dwsdd.eversign.com Open in urlscan Pro
34.232.97.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Submission: On December 20 via api (December 20th 2024, 9:28:06 pm UTC) from US — Scanned from US

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 44 HTTP transactions. The main IP is 34.232.97.87, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is dwsdd.eversign.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 24th 2024. Valid for: a year.

This is the only time dwsdd.eversign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	34.232.97.87 34.232.97.87	14618 (AMAZON-AES) (AMAZON-AES)
9	2600:9000:266... 2600:9000:266a:8800:13:1d18:bac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:141b:b00... 2600:141b:b000::1736:a122	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2600:9000:23c... 2600:9000:23cb:f000:2:c605:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:b00... 2600:141b:b000::1736:a11b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:806::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f35... 2a03:2880:f35a:80:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f35... 2a03:2880:f35a:1:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
44	15

4 34.232.97.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-97-87.compute-1.amazonaws.com

dwsdd.eversign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:266a:8800:13:1d18:bac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.eversign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:b000::1736:a122 (Newark, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:23cb:f000:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:b000::1736:a11b (Newark, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f35a:80:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f35a:1:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	eversign.com dwsdd.eversign.com assets.eversign.com — Cisco Umbrella Rank: 334276	350 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	5 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 359	33 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	128 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	384 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	42 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	typeform.com embed.typeform.com — Cisco Umbrella Rank: 24221	15 KB
44	10

	Domain	Requested by
9	assets.eversign.com	dwsdd.eversign.com assets.eversign.com
6	bat.bing.com	www.googletagmanager.com bat.bing.com dwsdd.eversign.com
4	www.googletagmanager.com	dwsdd.eversign.com www.googletagmanager.com
4	dwsdd.eversign.com	dwsdd.eversign.com
3	td.doubleclick.net	www.googletagmanager.com
3	www.google.com	www.googletagmanager.com dwsdd.eversign.com
2	www.facebook.com	dwsdd.eversign.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	dwsdd.eversign.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	embed.typeform.com	dwsdd.eversign.com
2	use.typekit.net	dwsdd.eversign.com use.typekit.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
44	15

This site contains no links.

Subject Issuer	Validity	Valid
eversign.com Amazon RSA 2048 M03	`2024-04-24` - `2025-05-24`	a year	crt.sh
assets.eversign.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-10` - `2026-01-10`	a year	crt.sh
typeform.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
www.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 08	`2024-12-15` - `2025-06-13`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Frame ID: E57423446ACBA3B72E55C5BEE69CF6D4
Requests: 40 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fdwsdd.eversign.com
Frame ID: 68B01E1AB99B1A0610D8332C1D41EF4D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11439180554?random=1734730082230&cv=11&fst=1734730082230&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9109700667z8834897029za201zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: BDC88056F346CD40E86D9586742296B0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-31NK10Q062&gacid=586192822.1734730082&gtm=45je4cc1v9109700667z8834897029za200zb834897029&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1732955915
Frame ID: 7A8D8F29EE18DD8D62D783D1A6E918E1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11439180554?random=1734730082385&cv=11&fst=1734730082385&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9109700667z8834897029za200zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 3F9FDC3B6277A1CE67B8C0BC5C3DB22F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Xodo Sign

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

44
Requests

100 %
HTTPS

93 %
IPv6

10
Domains

15
Subdomains

15
IPs

1
Countries

926 kB
Transfer

2970 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sign Show response
dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/ 12 KB
4 KB 464ms
319ms Document
text/html 34.232.97.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.97.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-97-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1086985db2a4d258e6a62ae9f88a17aa8cd7793900eee9c59bb43903e82c8f71

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Dec 2024 21:28:01 GMT
server: nginx
x-request-time: 0.291

GET
H2 200 pace.min.js Show response
dwsdd.eversign.com/js/vendor/pace/ 12 KB
12 KB 33ms
29ms Script
application/javascript 34.232.97.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dwsdd.eversign.com/js/vendor/pace/pace.min.js
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.97.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-97-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Response headers

etag: "676133f2-304b"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12363
date: Fri, 20 Dec 2024 21:28:01 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 08:18:58 GMT
server: nginx

GET
H2 200 intlTelInput.min.css
assets.eversign.com/js/vendor/intl-tel-input-17.0.0/build/css/ 19 KB
3 KB 285ms
72ms Stylesheet
text/css 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/js/vendor/intl-tel-input-17.0.0/build/css/intlTelInput.min.css?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
etag: W/"676133f2-4ad5"
age: 17843
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: Kpay8w5Tvuf55sJFgfCnUyFgvtoXleJ6r1cx1tpzZ93Y69It-DLTHg==
date: Fri, 20 Dec 2024 16:30:38 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 08:18:58 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 intlTelInput.min.js Show response
assets.eversign.com/js/vendor/intl-tel-input-17.0.0/build/js/ 29 KB
10 KB 287ms
75ms Script
application/javascript 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/js/vendor/intl-tel-input-17.0.0/build/js/intlTelInput.min.js?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 20a2e62c5878a9f0f5de36ed6d860b0bc0fcebff1edc2da32514ab4c08fec6fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
etag: W/"676133f2-7355"
age: 17843
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: l8p2AZP3iJpI5lnPcvWwVMyTwcadXUzPgKj1TOQX0fHSYhF6SzV4Uw==
date: Fri, 20 Dec 2024 16:30:38 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 08:18:58 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 jquery-ui.min.css
dwsdd.eversign.com/css/jquery-ui/ 15 KB
16 KB 43ms
40ms Stylesheet
text/css 34.232.97.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dwsdd.eversign.com/css/jquery-ui/jquery-ui.min.css
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.97.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-97-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b82ca19bde95152260921266e7c3032dfb91b3e78becfae721ba0f41846d07e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Response headers

etag: "676133e9-3dd6"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15830
date: Fri, 20 Dec 2024 21:28:01 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 08:18:49 GMT
server: nginx

GET
H2 200 lad1kfy.css
use.typekit.net/ 4 KB
1 KB 153ms
63ms Stylesheet
text/css 2600:141b:b000::1736:a122
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lad1kfy.css

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:b000::1736:a122 Newark, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

4e086ef6b7b3341651477252664bf74637d2291a55a92bcf868ec63ccbc10a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 820
date: Fri, 20 Dec 2024 21:28:01 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 ionicons.min.css
assets.eversign.com/css/ 57 KB
8 KB 254ms
42ms Stylesheet
text/css 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/css/ionicons.min.css?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 301aeeb5d99ac577583d6d4454f78e0c9e16843a710f511b443fbe39154cc304

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
etag: W/"676133e9-e559"
age: 17842
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 8olw60MdLI2L-9JMvFRo3i9Z-mRj6aeJQXreCCCOxqblK0jnly6b_w==
date: Fri, 20 Dec 2024 16:30:39 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 08:18:49 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 flag-icon.min.css
assets.eversign.com/css/ 42 KB
2 KB 249ms
37ms Stylesheet
text/css 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/css/flag-icon.min.css?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a6cf77a4484c7351710cf6b6824ed1862f34ca64a113634f2d5a689079e3adc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
etag: W/"676133e9-a836"
age: 17842
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: QQDNaOmw7rQPCy0ox4DJWQJ8t_WD1foGZ3tRglXXFERGIWsPPP6eaw==
date: Fri, 20 Dec 2024 16:30:39 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 08:18:49 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 style.app.shared.css
assets.eversign.com/css/ 4 KB
1 KB 247ms
35ms Stylesheet
text/css 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/css/style.app.shared.css?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ad77a2b5b2a067bdab38227f08cf56a35deea1cc098b491e9254e8fdbdd43ad6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
etag: W/"676133e9-1198"
age: 17843
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: B1pr2LAwYKGt90BzL5lmhsrgnaEksJMvtT7ewhDK_H01JOVWW4Di2w==
date: Fri, 20 Dec 2024 16:30:38 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 08:18:49 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 style.app.eversign.css
assets.eversign.com/css/ 451 KB
69 KB 257ms
46ms Stylesheet
text/css 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/css/style.app.eversign.css?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9683aba00e69eccb65acbf4526d2c47cab6c98f6d05e693c8c2c0cfec6c21d3f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
etag: W/"676133e9-70d66"
age: 15782
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: ai7aBwtVvuHTruDoDGp_ouOFoavkQ7SELRWKPCQ0EVk4uyR_-hxzIg==
date: Fri, 20 Dec 2024 17:04:59 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 08:18:49 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 app.main.min.css
assets.eversign.com/css/ 70 KB
9 KB 245ms
35ms Stylesheet
text/css 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/css/app.main.min.css?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8574a3ffc550704d9be28f48606b0eb6468edef81af1dc9e21bc814b20aa2dcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
etag: W/"676133e9-119f9"
age: 17845
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 7Qpxzh-jqsQGWZS8xeT141F1axShpwasrJsIFSXXf-jWiAlpycwPtw==
date: Fri, 20 Dec 2024 16:30:36 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 08:18:49 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 scripts.app.eversign.error_callback.js Show response
assets.eversign.com/js/ 695 B
1 KB 286ms
75ms Script
application/javascript 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/js/scripts.app.eversign.error_callback.js?ver=7acae536
Requested by: Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cf7d709f7f8469ef31275564b1eada9ca2d4f3cc99dfd6493fa3aa7b7c98242d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

etag: "676133f2-2b7"
age: 17835
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 695
x-amz-cf-id: 7j-JBJIqklTBlh3M9Jz7pfZOkcYfMXw0bIF_Lkpbs_zZxX7M_P6Zyg==
date: Fri, 20 Dec 2024 16:30:46 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 08:18:58 GMT
server: nginx
x-amz-cf-pop: JFK52-P5

GET
H2 200 embed.js Show response
embed.typeform.com/next/ 61 KB
14 KB 177ms
39ms Script
application/x-javascript 2600:9000:23cb:f000:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.typeform.com/next/embed.js

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23cb:f000:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b32ef3d653605e3278a8e50e853fdfe5893a998eb725623ec8cff40960686db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: gzip
etag: W/"154599af726d32e2fef371db6c019f99"
x-amz-version-id: R2NKuCK8koy3k1dmq_pDNCQKiQ7Mkp9o
age: 39
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bnX6qaDsD0r5MlnlTa-bIQq26MyCMZQk1noZAnda3TyX0TReEKQKaQ==
date: Fri, 20 Dec 2024 21:27:23 GMT
content-type: application/x-javascript
vary: accept-encoding
last-modified: Wed, 20 Nov 2024 13:57:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=0, must-revalidate
via: 1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 popup.css
embed.typeform.com/next/css/ 2 KB
1 KB 172ms
35ms Stylesheet
text/css 2600:9000:23cb:f000:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.typeform.com/next/css/popup.css

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23cb:f000:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e0701e0ad36569c93a83b77b91cbaca1cdf871945707d6b7d15bd809b2fff85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: gzip
etag: W/"f8ef8082581e4d528d62fce08b25cabc"
x-amz-version-id: 63sDvUmmxijpuO..Olo5ycWE2YezvLUy
age: 132
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: jPVXeLTERh31xTPGAPmsuo4sXLFIJ3KUrrh52hg5TIZgQ92IB5E2YA==
date: Fri, 20 Dec 2024 21:25:50 GMT
content-type: text/css
vary: accept-encoding
last-modified: Wed, 20 Nov 2024 13:57:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=0, must-revalidate
via: 1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 154ms
54ms Stylesheet
text/css 2600:141b:b000::1736:a11b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lad1kfy&ht=tk&f=32126.32127.32128.32129.32131.32132&a=140945035&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lad1kfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:b000::1736:a11b Newark, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "674fb987-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Fri, 20 Dec 2024 21:28:01 GMT
content-type: text/css
last-modified: Wed, 04 Dec 2024 02:08:07 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 311 KB
108 KB 152ms
59ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDXX2X6

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a96ea17b374a345e038bfefbf375b3ea62320709c557097b26ec5dffa7bddff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 20 Dec 2024 21:28:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:28:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110257
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Linearicons.ttf
assets.eversign.com/fonts/Linearicons/ 486 KB
199 KB 172ms
69ms Font
font/ttf 2600:9000:266a:8800:13:1d18:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.eversign.com/fonts/Linearicons/Linearicons.ttf
Requested by: Host: assets.eversign.com
URL: https://assets.eversign.com/css/style.app.eversign.css?ver=7acae536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:8800:13:1d18:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 97af2f6b511991503bee0d894553692d209292ea2cbc562006f4771513078399

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://dwsdd.eversign.com
Referer: https://assets.eversign.com/css/style.app.eversign.css?ver=7acae536

Response headers

content-encoding: gzip
etag: W/"676133e9-799ec"
age: 13936
via: 1.1 0b4bd786c6b93c5bc7d37331a04a3fdc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: kL5y1gub2DEFaRTfcZH2vPShXUH0csLu-WgQM1pBM7fkmaqq4F1MBg==
date: Fri, 20 Dec 2024 17:35:45 GMT
content-type: font/ttf
last-modified: Tue, 17 Dec 2024 08:18:49 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding

GET
H2 200 l
use.typekit.net/af/546513/00000000000000007735b041/30/ 40 KB
41 KB 177ms
75ms Font
application/font-woff2 2600:141b:b000::1736:a122
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/546513/00000000000000007735b041/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lad1kfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:b000::1736:a122 Newark, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 686fc4bd0610bd2b33d6a65da4e9ee911cb6c57b7629b015ad12435e6af849f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://dwsdd.eversign.com
Referer: https://use.typekit.net/lad1kfy.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "f180be84aaf4c9f3dc665acd1ad4681ed909ad15"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 41348
date: Fri, 20 Dec 2024 21:28:01 GMT
content-type: application/font-woff2
server: nginx

POST
H2 200 collect
www.google.com/ccm/ 0
0 239ms
72ms Ping
text/plain 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&scrsrc=www.googletagmanager.com&frm=0&rnd=1832646639.1734730082&dt=Xodo%20Sign&auid=469568338.1734730082&navt=n&npa=0&gtm=45He4cc1v834897029za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734730082001&tfd=1187&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDXX2X6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 435 KB
138 KB 99ms
98ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-31NK10Q062&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDXX2X6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7f343f490d46da68e1cc7e765ee060de7fd8c56860870c80b68935b89f2792a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 20 Dec 2024 21:28:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140546
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 252ms
36ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDXX2X6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: gzip
age: 3261
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 20 Dec 2024 22:33:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 20:33:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 371ms
127ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDXX2X6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 217FD04906784F40AA3375EF863544F5 Ref B: PHL30EDGE0112 Ref C: 2024-12-20T21:28:02Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 20 Dec 2024 21:28:01 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 435 KB
138 KB 73ms
72ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11439180554&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDXX2X6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

437d43e3f55188ae4372c8eb09e0c0e446dc86c7c99c95acbf70120e25aea8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 20 Dec 2024 21:28:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140548
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 214ms
119ms Script
application/x-javascript 2a03:2880:f35a:80:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-ynkIDWAu' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-ynkIDWAu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5763, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: bZB9hCUc7vg91J/6YCAM89eHkxnuIhR390KJ8e3xaqaihhMfboiJh6LBFssyfw0czjz2DsXeNp6szI4CFBRjBw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 68B0 0
0 237ms
28ms Document
text/html 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fdwsdd.eversign.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDXX2X6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 20629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Dec 2024 15:44:13 GMT
expires: Sat, 20 Dec 2025 15:44:13 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11439180554/ 4 KB
2 KB 163ms
49ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11439180554/?random=1734730082230&cv=11&fst=1734730082230&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9109700667z8834897029za201zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11439180554&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc760864b04e7166cc6b2add672f6bd196428185c23725d8e36656b0ee126929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2281
date: Fri, 20 Dec 2024 21:28:02 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11439180554
td.doubleclick.net/td/rul/ Frame BDC8 0
0 137ms
50ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11439180554?random=1734730082230&cv=11&fst=1734730082230&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9109700667z8834897029za201zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11439180554&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dwsdd.eversign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Dec 2024 21:28:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 194ms
93ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-31NK10Q062&gtm=45je4cc1v9109700667z8834897029za200zb834897029&_p=1734730081740&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=586192822.1734730082&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1734730082&sct=1&seg=0&dl=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&dt=Xodo%20Sign&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1531
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31NK10Q062&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://dwsdd.eversign.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 204ms
91ms Ping
text/plain 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-31NK10Q062&cid=586192822.1734730082&gtm=45je4cc1v9109700667z8834897029za200zb834897029&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31NK10Q062&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://dwsdd.eversign.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 7A8D 0
0 88ms
88ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-31NK10Q062&gacid=586192822.1734730082&gtm=45je4cc1v9109700667z8834897029za200zb834897029&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1732955915

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31NK10Q062&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dwsdd.eversign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Dec 2024 21:28:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11439180554/ 4 KB
2 KB 59ms
58ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11439180554/?random=1734730082385&cv=11&fst=1734730082385&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9109700667z8834897029za200zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31NK10Q062&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8de7d1aa7891717aee2d67a40b53a0df006499436eb37a4b8cdcad3802565a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2306
date: Fri, 20 Dec 2024 21:28:02 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11439180554
td.doubleclick.net/td/rul/ Frame 3F9F 0
0 76ms
75ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11439180554?random=1734730082385&cv=11&fst=1734730082385&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9109700667z8834897029za200zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31NK10Q062&l=dataLayer&cx=c&gtm=45He4cc1v834897029za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dwsdd.eversign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Dec 2024 21:28:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 896303548849119 Show response
connect.facebook.net/signals/config/ 78 KB
16 KB 99ms
98ms Script
application/x-javascript 2a03:2880:f35a:80:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896303548849119?v=2.9.179&r=stable&domain=dwsdd.eversign.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91031bb46bfda0e49003863e48f35f9994fd8256e44959c7609e274559be74a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-htCnPfsL' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-htCnPfsL' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=60, mss=1232, tbw=71747, tp=66, tpl=0, uplat=70, ullat=0
pragma: public
x-fb-debug: RjH5vecCccX4MUNEkWWAVlBwQAIkztUQQpOcn2Iws+emxp7yjBcq/AcBZayFwz3DoqarXPwSaExciihUEG5hew==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
423 B 42ms
42ms XHR
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=610859037&t=pageview&_s=1&dl=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&ul=en-us&de=UTF-8&dt=Xodo%20Sign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1771557683&gjid=804662980&cid=586192822.1734730082&tid=UA-62924033-12&_gid=1475068476.1734730082&_r=1&_slc=1&gtm=45He4cc1n81WDXX2X6v834897029za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=39912882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://dwsdd.eversign.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:28:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://dwsdd.eversign.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 /
www.google.com/pagead/1p-user-list/11439180554/ 42 B
64 B 62ms
62ms Image
image/gif 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11439180554/?random=1734730082230&cv=11&fst=1734728400000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9109700667z8834897029za201zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dMg94ehVEOqhdq2GU7Inph1zNGEILsw&random=619484082&rmt_tld=0&ipr=y

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 20 Dec 2024 21:28:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 247003993.js Show response
bat.bing.com/p/action/ 2 KB
975 B 30ms
30ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/247003993.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b75c520de7e57a745046979acf002ea76c538f68b24686b15e6795e3f34afd9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D7ACDC3C03DD4529834730B1F4A506BC Ref B: PHL30EDGE0112 Ref C: 2024-12-20T21:28:02Z
x-cache: CONFIG_NOCACHE
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 /
www.google.com/pagead/1p-user-list/11439180554/ 42 B
64 B 63ms
63ms Image
image/gif 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11439180554/?random=1734730082385&cv=11&fst=1734728400000&bg=ffffff&guid=ON&async=1&gtm=45je4cc1v9109700667z8834897029za200zb834897029&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&hn=www.googleadservices.com&frm=0&tiba=Xodo%20Sign&npa=0&pscdl=noapi&auid=469568338.1734730082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dUs1i6ob-akOkK-1Jn6Q3OS4p8RoYIA&random=3949788221&rmt_tld=0&ipr=y

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 20 Dec 2024 21:28:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 247003993 Show response
bat.bing.com/p/insights/t/ 764 B
920 B 176ms
176ms Script
application/x-javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/247003993

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/247003993.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b1a7d906c0b7b9cdcb8bab26c866b911190b03667d43814cadc7923afcc0fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15C0A6A37E8A408FB2F75C94F6557BC4 Ref B: PHL30EDGE0112 Ref C: 2024-12-20T21:28:02Z
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 632
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-azure-ref: 20241220T212802Z-1684db5869fnflg7hC1YVRzxhc00000001v000000000exd3

GET
H2 204 0
bat.bing.com/action/ 0
358 B 101ms
101ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=247003993&tm=gtm002&Ver=2&mid=22999cd4-e833-4d60-9512-fd2ca53b06fc&bo=1&sid=4aff43f0bf1911ef86b82b85d720892a&vid=4aff5c90bf1911ef8b3fc7a5ea71ce06&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Xodo%20Sign&p=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&r=&lt=947&evt=pageLoad&sv=1&cdb=AQAQ&rn=971502

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33355BEDEDEF4EE6A502544C4498A681 Ref B: PHL30EDGE0112 Ref C: 2024-12-20T21:28:02Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 20 Dec 2024 21:28:02 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 99ms
26ms Image
text/plain 2a03:2880:f35a:1:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896303548849119&ev=PageView&dl=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&rl=&if=false&ts=1734730082547&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734730082544.163532318444750979&cs_est=true&ler=empty&cdl=API_unavailable&it=1734730082420&coo=false&rqm=GET

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f35a:1:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=5761, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 191ms
118ms Image
image/png 2a03:2880:f35a:1:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=896303548849119&ev=PageView&dl=https%3A%2F%2Fdwsdd.eversign.com%2Fdocument%2F60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a%2Fsign&rl=&if=false&ts=1734730082547&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734730082544.163532318444750979&cs_est=true&ler=empty&cdl=API_unavailable&it=1734730082420&coo=false&rqm=FGET

Requested by

Host: dwsdd.eversign.com
URL: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f35a:1:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450608970853134035"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 481ihtJV+OIWZqqXmsg2/vTb2v9AoO7hrVReQnbNUKVAYsupcYKUQqGNRs7rpZVEm6vF/6AopYyWUgccsOJ5vQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450608970853134035", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=6177, tp=14, tpl=0, uplat=92, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 0.7.59 Show response
bat.bing.com/p/insights/s/ 36 KB
16 KB 115ms
115ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.59

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/247003993

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a3fcb02604fe0e9b423223e0bb677654443b88b241d2218195e0ec153337364f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/

Response headers

content-encoding: br
x-ms-version: 2018-03-28
etag: W/"0x8DD202F1B380EF6"
x-fd-int-roxy-purgeid: 79034942
x-cache: CONFIG_NOCACHE
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: application/javascript;charset=utf-8
last-modified: Thu, 19 Dec 2024 13:14:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C0AF03A5EF70465A9B93A14B6EFCFCE7 Ref B: PHL30EDGE0112 Ref C: 2024-12-20T21:28:02Z
x-ms-request-id: 9a5d47e8-301e-0000-6974-522edb000000
access-control-allow-origin: *
content-length: 15897
x-azure-ref: 20241220T212802Z-15bf8fbc5675rht8hC1YVRmdn800000010e000000000amna

GET
H2 200 favicon.ico
dwsdd.eversign.com/images/favicon/ 15 KB
15 KB 32ms
32ms Other
image/x-icon 34.232.97.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dwsdd.eversign.com/images/favicon/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.97.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-97-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 07fb14af43ca2b19e2b6b8a77024cd0b736f50888ecb04614fe05e305136ec46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dwsdd.eversign.com/document/60a351345950440eb6565d5c4dead1c2-4b6f8313f9684c47acc1abd7743b517a/sign

Response headers

etag: "676133f0-3c2e"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15406
date: Fri, 20 Dec 2024 21:28:02 GMT
content-type: image/x-icon
last-modified: Tue, 17 Dec 2024 08:18:56 GMT
server: nginx

POST
H2 204 q Show response
bat.bing.com/p/insights/c/ 0
211 B 166ms
164ms XHR
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/q

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.59

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-webinsights-gzip
Referer: https://dwsdd.eversign.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 000A07A1921149B99B7BF27DF627554D Ref B: PHL30EDGE0112 Ref C: 2024-12-20T21:28:02Z
access-control-allow-credentials: true
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
access-control-allow-origin: https://dwsdd.eversign.com
x-cache: CONFIG_NOCACHE
date: Fri, 20 Dec 2024 21:28:02 GMT
vary: Origin

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eversign.com/	1970-01-21 04:01:46	Name: _gcl_au Value: 1.1.469568338.1734730082
.doubleclick.net/	1970-01-21 01:52:10	Name: test_cookie Value: CheckForPermission
.eversign.com/	1970-01-21 11:28:10	Name: _ga Value: GA1.2.586192822.1734730082
.eversign.com/	1970-01-21 01:53:36	Name: _gid Value: GA1.2.1475068476.1734730082
.eversign.com/	1970-01-21 01:52:10	Name: _gat_UA-62924033-12 Value: 1
.eversign.com/	1970-01-21 11:28:10	Name: _ga_31NK10Q062 Value: GS1.1.1734730082.1.0.1734730082.60.0.0
.eversign.com/	1970-01-21 04:01:46	Name: _fbp Value: fb.1.1734730082544.163532318444750979
.bing.com/	1970-01-21 11:13:46	Name: MUID Value: 004F1617CD0364001136034CCCC1656E
.bat.bing.com/	1970-01-21 02:02:14	Name: MR Value: 0
.bat.bing.com/	1970-01-21 11:13:46	Name: MSPTC Value: CQukiUsYkR1fjz_0VM_DV9LB4O03OS2Cc_-DCWj6Ox8
.eversign.com/	1970-01-21 01:53:36	Name: _uetsid Value: 4aff43f0bf1911ef86b82b85d720892a\|f7mml6\|2\|frv\|0\|1815
.eversign.com/	1970-01-21 11:13:46	Name: _uetvid Value: 4aff5c90bf1911ef8b3fc7a5ea71ce06\|jzvyzj\|1734730083101\|1\|1\|bat.bing.com/p/insights/c/q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
assets.eversign.com
bat.bing.com
connect.facebook.net
dwsdd.eversign.com
embed.typeform.com
googleads.g.doubleclick.net
p.typekit.net
stats.g.doubleclick.net
td.doubleclick.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:36::181
2600:141b:b000::1736:a11b
2600:141b:b000::1736:a122
2600:9000:23cb:f000:2:c605:29c0:93a1
2600:9000:266a:8800:13:1d18:bac0:93a1
2607:f8b0:4004:c09::9a
2607:f8b0:4006:806::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4006:820::2002
2607:f8b0:4006:824::200e
2620:1ec:33::10
2a03:2880:f35a:1:face:b00c:0:25de
2a03:2880:f35a:80:face:b00c:0:3
34.232.97.87
07fb14af43ca2b19e2b6b8a77024cd0b736f50888ecb04614fe05e305136ec46
0b82ca19bde95152260921266e7c3032dfb91b3e78becfae721ba0f41846d07e
0e0701e0ad36569c93a83b77b91cbaca1cdf871945707d6b7d15bd809b2fff85
1086985db2a4d258e6a62ae9f88a17aa8cd7793900eee9c59bb43903e82c8f71
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20a2e62c5878a9f0f5de36ed6d860b0bc0fcebff1edc2da32514ab4c08fec6fa
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
301aeeb5d99ac577583d6d4454f78e0c9e16843a710f511b443fbe39154cc304
437d43e3f55188ae4372c8eb09e0c0e446dc86c7c99c95acbf70120e25aea8f1
4e086ef6b7b3341651477252664bf74637d2291a55a92bcf868ec63ccbc10a81
579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f
686fc4bd0610bd2b33d6a65da4e9ee911cb6c57b7629b015ad12435e6af849f6
6b1a7d906c0b7b9cdcb8bab26c866b911190b03667d43814cadc7923afcc0fb5
8574a3ffc550704d9be28f48606b0eb6468edef81af1dc9e21bc814b20aa2dcb
8de7d1aa7891717aee2d67a40b53a0df006499436eb37a4b8cdcad3802565a70
91031bb46bfda0e49003863e48f35f9994fd8256e44959c7609e274559be74a9
9683aba00e69eccb65acbf4526d2c47cab6c98f6d05e693c8c2c0cfec6c21d3f
97af2f6b511991503bee0d894553692d209292ea2cbc562006f4771513078399
a3fcb02604fe0e9b423223e0bb677654443b88b241d2218195e0ec153337364f
a6cf77a4484c7351710cf6b6824ed1862f34ca64a113634f2d5a689079e3adc6
a96ea17b374a345e038bfefbf375b3ea62320709c557097b26ec5dffa7bddff6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ad77a2b5b2a067bdab38227f08cf56a35deea1cc098b491e9254e8fdbdd43ad6
b32ef3d653605e3278a8e50e853fdfe5893a998eb725623ec8cff40960686db4
b75c520de7e57a745046979acf002ea76c538f68b24686b15e6795e3f34afd9c
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
cf7d709f7f8469ef31275564b1eada9ca2d4f3cc99dfd6493fa3aa7b7c98242d
d7f343f490d46da68e1cc7e765ee060de7fd8c56860870c80b68935b89f2792a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc760864b04e7166cc6b2add672f6bd196428185c23725d8e36656b0ee126929

dwsdd.eversign.com Open in urlscan Pro 34.232.97.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

93 %IPv6

10 Domains

15 Subdomains

15 IPs

1 Countries

926 kBTransfer

2970 kBSize

12 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dwsdd.eversign.com Open in urlscan Pro
34.232.97.87 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

93 %
IPv6

10
Domains

15
Subdomains

15
IPs

1
Countries

926 kB
Transfer

2970 kB
Size

12
Cookies

44 HTTP transactions
0 data transactions