app.customesignature.com Open in urlscan Pro
164.92.90.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.customesignature.com/usesignature/10077
Effective URL:
https://app.customesignature.com/signin
Submission: On November 01 via api (November 1st 2024, 12:31:14 am UTC) from US — Scanned from US

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 12 domains to perform 55 HTTP transactions. The main IP is 164.92.90.31, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is app.customesignature.com. The Cisco Umbrella rank of the primary domain is 138653.
TLS certificate: Issued by E5 on October 18th 2024. Valid for: 3 months.

This is the only time app.customesignature.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 18	164.92.90.31 164.92.90.31	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:9000:284... 2600:9000:2840:4200:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::54	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::41 2620:1ec:bdf::41	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2	142.251.16.147 142.251.16.147	15169 (GOOGLE) (GOOGLE)
1	2600:1408:ec0... 2600:1408:ec00:1e::1735:23ec	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:c... 2600:1901:0:c2e8::	15169 (GOOGLE) (GOOGLE)
1	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c04::8a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::9b	15169 (GOOGLE) (GOOGLE)
3	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
3 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2606:4700:440... 2606:4700:4400::6812:2929	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
55	19

18 164.92.90.31 (Santa Clara, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

app.customesignature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
betaapp.customesignature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2840:4200:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::41 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:ec00:1e::1735:23ec (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:c2e8:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

mxqgjzkc.use.stape.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2929 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	customesignature.com 2 redirects app.customesignature.com — Cisco Umbrella Rank: 138653 betaapp.customesignature.com	6 MB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	415 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 www.linkedin.com — Cisco Umbrella Rank: 646 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	4 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 x.clarity.ms — Cisco Umbrella Rank: 6487 c.clarity.ms — Cisco Umbrella Rank: 1236	30 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 18 www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	86 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	770 B
1	stape.io mxqgjzkc.use.stape.io	564 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 23281	5 KB
55	12

	Domain	Requested by
17	app.customesignature.com	2 redirects app.customesignature.com
12	www.googletagmanager.com	app.customesignature.com www.googletagmanager.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
4	www.facebook.com	app.customesignature.com
3	x.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	analytics.google.com	www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	www.google.com	www.googletagmanager.com app.customesignature.com
2	connect.facebook.net	app.customesignature.com connect.facebook.net
2	www.clarity.ms	app.customesignature.com www.clarity.ms
1	c.bing.com	1 redirects
1	px4.ads.linkedin.com	app.customesignature.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	mxqgjzkc.use.stape.io	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	betaapp.customesignature.com	app.customesignature.com
1	accounts.google.com	app.customesignature.com
1	r.wdfl.co	app.customesignature.com
55	21

This site contains links to these domains. Also see Links.

Domain
www.customesignature.com

Subject Issuer	Validity	Valid
app.customesignature.com E5	`2024-10-18` - `2025-01-16`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M02	`2024-08-02` - `2025-08-30`	a year	crt.sh
accounts.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
betaapp.customesignature.com E5	`2024-09-11` - `2024-12-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
use.stape.io R10	`2024-10-25` - `2025-01-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://app.customesignature.com/signin
Frame ID: 7DB9DF3C91CF7B1AFC22F08A1C41815A
Requests: 52 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapp.customesignature.com
Frame ID: EE60EBCE5C2522E2390E979EE07F738E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/299483092?random=1730421067803&cv=11&fst=1730421067803&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v9119577707z89102137442za201zb9102137442&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&npa=0&pscdl=noapi&auid=1217215436.1730421068&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: ABC11A5E09DBCB5C3F4A07C7DE905E7B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-9L1FW2LT7D&gacid=543163770.1730421068&gtm=45je4au0v9102137096z89102137442za200zb9102137442&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&z=1067277655
Frame ID: BF9510E12DC3910706F64317E9C92BE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Custom Esignature

Page URL History Show full URLs

https://app.customesignature.com/usesignature/10077 HTTP 302
https://app.customesignature.com/renewaccount HTTP 302
https://app.customesignature.com/signin Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

96 %
HTTPS

62 %
IPv6

12
Domains

21
Subdomains

19
IPs

1
Countries

6838 kB
Transfer

8559 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.customesignature.com/tutorials
Title: Tutorial

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.customesignature.com/usesignature/10077 HTTP 302
https://app.customesignature.com/renewaccount HTTP 302
https://app.customesignature.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4921396%26time%3D1730421068031%26li_adsId%3D14042e56-1f4b-4757-8b99-550f2b985092%26url%3Dhttps%253A%252F%252Fapp.customesignature.com%252Fsignin%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKEwkX9enyTcgAAAZLlIhMWqgBeD4h-YAd5HBAk-XAAdR7AzWWXa8N1UOkWcwU90h-Hwg

Request Chain 49

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C11DCD8EC4C44B1F90347ED1E5B62E7C&RedC=c.clarity.ms&MXFR=0ED66793329569C00D4172B936956779 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C11DCD8EC4C44B1F90347ED1E5B62E7C&MUID=2D6707BDF6A5689022441297F735697E

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
app.customesignature.com/
Redirect Chain

https://app.customesignature.com/usesignature/10077
https://app.customesignature.com/renewaccount
https://app.customesignature.com/signin

11 KB
4 KB

122ms
122ms

Document
text/html

164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

70c0004461d36b1ad47c3fd841fc53cd0a750b952e2ccd64daa6d87c637ce855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 3511
content-type: text/html; charset=UTF-8
date: Fri, 01 Nov 2024 00:31:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: same-origin
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 01 Nov 2024 00:31:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://app.customesignature.com/signin
pragma: no-cache
referrer-policy: same-origin
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
app.customesignature.com/style/ 188 KB
21 KB 108ms
105ms Stylesheet
text/css 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/style/bootstrap.min.css?v=2.11
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f5c82d3ee9975982f36f84bab8229952cb222c68b13125671b52a26d65316ce6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719d616-2eefa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 05:07:34 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 new-style.css
app.customesignature.com/style/ 138 KB
20 KB 114ms
111ms Stylesheet
text/css 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/style/new-style.css?v=2.11
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e7db2f2c71e8b43914c62f08ef1407c20c131cfed93879f5e1ccd4efc7088783

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719e38a-22826"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 06:04:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 croppie.css
app.customesignature.com/style/ 4 KB
1 KB 114ms
112ms Stylesheet
text/css 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/style/croppie.css?v=2.11
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ae036cc005d78330ddabc5554ce6841cd8545cf58c33e45994c684053d1e8346

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719d616-fb8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 05:07:34 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
5 KB 240ms
63ms Script
text/javascript 2600:9000:2840:4200:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2840:4200:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c09a5fb38b16352fd0e845ead26580d0285fd743505672ac4214201489090d9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"4b5c37e18dadd7a573b8982024645635"
age: 2449
via: 1.1 eec9650f8780839ac07df0892de9ac88.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: RiZucfNyXPAPqrrEiH79f5bMzoRJ8s_b_gv5gLuHxqLEh-dAVROl3g==
date: Thu, 31 Oct 2024 23:50:19 GMT
content-type: text/javascript
last-modified: Wed, 30 Oct 2024 10:50:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P7
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-3.5.1.min.js Show response
app.customesignature.com/script/ 87 KB
30 KB 119ms
118ms Script
application/javascript 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/script/jquery-3.5.1.min.js
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719d612-15d84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 05:07:30 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 logo.svg
app.customesignature.com/images/ 14 KB
10 KB 204ms
202ms Image
image/svg+xml 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.customesignature.com/images/logo.svg
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 08923b708ed8b0f7e589d0e2a9b9b39c5dc7a27c8674d97135cfa72db247006d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"67178405-369c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 10:52:53 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
86 KB 217ms
94ms Script
application/javascript 2607:f8b0:4004:c0b::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aa117ccbe114bb5995ea0ec95c30dec260cf5ba772bcf422e6e98ddfd58b84f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vW20bFhJWVdCYFMDHNG_hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: script-src 'report-sample' 'nonce-vW20bFhJWVdCYFMDHNG_hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 00:31:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 logo.svg
betaapp.customesignature.com/images/ 14 KB
10 KB 502ms
196ms Image
image/svg+xml 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betaapp.customesignature.com/images/logo.svg
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 08923b708ed8b0f7e589d0e2a9b9b39c5dc7a27c8674d97135cfa72db247006d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"64c2185d-369c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Jul 2023 07:10:21 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 button-google.svg
app.customesignature.com/images/ 7 KB
3 KB 102ms
97ms Image
image/svg+xml 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.customesignature.com/images/button-google.svg
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 420c7808fee33b6ac9b4d72fef2a0c3faaa492cc9d9d1027417c691971dea54e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"671783fa-1bb3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 10:52:42 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 button-facebook.svg
app.customesignature.com/images/ 7 KB
3 KB 102ms
98ms Image
image/svg+xml 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.customesignature.com/images/button-facebook.svg
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cc4ffd0cc46d6c8f11220fd96c4c24b376b447e8a3a1ed072bfdbd769a1283e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"671783fa-1b73"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 10:52:42 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 button-twitter.svg
app.customesignature.com/images/ 4 KB
2 KB 103ms
98ms Image
image/svg+xml 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.customesignature.com/images/button-twitter.svg
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: efcd446b4827ba7a84666b541aff7ea7bc4a1d463525d24c83f4f476feef3d34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"671783fa-1118"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 10:52:42 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.bundle.min.js Show response
app.customesignature.com/script/vendor/ 76 KB
22 KB 107ms
102ms Script
application/javascript 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/script/vendor/bootstrap.bundle.min.js
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 237e83161bfe098cbefdb3ed2ec69d4a7f2ce17a24f7caa14d9f0ae5dc0a8291

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719d62f-13137"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 05:07:59 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 default.js Show response
app.customesignature.com/script/ 9 KB
3 KB 108ms
104ms Script
application/javascript 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/script/default.js
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d5eb254dbf54ec743b8334c62cc8c4565dd2d991af15b9b145bd315310eed6a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719d614-244e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 05:07:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 croppie.js Show response
app.customesignature.com/script/croppie/ 49 KB
10 KB 109ms
105ms Script
application/javascript 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/script/croppie/croppie.js
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87df96f2f27f8b1b6807dc8cd6515f3911a7af9d5c5275479f9a64f9caaad2f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719d62e-c376"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 05:07:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 cropImage.js Show response
app.customesignature.com/script/croppie/ 3 KB
1020 B 109ms
105ms Script
application/javascript 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/script/croppie/cropImage.js
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cc0d4b1f7badfd4e36f8cf25f7de30eb0e32d4db8220d251495472a92dd8100f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6719d62e-a8d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 05:07:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 337 KB
108 KB 195ms
72ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62d84363ac5f92817a32ad233247e254d0192f7d2f66b8e981dd7973ae13fc50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 01 Nov 2024 00:31:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110082
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gv8chjckyr Show response
www.clarity.ms/tag/ 707 B
1 KB 244ms
61ms Script
application/x-javascript 2620:1ec:bdf::41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gv8chjckyr
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::41 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bcfad8bbdca2c75c6cfe40b0c95343b663760dff146ae5f24ddeaa0ffbfdc6ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 707
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/x-javascript
x-azure-ref: 20241101T003107Z-177648858f4hzvv9vn0f3ah9dc0000000bvg000000003bvf

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 114ms
55ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-lP6s0XWb' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-lP6s0XWb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4451, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: QduHeBMSWs69VgBokklkNCNo9m8G9zQxEy/u/uyCx/0L4Y68cUzgs1pjyzrxEcjvxWqdmiwpttA2dGjtHguugQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 62068
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 206 esign-signin-page.mp4
app.customesignature.com/images/video/ 6 MB
6 MB 97ms
96ms Media
video/mp4 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/images/video/esign-signin-page.mp4
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 724984645665500c2c2f3bd0fe211fdec8ba970ce40f310b0db5867054f4817a

Request headers

Referer: https://app.customesignature.com/signin
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=315360000
etag: "6717842e-5e688e"
Content-Range: bytes 0-6187149/6187150
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
Content-Length: 6187150
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: video/mp4
last-modified: Tue, 22 Oct 2024 10:53:34 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 123920143801019 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 263ms
261ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/123920143801019?v=2.9.175&r=stable&domain=app.customesignature.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

688536cd35a98d5b5a4df4e9d78f46082e9daf54625d9a3adcaae1a4eb8b1148

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-zreisjKm' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-zreisjKm' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=77, mss=1232, tbw=70880, tp=68, tpl=0, uplat=125, ullat=0
pragma: public
x-fb-debug: k0rQ6t7RWl96yqZfakfDRggkRAkvwJW/pbp7ertZlsG0W7EO0dmCC51R7CjV7ZjLjVnNOBBuinJe5rsdZRU02g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 66ms
65ms Script
application/javascript 2620:1ec:bdf::41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gv8chjckyr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::41 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-azure-ref: 20241101T003107Z-177648858f4hzvv9vn0f3ah9dc0000000bvg000000003bw8
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 6bd93a27-901e-007b-354c-286c47000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

POST
H3 200 collect
www.google.com/ccm/ 0
0 182ms
67ms Ping
text/plain 142.251.16.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&scrsrc=www.googletagmanager.com&frm=0&rnd=342676795.1730421068&auid=1217215436.1730421068&npa=0&gtm=45He4au0v9102137442za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&tft=1730421067624&tfd=1247&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 403 KB
130 KB 140ms
139ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f81f76af6149c884fc1df71c50663f94d96d6d37f1f9b2726cc8801994100c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 01 Nov 2024 00:31:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132813
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
87 KB 61ms
60ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-000000&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

966c87ff689697f54cab4a4cc2bfec50f2774e3424d08c97a864364459753956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 01 Nov 2024 00:31:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88805
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 251 KB
89 KB 89ms
86ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-299483092&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f690600cd3164ce681c0452ce061a7b89d50a45acfccc6b71141856e4aa88b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 01 Nov 2024 00:31:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91211
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 373ms
126ms Script
application/javascript 2600:1408:ec00:1e::1735:23ec
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:ec00:1e::1735:23ec Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=53356
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Fri, 01 Nov 2024 00:31:07 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 81ms
80ms Image
text/html 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 82ms
81ms Image
text/html 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N7F6DGX&v=3&t=t&pid=859003210&cv=15&rv=4au0&tc=59&tag_exp=101533422~101823848~101878899~101878944~101925629&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&z=0

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 81ms
81ms Image
text/html 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N7F6DGX&v=3&t=t&pid=859003210&cv=15&rv=4au0&tc=59&tag_exp=101533422~101823848~101878899~101878944~101925629&es=1&e=*&eid=1&u=AAAAAAAIAAAAAACI&ut=Ag&h=Ag&hf=0__html&ht=p__html&tr=1gclidw.5gclidw.1googtag.1googtag.1cvt.1gaawe.1sp.1cvt.1fsl.1lcl.1cl.1fsl.1cl.1evl.1fsl.1fsl.1fsl.1lcl.1html&ti=1gclidw.1gclidw.2googtag.2googtag.2cvt.1gaawe.1sp.2cvt.2fsl.2lcl.2cl.2fsl.2cl.2evl.2fsl.2fsl.2fsl.2lcl.2html&z=0

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame EE60 0
0 169ms
59ms Document
text/html 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapp.customesignature.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7F6DGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 00:31:07 GMT
expires: Sat, 01 Nov 2025 00:31:07 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 144ms
144ms Image
text/html 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
288 B 240ms
83ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://app.customesignature.com
Date: Fri, 01 Nov 2024 00:31:07 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 188ms
58ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=123920143801019&ev=PageView&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&rl=&if=false&ts=1730421067731&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=4126&fbp=fb.1.1730421067726.560902594492282461&ler=empty&cdl=API_unavailable&it=1730421067437&coo=false&rqm=GET

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=3262, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 358ms
228ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=123920143801019&ev=PageView&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&rl=&if=false&ts=1730421067731&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=4126&fbp=fb.1.1730421067726.560902594492282461&ler=empty&cdl=API_unavailable&it=1730421067437&coo=false&rqm=FGET

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432101892187520817"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Fhk8NNWpAv8RJ0TkC89w3nQi9TsnGJibWXmptbIs24IUuMCU6f2k4+dryW2udWFOffXdM2vFlOsl3CvrmOFxJg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432101892187520817", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=18, mss=1297, tbw=3413, tp=-1, tpl=-1, uplat=170, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 187ms
59ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=123920143801019&ev=PageView&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&rl=&if=false&ts=1730421067735&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1730421067726.560902594492282461&ler=empty&cdl=API_unavailable&it=1730421067437&coo=false&eid=1730421067630.470317.1&tm=1&rqm=GET

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2980, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
842 B 358ms
229ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=123920143801019&ev=PageView&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&rl=&if=false&ts=1730421067735&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1730421067726.560902594492282461&ler=empty&cdl=API_unavailable&it=1730421067437&coo=false&eid=1730421067630.470317.1&tm=1&rqm=FGET

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432101891922523357"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Li/8kByeWJZCgtGpHfu8qkTREUtHWXARA1Sk/mTHrEkUcZJhNicUuesW5B11i914VpGoff69jZ0VBqFDKTQyUw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432101891922523357", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=18, mss=1297, tbw=6671, tp=-1, tpl=-1, uplat=170, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 collect Show response
mxqgjzkc.use.stape.io/g/ 65 B
564 B 612ms
268ms XHR
text/plain 2600:1901:0:c2e8::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://mxqgjzkc.use.stape.io/g/collect?v=2&tid=G-000000&gtm=45je4au0z89102137442za200zb9102137442&_p=1730421067212&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=543163770.1730421068&ecid=592222085&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.tft=1730421067212&sst.ude=0&_s=1&sid=1730421067&sct=1&seg=0&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&dt=Custom%20Esignature&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1730421067630.470317.1&tfd=1404&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-000000&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c2e8:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex, nofollow
cache-control: no-cache
x-accel-buffering: no
trace-id: 3de6daed-afd2-4191-9bb0-3747a83f08b0
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://app.customesignature.com
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: text/plain

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/299483092/ 5 KB
2 KB 177ms
70ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/299483092/?random=1730421067803&cv=11&fst=1730421067803&bg=ffffff&guid=ON&async=1&gtm=45be4au0v9119577707z89102137442za201zb9102137442&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&npa=0&pscdl=noapi&auid=1217215436.1730421068&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-299483092&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

f855c97b52bb02fb81f2f93a951ebd790b883d535eb4786e906cb2b7d345068a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2313
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 299483092
td.doubleclick.net/td/rul/ Frame ABC1 0
0 274ms
71ms Document
text/html 2607:f8b0:400d:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/299483092?random=1730421067803&cv=11&fst=1730421067803&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v9119577707z89102137442za201zb9102137442&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&npa=0&pscdl=noapi&auid=1217215436.1730421068&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-299483092&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 00:31:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 736ms
283ms Fetch
text/plain 2607:f8b0:400d:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9L1FW2LT7D&gtm=45je4au0v9102137096z89102137442za200zb9102137442&_p=1730421067212&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=543163770.1730421068&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730421067&sct=1&seg=0&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&dt=Custom%20Esignature&en=page_view&_fv=1&_ss=1&tfd=1516
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.customesignature.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
560 B 388ms
134ms Ping
text/plain 2607:f8b0:400d:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9L1FW2LT7D&cid=543163770.1730421068&gtm=45je4au0v9102137096z89102137442za200zb9102137442&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.customesignature.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame BF95 0
0 179ms
63ms Document
text/html 2607:f8b0:400d:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-9L1FW2LT7D&gacid=543163770.1730421068&gtm=45je4au0v9102137096z89102137442za200zb9102137442&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&z=1067277655

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 00:31:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 53ms
52ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N7F6DGX&v=3&t=t&pid=859003210&cv=15&rv=4au0&tc=59&tag_exp=101533422~101823848~101878899~101878944~101925629&e=*&eid=1&u=AAAAAAAIAAAAAACI&ut=Ag&h=Ag&tr=5googtag.5googtag.5gaawe.5fsl.5lcl.5cl.5fsl.5cl.5evl.5fsl.5fsl.5fsl.5lcl.5html.5cvt&ti=2googtag.2googtag.1gaawe.2fsl.2lcl.2cl.2fsl.2cl.2evl.2fsl.2fsl.2fsl.2lcl.2html.2cvt&z=0

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 51ms
51ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?ctid=GTM-N7F6DGX&t=s&si=339&m=0&iss=4&sid=2418913274489621&cc=1&tl=8&hc=1&cl=0&pid=986475327&bc=1

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 01 Nov 2024 00:31:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/299483092/ 42 B
64 B 66ms
66ms Image
image/gif 142.251.16.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/299483092/?random=1730421067803&cv=11&fst=1730419200000&bg=ffffff&guid=ON&async=1&gtm=45be4au0v9119577707z89102137442za201zb9102137442&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&hn=www.googleadservices.com&frm=0&tiba=Custom%20Esignature&npa=0&pscdl=noapi&auid=1217215436.1730421068&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEQBbmOcGabqt1PNCobY0VUoLZw4b_Q&random=3765119879&rmt_tld=0&ipr=y

Requested by

Host: app.customesignature.com
URL: https://app.customesignature.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 01 Nov 2024 00:31:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
310 B 194ms
101ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 48B85619B79E4F34B99593DEEAA5E51A Ref B: MIAEDGE2912 Ref C: 2024-11-01T00:31:08Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYlzw0UPVEnqGMiJNAxuw==
x-li-proto: http/2
access-control-allow-origin: https://app.customesignature.com
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 00:31:08 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
762 B 173ms
82ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4921396&time=1730421068031&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000625cf0d1458daedbfec3f320f1fb1
x-msedge-ref: Ref A: CB9B1F1A57AD4EA197F4BF14F4A0E077 Ref B: MIAEDGE2912 Ref C: 2024-11-01T00:31:08Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlzw0UWNrtv+w/Mg8fsQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest=...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4921396%26time%3D1730421068031%26li_adsId%3D14042e56-1f4b-4757-8b99-550f2b985092%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest=...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest...

0
488 B

259ms
133ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKEwkX9enyTcgAAAZLlIhMWqgBeD4h-YAd5HBAk-XAAdR7AzWWXa8N1UOkWcwU90h-Hwg
Requested by: Host: app.customesignature.com
URL: https://app.customesignature.com/signin
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 565767D883D14D8FBF898BCF30743BBC Ref B: MIAEDGE1417 Ref C: 2024-11-01T00:31:08Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlzw0dcuocgaeIXTDgGw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4921396&time=1730421068031&li_adsId=14042e56-1f4b-4757-8b99-550f2b985092&url=https%3A%2F%2Fapp.customesignature.com%2Fsignin&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKEwkX9enyTcgAAAZLlIhMWqgBeD4h-YAd5HBAk-XAAdR7AzWWXa8N1UOkWcwU90h-Hwg
x-msedge-ref: Ref A: FCDF4E5F09B34D7BA9DE703B8BB0D7D4 Ref B: MIAEDGE2912 Ref C: 2024-11-01T00:31:08Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlzw0aeXrA8VMPSp2oGw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 01 Nov 2024 00:31:08 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
288 B 55ms
54ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://app.customesignature.com
Date: Fri, 01 Nov 2024 00:31:08 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C11DCD8EC4C44B1F90347ED1E5B62E7C&RedC=c.clarity.ms&MXFR=0ED66793329569C00D4172B936956779
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C11DCD8EC4C44B1F90347ED1E5B62E7C&MUID=2D6707BDF6A5689022441297F735697E

42 B
465 B

53ms
53ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C11DCD8EC4C44B1F90347ED1E5B62E7C&MUID=2D6707BDF6A5689022441297F735697E
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Fri, 01 Nov 2024 00:31:09 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C11DCD8EC4C44B1F90347ED1E5B62E7C&MUID=2D6707BDF6A5689022441297F735697E
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 99310E7505DD4BAAB3A02C81C7962558 Ref B: MIAEDGE1818 Ref C: 2024-11-01T00:31:09Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Fri, 01 Nov 2024 00:31:08 GMT
x-powered-by: ASP.NET

GET
H2 200 favicon.ico
app.customesignature.com/images/ 15 KB
15 KB 300ms
300ms Other
image/x-icon 164.92.90.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.customesignature.com/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.90.31 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 626e03f1d0704e4881fafbb888132eb76553b285321bbe4b00fddb9a746469d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.customesignature.com/signin

Response headers

cache-control: max-age=315360000
etag: "67178400-3c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15406
date: Fri, 01 Nov 2024 00:31:08 GMT
content-type: image/x-icon
last-modified: Tue, 22 Oct 2024 10:52:48 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 51ms
51ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 01 Nov 2024 00:31:09 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
288 B 54ms
54ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://app.customesignature.com
Date: Fri, 01 Nov 2024 00:31:10 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 129ms
128ms Fetch
text/plain 2607:f8b0:400d:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9L1FW2LT7D&gtm=45je4au0v9102137096za200zb9102137442&_p=1730421067212&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=543163770.1730421068&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1730421067&sct=1&seg=0&dl=https%3A%2F%2Fapp.customesignature.com%2Fsignin&dt=Custom%20Esignature&en=scroll&epn.percent_scrolled=90&_et=53&tfd=6570
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9L1FW2LT7D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.customesignature.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:31:12 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.customesignature.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 40mhgt90eafifkpvq5cr46aqf1
www.clarity.ms/	1970-01-21 09:25:57	Name: CLID Value: 07d6fc867dcf4f4a9586ccd53c32fcf8.20241101.20251101
.customesignature.com/	1970-01-21 09:25:57	Name: _clck Value: rjbjk0%7C2%7Cfqi%7C0%7C1766
.customesignature.com/	1970-01-21 02:49:57	Name: _gcl_au Value: 1.1.1217215436.1730421068
.customesignature.com/	1970-01-21 02:49:57	Name: _fbp Value: fb.1.1730421067726.560902594492282461
.customesignature.com/	1970-01-21 10:16:21	Name: _ga_000000 Value: GS1.1.1730421067.1.0.1730421067.0.0.592222085
.customesignature.com/	1970-01-21 10:16:21	Name: _ga Value: GA1.1.543163770.1730421068
.customesignature.com/	1970-01-21 10:16:21	Name: _ga_9L1FW2LT7D Value: GS1.1.1730421067.1.0.1730421067.60.0.0
.customesignature.com/	1970-01-21 00:41:47	Name: _clsk Value: 1thd4yn%7C1730421067948%7C1%7C1%7Cx.clarity.ms%2Fcollect
.doubleclick.net/	1970-01-21 00:40:21	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-21 02:49:57	Name: li_sugr Value: 9827b954-325e-485a-889d-da5828f3af13
.linkedin.com/	1970-01-21 00:41:47	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=3224:u=1:x=1:i=1730421068:t=1730507468:v=2:sig=AQFpqX_6JgmPt-8rHJgsoaEeZRiD1z87"
.linkedin.com/	1970-01-21 09:25:57	Name: bcookie Value: "v=2&f48e9d48-e86b-4ae4-8d87-f137a32cfe3d"
.linkedin.com/	1970-01-21 01:23:33	Name: UserMatchHistory Value: AQKNt0HS1ZWz_QAAAZLlIhHlZR0AK8Drx0U4NzWaxIXu7yoJmofhc2u1Y8Dg1lI3M39dVBytYx_XBQ
.linkedin.com/	1970-01-21 01:23:33	Name: AnalyticsSyncHistory Value: AQKplXGTEvapVgAAAZLlIhHl6YgxRRPcDnltpZJ5v-TaC5xhrkqyYkfKTEyQ1bE4Tdg3e6sUZB_YqF1tKR7WTw
.www.linkedin.com/	1970-01-21 09:25:57	Name: bscookie Value: "v=1&202411010031081a303888-c5ed-41c7-812e-abf585c48155AQHW32o_H_ZDG3_v6hFHhxCpKoCwbn0x"
.linkedin.com/	1970-01-21 00:40:22	Name: __cf_bm Value: 9qamrHHjUEdPRptJMsBSrG8exYcJ4MEy4UsUpHkkuAw-1730421068-1.0.1.1-ID7xj_x20v5fn_vv3PWbPY3LygM5ffB9yypfNMpJXrfRqb.MB5sLYNCduUk1U8KcmLrZh..tOR9QSZAk3RUHtQ
.bing.com/	1970-01-21 10:01:57	Name: MUID Value: 2D6707BDF6A5689022441297F735697E
.c.bing.com/	1970-01-21 00:50:25	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:01:57	Name: SRM_B Value: 2D6707BDF6A5689022441297F735697E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:01:57	Name: MUID Value: 2D6707BDF6A5689022441297F735697E
.c.clarity.ms/	1970-01-21 00:50:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:40:21	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://app.customesignature.com/signin Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
app.customesignature.com
betaapp.customesignature.com
c.bing.com
c.clarity.ms
connect.facebook.net
googleads.g.doubleclick.net
mxqgjzkc.use.stape.io
px.ads.linkedin.com
px4.ads.linkedin.com
r.wdfl.co
snap.licdn.com
stats.g.doubleclick.net
td.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
x.clarity.ms
13.107.42.14
142.251.16.147
164.92.90.31
172.217.222.97
172.253.115.155
20.110.205.119
20.114.190.119
2600:1408:ec00:1e::1735:23ec
2600:1901:0:c2e8::
2600:9000:2840:4200:1b:348c:b140:93a1
2606:4700:4400::6812:2929
2607:f8b0:4004:c0b::54
2607:f8b0:400d:c04::61
2607:f8b0:400d:c04::8a
2607:f8b0:400d:c07::9c
2607:f8b0:400d:c0b::9b
2620:1ec:21::14
2620:1ec:bdf::41
2620:1ec:c11::237
2a03:2880:f103:83:face:b00c:0:25de
31.13.66.19
08923b708ed8b0f7e589d0e2a9b9b39c5dc7a27c8674d97135cfa72db247006d
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
237e83161bfe098cbefdb3ed2ec69d4a7f2ce17a24f7caa14d9f0ae5dc0a8291
420c7808fee33b6ac9b4d72fef2a0c3faaa492cc9d9d1027417c691971dea54e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
5cc4ffd0cc46d6c8f11220fd96c4c24b376b447e8a3a1ed072bfdbd769a1283e
626e03f1d0704e4881fafbb888132eb76553b285321bbe4b00fddb9a746469d8
62d84363ac5f92817a32ad233247e254d0192f7d2f66b8e981dd7973ae13fc50
688536cd35a98d5b5a4df4e9d78f46082e9daf54625d9a3adcaae1a4eb8b1148
70c0004461d36b1ad47c3fd841fc53cd0a750b952e2ccd64daa6d87c637ce855
724984645665500c2c2f3bd0fe211fdec8ba970ce40f310b0db5867054f4817a
87df96f2f27f8b1b6807dc8cd6515f3911a7af9d5c5275479f9a64f9caaad2f5
8aa117ccbe114bb5995ea0ec95c30dec260cf5ba772bcf422e6e98ddfd58b84f
966c87ff689697f54cab4a4cc2bfec50f2774e3424d08c97a864364459753956
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae036cc005d78330ddabc5554ce6841cd8545cf58c33e45994c684053d1e8346
b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd
bcfad8bbdca2c75c6cfe40b0c95343b663760dff146ae5f24ddeaa0ffbfdc6ec
c09a5fb38b16352fd0e845ead26580d0285fd743505672ac4214201489090d9b
cc0d4b1f7badfd4e36f8cf25f7de30eb0e32d4db8220d251495472a92dd8100f
d5eb254dbf54ec743b8334c62cc8c4565dd2d991af15b9b145bd315310eed6a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7db2f2c71e8b43914c62f08ef1407c20c131cfed93879f5e1ccd4efc7088783
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcd446b4827ba7a84666b541aff7ea7bc4a1d463525d24c83f4f476feef3d34
f5c82d3ee9975982f36f84bab8229952cb222c68b13125671b52a26d65316ce6
f690600cd3164ce681c0452ce061a7b89d50a45acfccc6b71141856e4aa88b80
f81f76af6149c884fc1df71c50663f94d96d6d37f1f9b2726cc8801994100c2d
f855c97b52bb02fb81f2f93a951ebd790b883d535eb4786e906cb2b7d345068a

app.customesignature.com Open in urlscan Pro 164.92.90.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

62 %IPv6

12 Domains

21 Subdomains

19 IPs

1 Countries

6838 kBTransfer

8559 kBSize

24 Cookies

1 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.customesignature.com Open in urlscan Pro
164.92.90.31 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

62 %
IPv6

12
Domains

21
Subdomains

19
IPs

1
Countries

6838 kB
Transfer

8559 kB
Size

24
Cookies

55 HTTP transactions
0 data transactions