet
General
Full URL
https://app.customesignature.com/script/nouislider/nouislider.min.css
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5c5f077bdfcf361952905648774a198ce91624d29b21cfc8dd1e02bc48b1b92c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:36 GMT
server
nginx
etag
W/"662113d4-de3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
nouislider.min.js
app.customesignature.com/script/nouislider/
21 KB
7 KB
Script
General
Full URL
https://app.customesignature.com/script/nouislider/nouislider.min.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e268d103235eac4a66fce54fc2f5ce1df773854b479b3579efe324da0b310abe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:36 GMT
server
nginx
etag
W/"662113d4-52c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.bundle.min.js
app.customesignature.com/script/vendor/
76 KB
22 KB
Script
General
Full URL
https://app.customesignature.com/script/vendor/bootstrap.bundle.min.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
237e83161bfe098cbefdb3ed2ec69d4a7f2ce17a24f7caa14d9f0ae5dc0a8291

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:38 GMT
server
nginx
etag
W/"662113d6-13137"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
default.js
app.customesignature.com/script/
7 KB
2 KB
Script
General
Full URL
https://app.customesignature.com/script/default.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a13f62e67239ed2e4135000b9209465b22f5ac2b70891d85db5b440f4041975f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 12:36:24 GMT
server
nginx
etag
W/"662113c8-1cd9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
croppie.js
app.customesignature.com/script/croppie/
49 KB
10 KB
Script
General
Full URL
https://app.customesignature.com/script/croppie/croppie.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
87df96f2f27f8b1b6807dc8cd6515f3911a7af9d5c5275479f9a64f9caaad2f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Mon, 22 Apr 2024 12:34:53 GMT
server
nginx
etag
W/"6626596d-c376"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
cropImage.js
app.customesignature.com/script/croppie/
3 KB
1 KB
Script
General
Full URL
https://app.customesignature.com/script/croppie/cropImage.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7f6e36cd4086adbac71d4b6ffa04a42b8a3e430bc459f3149fea4305e5d1e986

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Mon, 22 Apr 2024 12:34:52 GMT
server
nginx
etag
W/"6626596c-bbf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/
300 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
224d7ac1b4fe586ea2fbe024bccabe2a6bd5b88efc0f69ed2e264a549d02d092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98606
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 16:04:18 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 16:33:45 GMT
gv8chjckyr
www.clarity.ms/tag/
685 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/gv8chjckyr
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15541e270648786a014d59fe498402e46af5d78d27deec4b9f29dd5f1256de30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 30 Apr 2024 16:33:45 GMT
x-azure-ref
20240430T163345Z-16b8f5b779bzs2khtwr4g0p36g00000001c000000000f2qq
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
685
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Apr 2024 16:33:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
5TBgdvxCJwOA6TNXlNCRmWl+4gQBkFGws0vf6651dGvkw1LGvVuiMUMmqAXffcV2OUzuHCY/jPFxCiLgSndzOw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
dot.png
app.customesignature.com/images/
950 B
761 B
Image
General
Full URL
https://app.customesignature.com/images/dot.png
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/style/style.css?v=2.10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7d924468e6d143c4481c081e28143da6b2620b7d2aa909e6bc29239b01e86c98

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/style/style.css?v=2.10
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Tue, 16 Jan 2024 10:01:55 GMT
server
nginx
etag
W/"65a65413-3b6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
controller-with-preconnect-0f7653d01a8a682758def433f9e64e18.html
js.stripe.com/v3/ Frame E6C2
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-with-preconnect-0f7653d01a8a682758def433f9e64e18.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-99.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
25
cache-control
max-age=60, stale-while-revalidate=900
content-length
391
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 16:33:40 GMT
etag
"0f7653d01a8a682758def433f9e64e18"
last-modified
Tue, 30 Apr 2024 02:20:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-id
Cf87peeZjlbhD-Ck50KDh01DJ-VRkl2TzJaxCq44lJB7ACD7NvyMuA==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-aa62570c3aea896d3d65c621266c3019.html
js.stripe.com/v3/ Frame FB64
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-card-aa62570c3aea896d3d65c621266c3019.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-99.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2116
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 15:58:45 GMT
etag
"aa62570c3aea896d3d65c621266c3019"
last-modified
Tue, 30 Apr 2024 02:20:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-id
qRgT5LcJZ6nEXTMrjJGoLoq7OMw-6yCIWkBkQqNO5LSlM79uT5Ywqg==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 0B71
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-99.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
486
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 16:26:02 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 25 Apr 2024 20:09:44 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-id
5n8LufwTHEa6WaeFs2asyYkIWdw-0mJnrwhz78WPNxbd_YqwUFu-BA==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
123920143801019
connect.facebook.net/signals/config/
56 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/123920143801019?v=2.9.154&r=stable&domain=app.customesignature.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df8e65c977c6075d0df9e2f94134a80031d3063ecefa5b678e700565e3bd2ee5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Apr 2024 16:33:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=63, mss=1294, tbw=63231, tp=-1, tpl=-1, uplat=60, ullat=0
pragma
public
x-fb-debug
RmVX3uIzxIdWxzMSZYXjAwk9oS2FwHcWwKxYEmSCwBjuM9PPpOPM3lcymygHeXz1v9LutcBvSK9Oi20uZFC66g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
306 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18031d11c5d85f3d558cee12deac0730f77f7faa7c89405927ff149509688603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103819
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Apr 2024 16:33:45 GMT
js
www.googletagmanager.com/gtag/
214 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-000000&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97cff6c188fca11a71ff3b5521320ac00fbf40dc7d8c03657c51ade6bd9268f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80687
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 16:33:45 GMT
destination
www.googletagmanager.com/gtag/
218 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-299483092&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4c13f29e66a9935f66c6a3335bcdd3267f9f5e5e22e7cfa5f08720bcd02b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80084
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 16:33:45 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
48 KB
17 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-edgeconnect-origin-mex-latency
635
date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2024 10:06:07 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=63201
accept-ranges
bytes
content-length
17038
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=123920143801019&ev=PageView&dl=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&rl=&if=false&ts=1714494825472&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714494825472.1061906231&ler=empty&cdl=API_unavailable&it=1714494825363&coo=false&rqm=GET
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2802, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Apr 2024 16:33:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=123920143801019&ev=PageView&dl=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&rl=&if=false&ts=1714494825473&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1714494825472.1061906231&ler=empty&cdl=API_unavailable&it=1714494825363&coo=false&eid=1714494825403.125716.1&tm=1&rqm=GET
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2802, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Apr 2024 16:33:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=123920143801019&ev=InitiateCheckout&dl=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&rl=&if=false&ts=1714494825474&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4126&fbp=fb.1.1714494825472.1061906231&ler=empty&cdl=API_unavailable&it=1714494825363&coo=false&eid=1714494825403.125716.3&tm=1&rqm=GET
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2802, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Apr 2024 16:33:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
clarity.js
www.clarity.ms/s/0.7.32/
61 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gv8chjckyr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
last-modified
Tue, 30 Apr 2024 06:11:34 GMT
etag
W/"0x8DC68DC630B7AEC"
vary
Accept-Encoding
x-azure-ref
20240430T163345Z-16b8f5b779bzs2khtwr4g0p36g00000001c000000000f2r7
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c7c84b53-001e-0079-2edc-9ad2ff000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
mxqgjzkc.use.stape.io/g/
65 B
267 B
XHR
General
Full URL
https://mxqgjzkc.use.stape.io/g/collect?v=2&tid=G-000000&gtm=45je44t0z89102137442za200&_p=1714494824958&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1600487382.1714494826&ecid=216240588&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-BE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1714494824958&sst.ude=0&_s=1&sid=1714494825&sct=1&seg=0&dl=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&dt=Custom%20Esignature&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1714494825403.125716.1&tfd=2267&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-000000&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c2e8:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:46 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://app.customesignature.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9L1FW2LT7D&gtm=45je44t0v9102137096z89102137442za200&_p=1714494824958&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1600487382.1714494826&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1714494825&sct=1&seg=0&dl=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&dt=Custom%20Esignature&en=page_view&_fv=1&_ss=1&tfd=2290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.customesignature.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
260 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9L1FW2LT7D&cid=1600487382.1714494826&gtm=45je44t0v9102137096z89102137442za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.customesignature.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9L1FW2LT7D&cid=1600487382.1714494826&gtm=45je44t0v9102137096z89102137442za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=228508835
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
260 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9L1FW2LT7D&gtm=45je44t0v9102137096z89102137442za200&_p=1714494824958&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1600487382.1714494826&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=2&sid=1714494825&sct=1&seg=0&dl=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&dt=Custom%20Esignature&en=begin_checkout&_et=2&tfd=2296
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.customesignature.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/299483092/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/299483092/?random=1714494825579&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&label=UJLkCJ__xqoYENT_5o4B&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1750576780.1714494825&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-299483092&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
429a0655e123c191f935481f1d156549515d1012d5fbd062cd6ab8c93bd5a8a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1579
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.ads.linkedin.com/wa/
0
627 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:44 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CC052678AEB044E4A662D01CA6E14B5C Ref B: FRAEDGE1316 Ref C: 2024-04-30T16:33:45Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://app.customesignature.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYXUu8PUUlIYX+IT7Gpzg==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&conversionId=12731292&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&conversionId=12731292&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQLV7Q30On_-ZgAAAY8v2u...
0
144 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&conversionId=12731292&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQLV7Q30On_-ZgAAAY8v2uUWEYjfpaWv9ZTFI89qTvO6Ox2Pmj011Uj21I7RFhglFrSpAuwW
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9DDC2F9AF78E40679B78C15431BBC9E7 Ref B: FRAEDGE2006 Ref C: 2024-04-30T16:33:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYXUu8SZm/UO+5eEyQtJA==

Redirect headers

date
Tue, 30 Apr 2024 16:33:44 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3B12F599EF454E6397C1AE702B9CF0BF Ref B: FRAEDGE1316 Ref C: 2024-04-30T16:33:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&conversionId=12731292&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQLV7Q30On_-ZgAAAY8v2uUWEYjfpaWv9ZTFI89qTvO6Ox2Pmj011Uj21I7RFhglFrSpAuwW
x-li-proto
http/2
content-length
0
x-li-uuid
AAYXUu8OwkCimmpkqx14zQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQJ4NXNnWS5NxgAAAY8v2uUfBh7P74bTENHmtoGMj6vB...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQJ4NXNnWS5NxgAAAY8v2uUfBh7P74bTENHmtoGMj6vB22jw_AUVqK2S2btwuE7d_vGurpEk
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Apr 2024 16:33:45 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4BB343A4520940A182B347E74019BB29 Ref B: FRAEDGE2006 Ref C: 2024-04-30T16:33:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYXUu8SZwhzJY2JVWdovg==

Redirect headers

date
Tue, 30 Apr 2024 16:33:44 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3AAF7588955D44519071F8A0A1CE9A78 Ref B: FRAEDGE1316 Ref C: 2024-04-30T16:33:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1714494825592&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&tm=gtmv2&e_ipv6=AQJ4NXNnWS5NxgAAAY8v2uUfBh7P74bTENHmtoGMj6vB22jw_AUVqK2S2btwuE7d_vGurpEk
x-li-proto
http/2
content-length
0
x-li-uuid
AAYXUu8OwQ+2LiUpOE5wng==
/
www.google.de/pagead/1p-conversion/299483092/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l...
  • https://www.google.com/pagead/1p-conversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=...
  • https://www.google.de/pagead/1p-conversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&label=UJLkCJ__xqoYENT_5o4B&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&value=0&npa=1&pscdl=noapi&auid=1750576780.1714494825&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIroW2-K7qhQMVNXakBB36ZQ1QMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqe6wJklz1vaZIWkvzg_Nl-3LUK4m3zA&eitems=ChEI8K3CsQYQ-_-Q8_X7nrWQARIdABeUbrIIK8lB561Yeg-h5PlcSaLVAegi4EivD_M&random=2787508674&ipr=y
Requested by
Host: app.customesignature.com
URL: https://app.customesignature.com/renewaccount
Protocol
H3
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/299483092/?random=477221699&cv=11&fst=1714494825579&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9119577707z89102137442za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&label=UJLkCJ__xqoYENT_5o4B&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&value=0&npa=1&pscdl=noapi&auid=1750576780.1714494825&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIroW2-K7qhQMVNXakBB36ZQ1QMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqe6wJklz1vaZIWkvzg_Nl-3LUK4m3zA&eitems=ChEI8K3CsQYQ-_-Q8_X7nrWQARIdABeUbrIIK8lB561Yeg-h5PlcSaLVAegi4EivD_M&random=2787508674&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
p.clarity.ms/
0
304 B
XHR
General
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://app.customesignature.com
Date
Tue, 30 Apr 2024 16:33:46 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
mxqgjzkc.use.stape.io/g/
65 B
537 B
XHR
General
Full URL
https://mxqgjzkc.use.stape.io/g/collect?v=2&tid=G-000000&gtm=45je44t0z89102137442za200&_p=1714494824958&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1600487382.1714494826&ecid=216240588&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-BE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1714494824958&sst.ude=0&_s=2&sid=1714494825&sct=1&seg=0&dl=https%3A%2F%2Fapp.customesignature.com%2Frenewaccount&dt=Custom%20Esignature&en=begin_checkout&ep.event_id=1714494825403.125716.3&_et=2&tfd=2770&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-000000&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c2e8:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:46 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://app.customesignature.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-accel-buffering
no
hcaptcha-invisible-95189b337c6d3312699a9b4042d0c662.html
js.stripe.com/v3/ Frame D7EC
0
0
Document
General
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-95189b337c6d3312699a9b4042d0c662.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-99.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-20H8OhRqwC5QR1+u5VZWP+PHDncQYlLAp6ntyHWbnZI='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
503
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-20H8OhRqwC5QR1+u5VZWP+PHDncQYlLAp6ntyHWbnZI='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 16:25:29 GMT
etag
W/"95189b337c6d3312699a9b4042d0c662"
last-modified
Tue, 30 Apr 2024 02:21:01 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-id
rhyCuO4jy3yF0EQXMxZ7NvzkG91zAlLCL8Zv1U2sOAUmU3Jsh-IufA==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/
148 KB
37 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-112.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:01:03 GMT
content-encoding
gzip
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1969
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
last-modified
Fri, 26 Apr 2024 20:07:53 GMT
server
Cloudfront
etag
W/"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5gfSvBU5WmbP2E7GFo5_R7WBa9twzwJu2ejVKcfbR49J_HEJs7Xuwg==
elements-inner-link-button-for-card-160dc610d981e0e4d28cb362cd4d554c.html
js.stripe.com/v3/ Frame 3081
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-160dc610d981e0e4d28cb362cd4d554c.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-99.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
360
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 16:28:13 GMT
etag
W/"160dc610d981e0e4d28cb362cd4d554c"
last-modified
Tue, 30 Apr 2024 02:20:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-id
GWGasjGuOsmG3u-I5h6tGGnbSq4-LTSD_cN0alCjZguqGz6XU1xJQA==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=434533C6DAD64BC0865744D8A55FA484&RedC=c.clarity.ms&MXFR=031D89BD24FE623A3E989DCC20FE6C47
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=434533C6DAD64BC0865744D8A55FA484&MUID=2F507FF13C3C690F11EC6B803DB768E4
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=434533C6DAD64BC0865744D8A55FA484&MUID=2F507FF13C3C690F11EC6B803DB768E4
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:46 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 16:33:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D508890350E84189A2931EA31FD65972 Ref B: FRA31EDGE0616 Ref C: 2024-04-30T16:33:46Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=434533C6DAD64BC0865744D8A55FA484&MUID=2F507FF13C3C690F11EC6B803DB768E4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
app.customesignature.com/images/
15 KB
15 KB
Other
General
Full URL
https://app.customesignature.com/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
626e03f1d0704e4881fafbb888132eb76553b285321bbe4b00fddb9a746469d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.customesignature.com/renewaccount
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:33:46 GMT
last-modified
Tue, 16 Jan 2024 10:01:57 GMT
server
nginx
etag
"65a65415-3c2e"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
15406
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
p.clarity.ms/
0
304 B
XHR
General
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://app.customesignature.com
Date
Tue, 30 Apr 2024 16:33:46 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
p.clarity.ms/
0
304 B
XHR
General
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://app.customesignature.com
Date
Tue, 30 Apr 2024 16:33:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| dataLayer function| clarity string| _rwq function| rewardful function| $ function| jQuery function| fbq function| _fbq object| webpackChunkStripeJSouter function| noop function| Stripe boolean| _rewardful_loaded function| Rewardful object| noUiSlider object| rangeSlider string| start object| stripe object| elements object| style object| cardElement object| resultContainer object| form function| createToken function| stripeTokenHandler function| handleCredentialResponse function| parseJwt number| uidEvent object| bootstrap function| validatePasss function| toggler function| validatePass function| validURL function| isNumber function| validatephone function| confirmpass function| checkemail function| ApplyPromoCode function| RemovePromoCode function| ForgetPassword function| jsConfirm object| commonJsStrict function| Croppie object| $image_crop object| google_tag_manager object| google_tag_data string| _randomPageId object| _fbq_gtm_ids object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| default_gsi object| _F_toggles object| google object| closure_lm_460750 object| gaGlobal function| onYouTubeIframeAPIReady object| GooglebQhCsO function| lintrk object| ORIBILI

25 Cookies

Domain/Path Name / Value
app.customesignature.com/ Name: PHPSESSID
Value: cr55hsmdh8fktvl38dmtk9q3v9
.customesignature.com/ Name: _gcl_au
Value: 1.1.1750576780.1714494825
.customesignature.com/ Name: _fbp
Value: fb.1.1714494825472.1061906231
www.clarity.ms/ Name: CLID
Value: 9d76a3c260ab4bb7ae6095901c4dea9c.20240430.20250430
.customesignature.com/ Name: _ga
Value: GA1.1.1600487382.1714494826
.customesignature.com/ Name: _ga_000000
Value: GS1.1.1714494825.1.0.1714494825.0.0.216240588
.customesignature.com/ Name: _ga_9L1FW2LT7D
Value: GS1.1.1714494825.1.0.1714494825.60.0.0
.customesignature.com/ Name: _clck
Value: dvgv69%7C2%7Cfld%7C0%7C1581
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: bcookie
Value: "v=2&dc817802-3f0e-4a00-87d9-8d77b01c2b43"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTQ0OTQ4MjU7MjswMjFr3XVYujlmwMHlGoBj1O513B3l6SUeeiU7zXSwZjD2IA==
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2844:u=1:x=1:i=1714494825:t=1714581225:v=2:sig=AQF-fTkWsDdZtZuiV_e0E7fZ3mjHhyIv"
.customesignature.com/ Name: _clsk
Value: 1p4y89a%7C1714494826086%7C1%7C1%7Cp.clarity.ms%2Fcollect
m.stripe.com/ Name: m
Value: 433510ca-d462-4f08-8962-67f6bbf646c7c6410f
.app.customesignature.com/ Name: __stripe_mid
Value: 43b0505c-e80b-4d56-bce2-535f32b5d74b87d0de
.app.customesignature.com/ Name: __stripe_sid
Value: 47bf00f7-63f7-47a9-80cc-617e704d6d6eaa6c0d
.bing.com/ Name: MUID
Value: 2F507FF13C3C690F11EC6B803DB768E4
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2F507FF13C3C690F11EC6B803DB768E4
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2F507FF13C3C690F11EC6B803DB768E4
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRD4XvR89zHnub
api.hcaptcha.com/ Name: hmt_id
Value: 31fba4c1-043e-4266-ac77-2be7a046b656

39 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/123920143801019?v=2.9.154&r=stable&domain=app.customesignature.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.customesignature.com/renewaccount
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
app.customesignature.com
c.bing.com
c.clarity.ms
connect.facebook.net
googleads.g.doubleclick.net
js.stripe.com
mxqgjzkc.use.stape.io
p.clarity.ms
px.ads.linkedin.com
px4.ads.linkedin.com
r.wdfl.co
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
url7652.firebrand.team
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.107.42.14
13.32.121.112
13.32.121.99
142.250.185.162
142.250.186.162
142.250.186.35
142.250.186.36
164.92.90.31
167.89.118.83
20.122.63.128
2001:4860:4802:32::36
2600:1901:0:c2e8::
2600:9000:225e:3800:1b:348c:b140:93a1
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:828::2008
2a00:1450:400c:c0a::54
2a00:1450:400c:c1f::9d
2a02:26f0:3500:16::215:1492
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
68.219.88.97
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0
08923b708ed8b0f7e589d0e2a9b9b39c5dc7a27c8674d97135cfa72db247006d
15541e270648786a014d59fe498402e46af5d78d27deec4b9f29dd5f1256de30
18031d11c5d85f3d558cee12deac0730f77f7faa7c89405927ff149509688603
224d7ac1b4fe586ea2fbe024bccabe2a6bd5b88efc0f69ed2e264a549d02d092
237e83161bfe098cbefdb3ed2ec69d4a7f2ce17a24f7caa14d9f0ae5dc0a8291
23c80f09fb16835f4ec6ee4b9edcb578426d81cc56efbde6653d3a541aa4edde
429a0655e123c191f935481f1d156549515d1012d5fbd062cd6ab8c93bd5a8a2
55ede7d498ca1e179cdc450072aba4c17a8326e776a273c7d12e3a52986dd20e
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5c5f077bdfcf361952905648774a198ce91624d29b21cfc8dd1e02bc48b1b92c
5e3fc588f07d5c3e2abb6970eb2580a2976288de1c63c828f22ad415c45bd0d4
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
626e03f1d0704e4881fafbb888132eb76553b285321bbe4b00fddb9a746469d8
7d924468e6d143c4481c081e28143da6b2620b7d2aa909e6bc29239b01e86c98
7f6e36cd4086adbac71d4b6ffa04a42b8a3e430bc459f3149fea4305e5d1e986
87df96f2f27f8b1b6807dc8cd6515f3911a7af9d5c5275479f9a64f9caaad2f5
97cff6c188fca11a71ff3b5521320ac00fbf40dc7d8c03657c51ade6bd9268f2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a13f62e67239ed2e4135000b9209465b22f5ac2b70891d85db5b440f4041975f
a4fa00a91e075227fffde8db2c6e59b5cc37ff40420d875832a4c2fccf9a56bb
ae036cc005d78330ddabc5554ce6841cd8545cf58c33e45994c684053d1e8346
c4c13f29e66a9935f66c6a3335bcdd3267f9f5e5e22e7cfa5f08720bcd02b51e
df8e65c977c6075d0df9e2f94134a80031d3063ecefa5b678e700565e3bd2ee5
e268d103235eac4a66fce54fc2f5ce1df773854b479b3579efe324da0b310abe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7e80607091b7102e2178164111c65017c84da6bf863ab82811233e5c3d89b3a
ed70eec973c786112931e9b8aaa9d863db3633cc0fbfb83e88ac41e1e5f1dc63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa155347cdcf2b35276543e73668e4d554bd7df7385765013869724a7164fb2
f5c82d3ee9975982f36f84bab8229952cb222c68b13125671b52a26d65316ce6
fb4c89d838a9b665c6de9d0ed745270db6f475d9270c9aa15e06fce1ae50ab63