urlscan.io logo urlscan.io
SecurityTrails logo

spotdraft.docsend.com Open in urlscan Pro
52.20.78.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicktime.symantec.com/15siKyfZkSzUP29nZZPnU?h=QDZQp4dBUpcek6ULjCx889j8sNcMfvFtQMH9Pq7VdMc=&u=https://spotdraft.docsend...
Effective URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Submission: On December 14 via manual from HK — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 17 HTTP transactions. The main IP is 52.20.78.240, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is spotdraft.docsend.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2022. Valid for: a year.
This is the only time spotdraft.docsend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.49.177.5 16509 (AMAZON-02)
1 52.20.78.240 14618 (AMAZON-AES)
11 108.138.24.114 16509 (AMAZON-02)
1 172.217.18.10 15169 (GOOGLE)
1 2 162.125.66.18 19679 (DROPBOX)
2 162.125.8.20 19679 (DROPBOX)
1 104.16.99.29 13335 (CLOUDFLAR...)
17 6
1    13.49.177.5 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-49-177-5.eu-north-1.compute.amazonaws.com
clicktime.symantec.com
1    52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com
spotdraft.docsend.com
11    108.138.24.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-114.fra56.r.cloudfront.net
d2qvtfnm75xrxf.cloudfront.net
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
fonts.googleapis.com
2    162.125.66.18 (Frankfurt am Main, Germany)

ASN19679 (DROPBOX, US)
www.dropbox.com
2    162.125.8.20 (United States)

ASN19679 (DROPBOX, US)
d.dropbox.com
1    104.16.99.29 (None, )

ASN13335 (CLOUDFLARENET, US)
cfl.dropboxstatic.com
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d2qvtfnm75xrxf.cloudfront.net
270 KB
4 dropbox.com
www.dropbox.com — Cisco Umbrella Rank: 2401
d.dropbox.com — Cisco Umbrella Rank: 2308
6 KB
1 dropboxstatic.com
cfl.dropboxstatic.com — Cisco Umbrella Rank: 6124
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 docsend.com
spotdraft.docsend.com
13 KB
1 symantec.com
clicktime.symantec.com — Cisco Umbrella Rank: 71685
284 B
17 6
Domain Requested by
11 d2qvtfnm75xrxf.cloudfront.net spotdraft.docsend.com
d2qvtfnm75xrxf.cloudfront.net
2 d.dropbox.com d2qvtfnm75xrxf.cloudfront.net
2 www.dropbox.com 1 redirects spotdraft.docsend.com
1 cfl.dropboxstatic.com www.dropbox.com
1 fonts.googleapis.com spotdraft.docsend.com
1 spotdraft.docsend.com
1 clicktime.symantec.com 1 redirects
17 7

This site contains links to these domains. Also see Links.

Domain
help.docsend.com
www.spotdraft.com
www.docsend.com
Subject Issuer Validity Valid
*.docsend.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-13 -
2023-10-14		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.dropbox.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-14 -
2023-11-14		 a year crt.sh
cfl.dropboxstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-03-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Frame ID: 4819538A51451D817CEE9FC430A944A9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DocSend

Page URL History Show full URLs

  1. https://clicktime.symantec.com/15siKyfZkSzUP29nZZPnU?h=QDZQp4dBUpcek6ULjCx889j8sNcMfvFtQMH9Pq7VdMc=&u=https... HTTP 307
    https://spotdraft.docsend.com/view/mviri8666hsqewdm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

355 kB
Transfer

6639 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicktime.symantec.com/15siKyfZkSzUP29nZZPnU?h=QDZQp4dBUpcek6ULjCx889j8sNcMfvFtQMH9Pq7VdMc=&u=https://spotdraft.docsend.com/view/mviri8666hsqewdm HTTP 307
    https://spotdraft.docsend.com/view/mviri8666hsqewdm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.dropbox.com/pithos/privacy_consent HTTP 307
  • https://www.dropbox.com/pithos/host%3Aspotdraft.docsend.com/privacy_consent

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mviri8666hsqewdm
spotdraft.docsend.com/view/
Redirect Chain
  • https://clicktime.symantec.com/15siKyfZkSzUP29nZZPnU?h=QDZQp4dBUpcek6ULjCx889j8sNcMfvFtQMH9Pq7VdMc=&u=https://spotdraft.docsend.com/view/mviri8666hsqewdm
  • https://spotdraft.docsend.com/view/mviri8666hsqewdm
32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-78-240.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9bae14438756a487b74455ffd7267fcff9600db16e9cd58daa5c6b1f978acfe8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://*.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://*.id.opendns.com https://js-agent.newrelic.com https://*.nr-data.net https://www.youtube.com https://*.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://*.quora.com https://*.bing.com https://api.autopilothq.com https://*.capterra.com https://*.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-ZQBeM1vnljPMfHsQVsGLVg=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://*.previews.dropboxusercontent.com/*/p.m3u8 https://*.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://*.browser-intake-datadoghq.com https://*.kissmetrics.com https://*.kissmetrics.io https://api.segment.io https://cdn.segment.com https://*.id.opendns.com https://www.google-analytics.com https://*.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://*.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://*.nr-data.net https://*.dropbox.com https://*.dropboxapi.com https://*.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://*.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://*.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://*.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://*.okta.com https://*.oktapreview.com https://*.jumpcloud.com https://*.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://*.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob:
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://*.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://*.id.opendns.com https://js-agent.newrelic.com https://*.nr-data.net https://www.youtube.com https://*.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://*.quora.com https://*.bing.com https://api.autopilothq.com https://*.capterra.com https://*.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-ZQBeM1vnljPMfHsQVsGLVg=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://*.previews.dropboxusercontent.com/*/p.m3u8 https://*.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://*.browser-intake-datadoghq.com https://*.kissmetrics.com https://*.kissmetrics.io https://api.segment.io https://cdn.segment.com https://*.id.opendns.com https://www.google-analytics.com https://*.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://*.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://*.nr-data.net https://*.dropbox.com https://*.dropboxapi.com https://*.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://*.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://*.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://*.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://*.okta.com https://*.oktapreview.com https://*.jumpcloud.com https://*.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://*.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob:
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Dec 2022 06:12:16 GMT
Etag
W/"9bae14438756a487b74455ffd7267fcf"
Server
nginx
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Frame-Options
DENY
X-Request-Id
4b743d39-6ce7-41c1-816f-301b71b9a86f
X-Runtime
0.105668

Redirect headers

Connection
keep-alive
Date
Wed, 14 Dec 2022 06:12:15 GMT
Location
https://spotdraft.docsend.com/view/mviri8666hsqewdm
Server
nginx
TA-CODE
unknown
Transfer-Encoding
chunked
X-EventId
2938785
X-HostId
45c73019f24ad56b0aaa4e6172a6da74
presentation-bf8b19fa.css
d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/ 		592 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/presentation-bf8b19fa.css
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
553c3c22b022276648d51df64d53ddb8ec04738e4b400ac0c02eb0d4d0d84a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 00:55:33 GMT
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Dec 2022 00:34:50 GMT
Server
nginx
Content-Encoding
br
X-Amz-Cf-Pop
FRA56-P7
Age
19004
Transfer-Encoding
chunked
Vary
Accept-Encoding,Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
C-J5V4r3_JCnh5JMasbNa7Cp2k7AIsZVDE-IB46b3x5_7KBW0k31Hg==
presentation-607cebb9.css
d2qvtfnm75xrxf.cloudfront.net/packs/css/javascripts/ 		174 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/packs/css/javascripts/presentation-607cebb9.css
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1e296d5386082afb75975f8ed797bc3254d1181f38fbe5b8b61a5538d1509ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 05:57:48 GMT
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Dec 2022 00:34:50 GMT
Server
nginx
Content-Encoding
br
X-Amz-Cf-Pop
FRA56-P7
Age
869
Transfer-Encoding
chunked
Vary
Accept-Encoding,Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
kdkm83ZiDyQ_fEEe6NAf-0xkwM_qUnjVc2f2YhJLlf0Hc-ErFrnwOQ==
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,600,400,400italic,300,300italic
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
334a8ceb6725416b35ef162fa654058add5fa9b9a4e1d8e9e00705a64b08af76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 06:12:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:12:18 GMT
error_handling-7dd3b9455d49c9ec984e.js
d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/error_handling-7dd3b9455d49c9ec984e.js
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9e80ac645c84158e16bbacb71b3bb01e0638c1efb09fb578dc05a15fa63db95d
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 01:20:44 GMT
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Dec 2022 00:34:49 GMT
Server
nginx
Content-Encoding
br
X-Amz-Cf-Pop
FRA56-P7
Age
17493
Transfer-Encoding
chunked
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
GsLXd_HeF6q7VjRI8CMnRiHvefiP1S0yqpeUZvco3APKrk7y0PXHAQ==
privacy_consent
www.dropbox.com/pithos/host%3Aspotdraft.docsend.com/
Redirect Chain
  • https://www.dropbox.com/pithos/privacy_consent
  • https://www.dropbox.com/pithos/host%3Aspotdraft.docsend.com/privacy_consent
8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dropbox.com/pithos/host%3Aspotdraft.docsend.com/privacy_consent
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
H2
Server
162.125.66.18 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
fa1729496523bf985a07058829bb504cb6b469e062a4fd1e3cda48da22a1ddc2
Security Headers
Name Value
Content-Security-Policy base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-yCiiVags4PGT6ObW9VdB' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-yCiiVags4PGT6ObW9VdB' 'nonce-rMtI5fx8lDBJvF86iFpb'
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-yCiiVags4PGT6ObW9VdB' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-yCiiVags4PGT6ObW9VdB' 'nonce-rMtI5fx8lDBJvF86iFpb'
date
Wed, 14 Dec 2022 06:12:19 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
cd45a303acdb4fbabfca47b66ae47b15
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-server-response-time
28
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache,no-cache, no-store

Redirect headers

content-security-policy
sandbox
date
Wed, 14 Dec 2022 06:12:18 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
c31e264c5c984907887ecb075d3df883
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://www.dropbox.com/pithos/host%3Aspotdraft.docsend.com/privacy_consent
cache-control
no-cache,no-cache, no-store
ie_specific_hacks_v2.css
d2qvtfnm75xrxf.cloudfront.net/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/assets/ie_specific_hacks_v2.css
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
06efe8658db3f014031c229b5caa099458685b7232b32561fb1eeb561183412b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 03:58:12 GMT
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Dec 2022 23:57:13 GMT
Server
nginx
Content-Encoding
br
X-Amz-Cf-Pop
FRA56-P7
Age
8044
Transfer-Encoding
chunked
Vary
Accept-Encoding,Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
l2Rq0jqpQDc_6GRAeGcsQVGSroD68L5Wmv3h0QcnixiZQl-PIONt6A==
companies%2Flogos%2F277547%2F3c323abd-f88a-46f4-8a12-553faf03eded%2FQ1u0yYpQ0KjbLH5l19gZ_SD-logo.png
d2qvtfnm75xrxf.cloudfront.net/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/companies%2Flogos%2F277547%2F3c323abd-f88a-46f4-8a12-553faf03eded%2FQ1u0yYpQ0KjbLH5l19gZ_SD-logo.png?Expires=1670998396&Signature=tLl9cstdwhhPHxnFOc9fNW3F1n~Pe6i7IHRcyf4Gbxy2~gDYi6QyyoPNqG1vni1-PAEgErGPxgUb0fSmHF3Kf-UZad04YNOfbxr3~ezbeB0MczazdnU2h7s9kgOR60jMgIrb3W2FcGoheVccm2TAudmnl-GU5GsBKS0JsBXy1zFgAQtqnEENw7UKn-NSYPZ8B9q522Ukydt0Ph3kw6~J0XyWB~W3KfcYRXvpDjbS79OcgtRKb6-YFUX70P3LEnjp9DWWzUf0QH~C4NTn-jITznanpgGIU9M1YqXT3IHL5MnzMO6FYQ4D6krKllCZwI1FUnR2NJiKN4NfazVGKzRG7Q__&Key-Pair-Id=K3IVFO0KFGPSF4
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e3259465a271aebc50317b99a7836b4c7305e2badfb9a2027e46543bc408304

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 10:45:07 GMT
Via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
Last-Modified
Mon, 03 Oct 2022 08:16:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
70031
ETag
"662bd4068323510ef5c1e9726aa75738"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6128
X-Amz-Cf-Id
o9wFncCuA2M8rHuv842o0RYNX8ZOS6F3jlllNPH_p-oQGLu0nAxuTA==
large-loader.gif
d2qvtfnm75xrxf.cloudfront.net/public/loading_images/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/public/loading_images/large-loader.gif
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216a694fc417dce27076f118e45ca73ead42a1be5004a8550eeca3e99af3ea02

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 06:07:02 GMT
Via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 May 2016 23:39:27 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
371
ETag
"ceb150ad0df5017df3c4f3599cd61779"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48903
X-Amz-Cf-Id
XevbGhfcHk5EbtClT69CBVQRWxMMeD2-r2d0ka7RrQaZphbN8v_bPg==
whitey-a183e5d0b46c9fa407c262ce44efe95546a2e8f07be415119d6641ec5fb19c19.png
d2qvtfnm75xrxf.cloudfront.net/assets/backgrounds/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/assets/backgrounds/whitey-a183e5d0b46c9fa407c262ce44efe95546a2e8f07be415119d6641ec5fb19c19.png
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a183e5d0b46c9fa407c262ce44efe95546a2e8f07be415119d6641ec5fb19c19
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
Date
Wed, 14 Dec 2022 01:55:48 GMT
Last-Modified
Wed, 06 Jul 2022 19:07:24 GMT
Server
nginx
X-Amz-Cf-Pop
FRA56-P7
Age
19419
Vary
Origin
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Content-Length
2430
X-Amz-Cf-Id
yzX0Zs1Eygbmj91wgy377HLVZQ9WGqR_Lmlo6v8Uk5V1AEBJqzdgqw==
blank.gif
d2qvtfnm75xrxf.cloudfront.net/public/ 		43 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/public/blank.gif
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 05:36:37 GMT
Via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
Last-Modified
Sat, 12 Apr 2014 01:42:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
2143
ETag
"f837aa60b6fe83458f790db60d529fc9"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
fdOlhhSdOxMFAW3ht2q3keQE9a5cmX3Az_sRw2OTNamve_5V-oJ-7w==
presentation-b903770e27f500043635.js
d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/ 		5 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/presentation-b903770e27f500043635.js
Requested by
Host: spotdraft.docsend.com
URL: https://spotdraft.docsend.com/view/mviri8666hsqewdm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

Referer
https://spotdraft.docsend.com/
Origin
https://spotdraft.docsend.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 06:12:19 GMT
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
Content-Encoding
br
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Wed, 14 Dec 2022 00:34:50 GMT
Server
nginx
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Vary
Accept-Encoding,Origin
X-Amz-Cf-Id
IGYImEccPF2FyouIiJjiT30Uda_kk6wDw32i0yGYIYnx-U5OhVg9EA==
sessions
d.dropbox.com/crashdash/proxy/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.dropbox.com/crashdash/proxy/sessions
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.125.8.20 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://spotdraft.docsend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Wed, 14 Dec 2022 06:12:19 GMT
server
envoy
x-dropbox-request-id
8376d715e3eb468fb9de1be278cbeef4
x-dropbox-response-origin
far_remote
sessions
d.dropbox.com/crashdash/proxy/ 		21 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.dropbox.com/crashdash/proxy/sessions
Requested by
Host: d2qvtfnm75xrxf.cloudfront.net
URL: https://d2qvtfnm75xrxf.cloudfront.net/packs/js/javascripts/error_handling-7dd3b9455d49c9ec984e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.125.8.20 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Bugsnag-Payload-Version
1
Referer
https://spotdraft.docsend.com/
Bugsnag-Sent-At
2022-12-14T06:12:18.415Z
accept-language
se-SE,se;q=0.9
Bugsnag-Api-Key
0bca6a0a-c303-4b27-84cb-60ebe421858a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
sandbox; default-src 'none'; frame-ancestors 'none'
date
Wed, 14 Dec 2022 06:12:19 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
via
1.1 google
server
envoy
content-type
application/json
access-control-allow-origin
*
x-dropbox-request-id
091a2337f59e496a9a09f190ddef99a1
bugsnag-session-uuid
020b9304-47b9-4057-b836-d76e8491f8a6
x-dropbox-response-origin
far_remote
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
AtlasGrotesk-Regular-Web.woff2
d2qvtfnm75xrxf.cloudfront.net/assets/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Regular-Web.woff2
Requested by
Host: d2qvtfnm75xrxf.cloudfront.net
URL: https://d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/presentation-bf8b19fa.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

Referer
https://d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/presentation-bf8b19fa.css
Origin
https://spotdraft.docsend.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 10:45:07 GMT
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Age
70031
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43308
Last-Modified
Mon, 12 Dec 2022 22:35:45 GMT
Server
nginx
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Vary
Origin
X-Amz-Cf-Id
KwkViVlxYHeEFTeIj86NcoyxhcUY_oVmNv3rtI_vTLGn4rJzY38H2A==
AtlasGrotesk-Medium-Web.woff2
d2qvtfnm75xrxf.cloudfront.net/assets/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2qvtfnm75xrxf.cloudfront.net/assets/fonts/AtlasGrotesk-Medium-Web.woff2
Requested by
Host: d2qvtfnm75xrxf.cloudfront.net
URL: https://d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/presentation-bf8b19fa.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-114.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

Referer
https://d2qvtfnm75xrxf.cloudfront.net/packs/css/stylesheets/presentation-bf8b19fa.css
Origin
https://spotdraft.docsend.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 10:45:07 GMT
Strict-Transport-Security
max-age=31556952; includeSubDomains; preload
Via
1.1 vegur, 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Age
70031
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
46188
Last-Modified
Mon, 12 Dec 2022 22:35:45 GMT
Server
nginx
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Vary
Origin
X-Amz-Cf-Id
7zfN0d7sVPgCZuHtrIp63wZYgDqvSzFxLxTRBhDe679GCNOIH-N1UA==
privacy_consent.bundle-vflyrceL-.js
cfl.dropboxstatic.com/static/metaserver/static/pithos/ 		213 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vflyrceL-.js
Requested by
Host: www.dropbox.com
URL: https://www.dropbox.com/pithos/privacy_consent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.99.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d736cda99c534c9ba8c80efdddb57ff5a7783d9ada30e2d0355726822fdd766
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://spotdraft.docsend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
392557
x-dropbox-request-id
89c97478b99fd204354bda127979b12c
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cached
HIT
last-modified
Fri, 09 Dec 2022 03:43:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public, immutable
timing-allow-origin
https://www.dropbox.com
cf-ray
7794c98c0d919930-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| ENV object| Bugsnag string| APP_ID object| intercomSettings function| Intercom object| presentationConfig boolean| uploadPolicy object| dbxPithosConfig

8 Cookies

Domain/Path Name / Value
.docsend.com/ Name: _v_
Value: yaizulDQQxiShFiPzsxd5%2FY24jbhNneeOcw8pWk12y7ovJYCFEQRNTKiN2RIOLVp3%2Bj4CU3ff3iOj%2B%2BuOS%2FLLn%2Fgj%2BB35mHLbcuaK6Y%3D--kuIcmwf5REVZ5WXD--O%2FmeHJcnjFCnb%2FF%2FhZ3YPA%3D%3D
.docsend.com/ Name: _us_
Value: BAhJIg92aWV3ZWQgZG9jBjoGRVQ%3D--86064670cbcb81a84182616ff39e8415292b30d1
.docsend.com/ Name: _dss_
Value: 4eb917b47862235096f56ebf5ca13c70
www.dropbox.com/ Name: gvc
Value: MjAzNzQ2MDI5OTEwNzU5ODc5Mjc2NTMwNTcwOTY1MjYzODQzNTkz
.dropbox.com/ Name: t
Value: nx-DvQ7sxgenV4uLKaTgil86
www.dropbox.com/ Name: __Host-js_csrf
Value: nx-DvQ7sxgenV4uLKaTgil86
.dropbox.com/ Name: locale
Value: en
www.dropbox.com/ Name: __Host-logged-out-session
Value: ChAIi79HpqqIGX95hreWNwzLEMPS5ZwGGi5BRk5pZmVGR0JOSEVaRW5NcE5aNVNkT3VZZ1dkNi11OVZuS3BjOTBfMUx5STNR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://d2qvtfnm75xrxf.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://*.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://*.id.opendns.com https://js-agent.newrelic.com https://*.nr-data.net https://www.youtube.com https://*.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://*.quora.com https://*.bing.com https://api.autopilothq.com https://*.capterra.com https://*.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net https://polyfill.io/v3/polyfill.min.js 'nonce-ZQBeM1vnljPMfHsQVsGLVg=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' blob: https://d2qvtfnm75xrxf.cloudfront.net https://*.previews.dropboxusercontent.com/*/p.m3u8 https://*.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://*.browser-intake-datadoghq.com https://*.kissmetrics.com https://*.kissmetrics.io https://api.segment.io https://cdn.segment.com https://*.id.opendns.com https://www.google-analytics.com https://*.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://*.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://*.nr-data.net https://*.dropbox.com https://*.dropboxapi.com https://*.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://*.pubnub.com https://docsend-prod.s3.amazonaws.com; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://*.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://*.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://*.okta.com https://*.oktapreview.com https://*.jumpcloud.com https://*.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; frame-src 'self' https://d2qvtfnm75xrxf.cloudfront.net https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://*.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://consent.dropbox.com https://ifttt.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d2qvtfnm75xrxf.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://d2qvtfnm75xrxf.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob:
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Frame-Options DENY