firma.webdoxclm.com Open in urlscan Pro
2606:4700:10::6816:3683 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Submission: On May 28 via manual (May 28th 2024, 11:57:45 pm UTC) from PH — Scanned from DE

Summary HTTP 27 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6816:3683, located in United States and belongs to CLOUDFLARENET, US. The main domain is firma.webdoxclm.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 16th 2023. Valid for: a year.

This is the only time firma.webdoxclm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:10:... 2606:4700:10::6816:3683	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.192.117 18.66.192.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.230.228.64 54.230.228.64	16509 (AMAZON-02) (AMAZON-02)
2	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
4	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::201b	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:3783	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	107.178.240.159 107.178.240.159	() ()
27	11

9 2606:4700:10::6816:3683 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

firma.webdoxclm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.webdoxclm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
preview.webdoxclm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-117.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-64.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:3783 (United States)

ASN13335 (CLOUDFLARENET, US)

preview.webdoxclm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.159 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	webdoxclm.com 1 redirects firma.webdoxclm.com app.webdoxclm.com — Cisco Umbrella Rank: 476560 preview.webdoxclm.com	1 MB
4	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 storage.googleapis.com — Cisco Umbrella Rank: 353	7 KB
2	mixpanel.com api-js.mixpanel.com	483 B
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 636	53 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 988	59 KB
1	gstatic.com fonts.gstatic.com	16 KB
27	7

	Domain	Requested by
7	firma.webdoxclm.com	1 redirects firma.webdoxclm.com
4	preview.webdoxclm.com	firma.webdoxclm.com
4	bam.nr-data.net	firma.webdoxclm.com
2	api-js.mixpanel.com	firma.webdoxclm.com
2	js-agent.newrelic.com	firma.webdoxclm.com
2	fonts.googleapis.com	firma.webdoxclm.com
1	storage.googleapis.com
1	app.webdoxclm.com
1	script.hotjar.com	firma.webdoxclm.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	firma.webdoxclm.com
27	11

This site contains links to these domains. Also see Links.

Domain
webdoxclm.com
www.webdoxclm.com

Subject Issuer	Validity	Valid
*.webdoxclm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-29`	a year	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
storage.googleapis.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Frame ID: 9267E9F2F8342BA222DCCE8DA4E65E24
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Firma Electrónica Webdox

Detected technologies

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

27
Requests

89 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

11
IPs

2
Countries

1338 kB
Transfer

2986 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://webdoxclm.com/

Search URL Search Domain Scan URL

URL: https://www.webdoxclm.com/en/privacy-policy-webdox-portal
Title: Privacy policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://firma.webdoxclm.com/d/f6bd90d1-0044-458e-843b-7ae8ff72ee29 HTTP 301
https://firma.webdoxclm.com/d/f6bd90d1-0044-458e-843b-7ae8ff72ee29/

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 403e675b Show response
firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/ 96 KB
34 KB 479ms
424ms Document
text/html 2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d787513c7a1eb52ef257f2650ce47beec64a49196865484c3101f6334070f62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 88b2302a8e9068f8-FRA
content-encoding: gzip
content-language: es
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 28 May 2024 23:57:38 GMT
expires: Tue, 28 May 2024 23:57:38 GMT
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
referrer-policy: same-origin no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Language
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1004 B 94ms
26ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 May 2024 23:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 May 2024 22:55:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 May 2024 23:57:38 GMT

GET
H2 200 sign.1106f802fc1f.css
firma.webdoxclm.com/static/css/ 1 KB
843 B 154ms
153ms Stylesheet
text/css 2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://firma.webdoxclm.com/static/css/sign.1106f802fc1f.css

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c020f883cd1bf89e2a5b2d5b32acb18054c7584236ef47d43f9a2dfe961ec64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 28 May 2024 12:10:43 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6655c9c3-504"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 88b2302de81168f8-FRA
x-xss-protection: 1; mode=block
expires: Wed, 28 May 2025 23:57:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 40 KB
2 KB 95ms
28ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMontserrat:300,400,500%7CRoboto

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d35591462d44ee082e4d717d840b2e770ff52448f57c494a09b81eec178a62bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 May 2024 23:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 May 2024 23:57:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 May 2024 23:57:38 GMT

GET
H2 200 password.ba310d7242d2.woff2
firma.webdoxclm.com/static/fonts/ 15 KB
15 KB 342ms
341ms Font
text/plain 2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://firma.webdoxclm.com/static/fonts/password.ba310d7242d2.woff2

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4675a8ce063f9f5885a692f7a273acf7eeb800abca14aac75b6707b689532f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Origin: https://firma.webdoxclm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 27 May 2024 21:31:22 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6654fbaa-3aa8"
x-frame-options: SAMEORIGIN
content-type: text/plain
cache-control: max-age=31536000, public
cf-ray: 88b2302de81268f8-FRA
x-xss-protection: 1; mode=block
expires: Wed, 28 May 2025 23:57:39 GMT

GET
H2 200 index-e072b62c.js Show response
firma.webdoxclm.com/static/dist/ 2 MB
566 KB 334ms
333ms Script
application/x-javascript 2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://firma.webdoxclm.com/static/dist/index-e072b62c.js

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a92486ef41ee504b78ea4e9bfa83c0fb8ef4ae601b4e4095ee948560954dfd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Origin: https://firma.webdoxclm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 28 May 2024 05:30:17 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66556be9-1c6cea"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
cf-ray: 88b2302de81b68f8-FRA
x-xss-protection: 1; mode=block
expires: Wed, 28 May 2025 23:57:39 GMT

GET
H2 200 hotjar-2842037.js Show response
static.hotjar.com/c/ 9 KB
4 KB 179ms
88ms Script
application/javascript 18.66.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2842037.js?sv=6

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-117.muc50.r.cloudfront.net

Software

Resource Hash

e74a88f8655bbfe46a6c54c1a9bb19edec8c7a42757e28a77c9668975e06b5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/145c5a6337a2ca913a743a078a93ac02
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9-Sozst8XATDAqZtWnsOJq6p4fmH-qZ5SLoPNIAN87Ck-GF0KMG1ag==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 96ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://firma.webdoxclm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 14:38:44 GMT
x-content-type-options: nosniff
age: 33535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 May 2025 14:38:44 GMT

GET
H2 200 modules.7b6d7646601d8cd7fb5f.js Show response
script.hotjar.com/ 222 KB
55 KB 132ms
28ms Script
application/javascript 54.230.228.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7b6d7646601d8cd7fb5f.js

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-64.muc50.r.cloudfront.net

Software

Resource Hash

0f38a63a4786988c8739a89b8ce5e8599ddef3c3d283eff939be3008cbeef0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 12:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 41193
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56114
last-modified: Tue, 28 May 2024 12:30:49 GMT
etag: "ee291f5775291ceb078ff8007ea3aad3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: z1FP_APyTnNEyegh5d3gvW27itA1-yp16YPTuyNjUlxyt0BP8J10gg==

GET
H2 200 en.json Show response
firma.webdoxclm.com/static/locale/translation/ 20 KB
6 KB 152ms
152ms Fetch
text/plain 2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://firma.webdoxclm.com/static/locale/translation/en.json

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e81647487cd140f81c203fa2971bbcd61c3b88d5562c6051dd6d9e72ae18e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
tracestate: 3476666@nr=0-1-3476666-1588697681-19122cea05335f96----1716940660042
traceparent: 00-554d48884c47e27bbc4055add499841f-19122cea05335f96-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzY2NjYiLCJhcCI6IjE1ODg2OTc2ODEiLCJpZCI6IjE5MTIyY2VhMDUzMzVmOTYiLCJ0ciI6IjU1NGQ0ODg4NGM0N2UyN2JiYzQwNTVhZGQ0OTk4NDFmIiwidGkiOjE3MTY5NDA2NjAwNDJ9fQ==
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 28 May 2024 14:13:53 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6655e6a1-5155"
x-frame-options: SAMEORIGIN
content-type: text/plain
cache-control: max-age=31536000, public
cf-ray: 88b230355b6568f8-FRA
x-xss-protection: 1; mode=block
expires: Wed, 28 May 2025 23:57:40 GMT

GET
H2 200 nr-spa-1.260.1.min.js Show response
js-agent.newrelic.com/ 106 KB
34 KB 63ms
19ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.260.1.min.js

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f941e01a27c4568da7a81f5cb516b5d2056b14b88cccf3c53f647bde767e0919

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Origin: https://firma.webdoxclm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Yrbdc1GL627m.B3Rf5_UelmBfBfYfLKU
content-encoding: br
via: 1.1 varnish
date: Tue, 28 May 2024 23:57:40 GMT
strict-transport-security: max-age=300
x-amz-request-id: C18Q9GZGDB76CJP0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 34121
x-amz-id-2: I4CtaVD3/eXa3oqlW9MTF7VBxUZO5h7vaoHIdfibg6XM7vGmbEkSqaX1jOHmNKquyhCQ3Dp/eO8=
x-served-by: cache-fra-eddf8230059-FRA
last-modified: Mon, 20 May 2024 17:44:49 GMT
server: AmazonS3
etag: "1221654800ab387071aa9e0bf5b47dde"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 441576

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
19 KB 57ms
18ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding: br
via: 1.1 varnish
date: Tue, 28 May 2024 23:57:40 GMT
strict-transport-security: max-age=300
x-amz-request-id: 4WAKW8KHFEZSZ8FD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: Qx4nj4BQcwfB1hAlQ26UIo8vaFMwk7wAE8D/AZe2Skw2NsWAlK/DXes8RcePnYVLHcg7pQTZxqs=
x-served-by: cache-fra-eddf8230148-FRA
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
server: AmazonS3
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 110

GET
H2 200 favicon.ico
app.webdoxclm.com/ 4 KB
854 B 373ms
341ms Other
image/x-icon 2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.webdoxclm.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059307f3adf6acf6d544925c66c1d50c689853a7bf7648b73d30b50fb82951ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 May 2024 16:10:17 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6650bbe9-10be"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: no-cache, must-revalidate
cf-ray: 88b23035eb9e68f8-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200 NRJS-0bbc09021d14100adcc Show response
bam.nr-data.net/1/ 79 B
579 B 330ms
256ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-0bbc09021d14100adcc?a=1588716053&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1883&ck=1&ref=https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b&be=749&fe=1817&dc=1782&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1716940658261,%22n%22:0,%22f%22:0,%22dn%22:9,%22dne%22:9,%22c%22:9,%22s%22:31,%22ce%22:56,%22rq%22:56,%22rp%22:480,%22rpe%22:600,%22dl%22:483,%22di%22:754,%22ds%22:1782,%22de%22:1782,%22dc%22:1816,%22l%22:1816,%22le%22:1818%7D,%22navigation%22:%7B%7D%7D&fp=859&fcp=859&jsonp=NREUM.setToken
Requested by: Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-fra-eddf8230086-FRA

POST
H/1.1 200 NRJS-0bbc09021d14100adcc Show response
bam.nr-data.net/1/ 63 B
517 B 317ms
258ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-0bbc09021d14100adcc?a=1440133158&v=1.260.1&to=YVVUNhYCVxFWVUBQClgfcBcKAE0LWFgbXQ9XXlENSgBWEFIYXFgLUlxTEBdNWBFQXw54NnF5fgMKB1UHRRhrZgZXXFo9Ow%3D%3D&rst=1897&ck=0&s=138ffdbc40d27364&ref=https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b&ptid=4d0150b62a99bb50&af=err,xhr,stn,ins,spa&ap=71&be=480&fe=1338&dc=1302&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1716940658262,%22n%22:0,%22f%22:0,%22dn%22:9,%22dne%22:9,%22c%22:9,%22s%22:31,%22ce%22:56,%22rq%22:56,%22rp%22:480,%22rpe%22:600,%22di%22:754,%22ds%22:1782,%22de%22:1782,%22dc%22:1816,%22l%22:1816,%22le%22:1818%7D,%22navigation%22:%7B%7D%7D&fp=859&fcp=859
Requested by: Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9148c2a745b8cfc114ac5a3e35cc70f21e0ec402d7b9b2ef0aa5a6daf111645a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://firma.webdoxclm.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://firma.webdoxclm.com
Content-Length: 63
x-served-by: cache-fra-eddf8230137-FRA

GET
H2

200

/ Show response
firma.webdoxclm.com/d/f6bd90d1-0044-458e-843b-7ae8ff72ee29/
Redirect Chain

https://firma.webdoxclm.com/d/f6bd90d1-0044-458e-843b-7ae8ff72ee29
https://firma.webdoxclm.com/d/f6bd90d1-0044-458e-843b-7ae8ff72ee29/

146 B
252 B

466ms
463ms

XHR
application/json

2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://firma.webdoxclm.com/d/f6bd90d1-0044-458e-843b-7ae8ff72ee29/

Protocol

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817967b8ce577f2b295a6299c7850b992ea9288cb49f62d76c9a2dfaf4b49d73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
referrer-policy: same-origin, no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie
content-language: es
content-type: application/json
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
cf-ray: 88b230380ca568f8-FRA
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 28 May 2024 23:57:40 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
referrer-policy: same-origin, no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-language: es
location: /d/f6bd90d1-0044-458e-843b-7ae8ff72ee29/
content-type: text/html; charset=utf-8
permissions-policy: geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
cf-ray: 88b23036fc2068f8-FRA
x-xss-protection: 1; mode=block

GET
H2 200 logo-manpower.png
storage.googleapis.com/docs2-webdoxusercontent-com/customers/mail_logos/000/001/071/original/ 3 KB
4 KB 255ms
190ms Image
image/png 2a00:1450:4001:82a::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/docs2-webdoxusercontent-com/customers/mail_logos/000/001/071/original/logo-manpower.png?1700259827
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c7a81c126358a3778623cf97b0bf3cea01abc9bc8f0aa795df0059aa584d304f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
x-guploader-uploadid: ABPtcPp4PFkBsH1iXH3ef3-odtatbX3gz4oKf-bCKYLZP4v4M6GwVOhwlx6Zy_2gVnSmWYgCHWqw2DMSiA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3321
last-modified: Fri, 17 Nov 2023 22:23:49 GMT
server: UploadServer
etag: "85f47930c48633704dc0945add77ecd8"
x-goog-generation: 1700259829557046
content-type: image/png
x-goog-hash: crc32c=TxB3Mg==, md5=hfR5MMSGM3BNwJRa3Xfs2A==
cache-control: public, max-age=3600
x-goog-stored-content-length: 3321
accept-ranges: bytes
expires: Wed, 29 May 2024 00:57:40 GMT

POST
H/1.1 200 NRJS-0bbc09021d14100adcc Show response
bam.nr-data.net/resources/1/ 36 B
354 B 242ms
242ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-0bbc09021d14100adcc?a=1588716053&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=2221&ck=1&ref=https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b&st=1716940658261
Requested by: Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d08878093c17f2a892cc39aa76414b9ab6b2ec850d29a5a319c2de0a00f71f39

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://firma.webdoxclm.com
access-control-allow-credentials: true
Connection: close
Content-Length: 36
x-served-by: cache-fra-eddf8230137-FRA

POST
H/1.1 200 NRJS-0bbc09021d14100adcc Show response
bam.nr-data.net/events/1/ 24 B
346 B 253ms
253ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-0bbc09021d14100adcc?a=1440133158&v=1.260.1&to=YVVUNhYCVxFWVUBQClgfcBcKAE0LWFgbXQ9XXlENSgBWEFIYXFgLUlxTEBdNWBFQXw54NnF5fgMKB1UHRRhrZgZXXFo9Ow%3D%3D&rst=2468&ck=0&s=138ffdbc40d27364&ref=https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b&ptid=4d0150b62a99bb50
Requested by: Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 28 May 2024 23:57:40 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://firma.webdoxclm.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230086-FRA

GET
H2 200 AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg==
preview.webdoxclm.com/pdf/signature/1/image/ 72 KB
72 KB 403ms
389ms Image
image/png 2606:4700:10::6816:3683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://preview.webdoxclm.com/pdf/signature/1/image/AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg==?width=300&page=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b3bb2e55e116a389fd58474c74cb519a31a91ad59e332757ee8ceb1e298490

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:41 GMT
content-security-policy: frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 28 May 2024 23:57:41 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-type: image/png
accept-ranges: bytes
cf-ray: 88b2303b0e8968f8-FRA
x-pdfimage-cost: 50.152763ms
content-length: 73407
x-xss-protection: 1; mode=block

GET
H2 200 AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg== Show response
preview.webdoxclm.com/pdf/0/111/metadata/ 10 KB
4 KB 424ms
346ms Fetch
text/plain 2606:4700:10::6816:3783
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview.webdoxclm.com/pdf/0/111/metadata/AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg==

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3783 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b147ccc84f9100c7f951ab995617b5d95be102564ef6c97cc571c8884e4a4174

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:41 GMT
content-security-policy: frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-encoding: gzip
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://firma.webdoxclm.com
cf-ray: 88b2303b7b7c8f3d-FRA
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg== Show response
preview.webdoxclm.com/pdf/0/111/image/ 0
448 KB 279ms
279ms Fetch
image/png 2606:4700:10::6816:3783
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview.webdoxclm.com/pdf/0/111/image/AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg==?page=1&width=1200&format=webp

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3783 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:41 GMT
content-security-policy: frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 28 May 2024 23:57:41 GMT
server: cloudflare
cf-cache-status: DYNAMIC
vary: Origin
content-type: image/png
access-control-allow-origin: https://firma.webdoxclm.com
accept-ranges: bytes
cf-ray: 88b2303e4d3f8f3d-FRA
x-pdfimage-cost: 141.181902ms
content-length: 458332
x-xss-protection: 1; mode=block

GET
H2 200 AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg== Show response
preview.webdoxclm.com/pdf/0/111/image/ 0
54 KB 439ms
439ms Fetch
image/png 2606:4700:10::6816:3783
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview.webdoxclm.com/pdf/0/111/image/AAAMQXBcWCtawURUIAx_xLNkOWlIBEox_9hLw-K99Yplhg==?page=2&width=1200&format=webp

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3783 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:57:41 GMT
content-security-policy: frame-ancestors https://preview.webdoxclm.com https://app.webdoxclm.com https://backend.webdoxclm.com https://firma.webdoxclm.com https://collaboration.webdoxclm.com https://backend-bugfix.webdoxclm.com https://app-bugfix.webdoxclm.com https://collaboration-bugfix.webdoxclm.com https://signature-bugfix.webdoxclm.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 28 May 2024 23:57:41 GMT
server: cloudflare
cf-cache-status: DYNAMIC
vary: Origin
content-type: image/png
access-control-allow-origin: https://firma.webdoxclm.com
accept-ranges: bytes
cf-ray: 88b2303e4d418f3d-FRA
x-pdfimage-cost: 100.477443ms
content-length: 54786
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 0cb2de53-5bbe-4fdf-8c61-355130ebd400
https://firma.webdoxclm.com/ 54 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://firma.webdoxclm.com/0cb2de53-5bbe-4fdf-8c61-355130ebd400
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21b5cbcd90131bb2170e58c9844c1c7a72f5d7fc822dd5b19ff6e7ef2b049312

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 54786
Content-Type: image/png

GET
BLOB 200
OK 540b69ee-cc9d-444d-86c4-2f9802639ef0
https://firma.webdoxclm.com/ 448 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://firma.webdoxclm.com/540b69ee-cc9d-444d-86c4-2f9802639ef0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fff5c4d28b77ac10e21170820e886e3cd122a85ef66e8d0f16195f5a4977971

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 458332
Content-Type: image/png

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
97 B 162ms
79ms XHR
application/json 107.178.240.159

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1716940665101

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 28 May 2024 23:57:45 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://firma.webdoxclm.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 50
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/engage/ 25 B
386 B 159ms
76ms XHR
application/json 107.178.240.159

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/engage/?verbose=1&ip=1&_=1716940665101

Requested by

Host: firma.webdoxclm.com
URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 28 May 2024 23:57:45 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://firma.webdoxclm.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 46
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
firma.webdoxclm.com/	1970-01-21 05:39:50	Name: csrftoken Value: Xj3DULW6dldw9uBgscqD2l9Ht8h2pKdGggMHLhlTxoil5Sv6Phlg3qHNUAXfGjWC
.webdoxclm.com/	1970-01-21 05:41:16	Name: _hjSessionUser_2842037 Value: eyJpZCI6IjI1Zjk5Y2ExLTU4MDAtNTc3Ny04MDcxLTUxZjllYzVkODBiYyIsImNyZWF0ZWQiOjE3MTY5NDA2NTkzNzksImV4aXN0aW5nIjpmYWxzZX0=
.webdoxclm.com/	1970-01-20 20:55:42	Name: _hjSession_2842037 Value: eyJpZCI6IjU0NjQ4M2I4LTQxYTgtNGU2Mi1iZTBmLTQ2NGRjMDc1OTQzMiIsImMiOjE3MTY5NDA2NTkzODAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.webdoxclm.com/	1970-01-21 05:41:16	Name: mp_7958f3d2baff92c070138cdfc943a2bb_mixpanel Value: %7B%22distinct_id%22%3A%20%22a7b478ef-c866-4329-8304-7cb54c3e8335%22%2C%22%24device_id%22%3A%20%2218fc1a35d85730-004edc916b0785-26001c51-1d4c00-18fc1a35d85730%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%20%22a7b478ef-c866-4329-8304-7cb54c3e8335%22%7D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 583798c7deb9fc7c

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
other	warning	URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://firma.webdoxclm.com/s/f6bd90d1-0044-458e-843b-7ae8ff72ee29/403e675b Message: The resource https://firma.webdoxclm.com/static/fonts/password.ba310d7242d2.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
app.webdoxclm.com
bam.nr-data.net
firma.webdoxclm.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
preview.webdoxclm.com
script.hotjar.com
static.hotjar.com
storage.googleapis.com
107.178.240.159
162.247.243.29
18.66.192.117
2602:816:5001::39
2606:4700:10::6816:3683
2606:4700:10::6816:3783
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:82a::201b
54.230.228.64
059307f3adf6acf6d544925c66c1d50c689853a7bf7648b73d30b50fb82951ee
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f38a63a4786988c8739a89b8ce5e8599ddef3c3d283eff939be3008cbeef0f8
1fff5c4d28b77ac10e21170820e886e3cd122a85ef66e8d0f16195f5a4977971
21b5cbcd90131bb2170e58c9844c1c7a72f5d7fc822dd5b19ff6e7ef2b049312
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
4675a8ce063f9f5885a692f7a273acf7eeb800abca14aac75b6707b689532f04
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5e81647487cd140f81c203fa2971bbcd61c3b88d5562c6051dd6d9e72ae18e29
817967b8ce577f2b295a6299c7850b992ea9288cb49f62d76c9a2dfaf4b49d73
8a92486ef41ee504b78ea4e9bfa83c0fb8ef4ae601b4e4095ee948560954dfd7
8c020f883cd1bf89e2a5b2d5b32acb18054c7584236ef47d43f9a2dfe961ec64
8d787513c7a1eb52ef257f2650ce47beec64a49196865484c3101f6334070f62
9148c2a745b8cfc114ac5a3e35cc70f21e0ec402d7b9b2ef0aa5a6daf111645a
b147ccc84f9100c7f951ab995617b5d95be102564ef6c97cc571c8884e4a4174
b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6
c2b3bb2e55e116a389fd58474c74cb519a31a91ad59e332757ee8ceb1e298490
c7a81c126358a3778623cf97b0bf3cea01abc9bc8f0aa795df0059aa584d304f
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
d08878093c17f2a892cc39aa76414b9ab6b2ec850d29a5a319c2de0a00f71f39
d35591462d44ee082e4d717d840b2e770ff52448f57c494a09b81eec178a62bd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74a88f8655bbfe46a6c54c1a9bb19edec8c7a42757e28a77c9668975e06b5dc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f941e01a27c4568da7a81f5cb516b5d2056b14b88cccf3c53f647bde767e0919

firma.webdoxclm.com Open in urlscan Pro 2606:4700:10::6816:3683 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

89 %HTTPS

60 %IPv6

7 Domains

11 Subdomains

11 IPs

2 Countries

1338 kBTransfer

2986 kBSize

5 Cookies

2 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

firma.webdoxclm.com Open in urlscan Pro
2606:4700:10::6816:3683 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

89 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

11
IPs

2
Countries

1338 kB
Transfer

2986 kB
Size

5
Cookies

27 HTTP transactions
1 data transactions