snowsoftware.d.pr Open in urlscan Pro
35.83.210.32  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request yakSEK Show response snowsoftware.d.pr/	6 KB 7 KB	386ms 194ms	Document text/html	35.83.210.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://snowsoftware.d.pr/yakSEK Protocol HTTP/1.1 Server 35.83.210.32 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-83-210-32.us-west-2.compute.amazonaws.com Software nginx/1.17.8 / Resource Hash 9077080a4e674afbf6c094bcbd44ef7160e4deb4d5303b17d7c8e1093fde9d08 Security Headers Name Value Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 5853 Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr Content-Type text/html; charset=utf-8 Date Fri, 20 May 2022 16:48:41 GMT ETag W/"16dd-6nC7X/vWr9Mx0HcIsynwoigD9AI" Server nginx/1.17.8
GET H2	200	bundle.2022-03-23-dcbc85b9.js Show response cdn-assets.droplr.net/dist/	4 MB 1 MB	83ms 9ms	Script application/javascript	99.86.7.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-assets.droplr.net/dist/bundle.2022-03-23-dcbc85b9.js Requested by Host: snowsoftware.d.pr URL: http://snowsoftware.d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-108.fra6.r.cloudfront.net Software nginx/1.17.8 / Resource Hash b74dd8d5985ef1faeffb2d163d4465d6f31ab7583312c7057f1ca082a0e23382 Request headers accept-language de-DE,de;q=0.9 Referer http://snowsoftware.d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 07 May 2022 19:35:14 GMT content-encoding gzip last-modified Wed, 23 Mar 2022 08:20:07 GMT server nginx/1.17.8 age 1113207 etag W/"3d7ff7-17fb5dc96d8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 x-amz-cf-pop FRA6-C1 x-amz-cf-id lkwKA0RLoNmqLsPos39Ob0oqZzmjCk5Oimhzbx97sgf6sY2Wm_MnWQ== via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
GET H2	200	app.2022-03-23-dcbc85b9.css cdn-assets.droplr.net/dist/style/	220 KB 40 KB	82ms 9ms	Stylesheet text/css	99.86.7.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-assets.droplr.net/dist/style/app.2022-03-23-dcbc85b9.css Requested by Host: snowsoftware.d.pr URL: http://snowsoftware.d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-108.fra6.r.cloudfront.net Software nginx/1.17.8 / Resource Hash 13d56ce6b73f94f5813a8e2e373c021cdf835b413214598b90e0f5d495199446 Request headers accept-language de-DE,de;q=0.9 Referer http://snowsoftware.d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 18 May 2022 19:36:18 GMT content-encoding gzip last-modified Wed, 23 Mar 2022 08:20:07 GMT server nginx/1.17.8 age 162743 etag W/"36e0b-17fb5dc96d8" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 x-amz-cf-pop FRA6-C1 x-amz-cf-id iVwEW8XCjnwHO3Lv61t56x8FeMOvibG5u2qiF71wAX3MUMBw2_s5cg== via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
GET H2	200	dfa16d9872.js Show response use.fontawesome.com/	9 KB 4 KB	53ms 22ms	Script text/javascript	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/dfa16d9872.js Requested by Host: snowsoftware.d.pr URL: http://snowsoftware.d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45 Request headers accept-language de-DE,de;q=0.9 Referer http://snowsoftware.d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6290 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id ENW2WATQQWC312W5 x-amz-id-2 ul35/6Qvk6XK1jnCIV64jzTc33a8sxctAUqLWZvk0pbfF3WuaxKrNnSer5FOtM1sr66NnE4cIvE= last-modified Thu, 01 Jul 2021 15:46:56 GMT server cloudflare etag W/"c8b10da870c9c32e92ca93daaf3395cc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aGMKEeQOoib0fmfl6DjNOocHE1LerpjvNKIOEk%2FEyhFs7F6PHh0pZJuaQB22gskhFMUCE7ClaMM1%2Bwf%2FOY42FEY90l451OfBu7mJEEMUDyuZ50Ct2dNYoDkTrOJrkjHFoQLVIrqfzjgkuBe7gGdTYlQ"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=1800 cf-ray 70e68fb43f8990ec-FRA
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	132ms 46ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Requested by Host: snowsoftware.d.pr URL: http://snowsoftware.d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aa68c1e4029b55067a716a3af23be63487c238d2dd4adf9408b52d3503e6373a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://snowsoftware.d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 May 2022 16:48:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 20 May 2022 16:48:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 May 2022 16:48:41 GMT
GET H2	200	css fonts.googleapis.com/	30 KB 2 KB	133ms 47ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500 Requested by Host: snowsoftware.d.pr URL: http://snowsoftware.d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8b81f497e610375bb66226983941840eeccc35fe056703aa34960aeca4ee7e77 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://snowsoftware.d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 May 2022 16:48:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 20 May 2022 16:48:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 May 2022 16:48:41 GMT
GET H2	200	dfa16d9872.css use.fontawesome.com/	1 KB 766 B	20ms 19ms	Stylesheet text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/dfa16d9872.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a Request headers accept-language de-DE,de;q=0.9 Referer http://snowsoftware.d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5720 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 5RFQYKM7C3KAET7Q x-amz-id-2 aLiL53F3Z6kVLIj93rTbRuMuk/hvG2OJnLcgrKhmvrasbr6Gs2xhAKeprTYgZxNZYnTKC4EaUXI= last-modified Thu, 01 Jul 2021 15:46:56 GMT server cloudflare etag W/"a4b6d93743fb746387a1c530958fd725" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TOm8AFIY2agqVw9xWz1XktPC868VNAVNO9x2XY%2FYgMFxgtawCevI1m9a0%2BJB93vpRmVj1bJFOgfMrDH50u7xEJDnEQA9RVkL9lVye3rgsnAL6gBJa8SOqCUVS97btM6meR5wR9rC%2F7ZxJcKz6s0Q3ba"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 70e68fb46fc490ec-FRA
GET H2	200	yakSEK Show response d.pr/ Frame 967E	15 KB 16 KB	710ms 334ms	Document text/html	52.34.165.185 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.pr/yakSEK Requested by Host: snowsoftware.d.pr URL: http://snowsoftware.d.pr/yakSEK Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.34.165.185 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-34-165-185.us-west-2.compute.amazonaws.com Software nginx/1.17.8 / Resource Hash fee2635e229fb8ab2e93e4589c97fc66e6f6afe5ea2d40885336ad02072dee7c Security Headers Name Value Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr Request headers Referer http://snowsoftware.d.pr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 15603 content-security-policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr content-type text/html; charset=utf-8 date Fri, 20 May 2022 16:48:42 GMT etag W/"3cf3-/7y1tiek+oEfWHXRmV+Kz0jsnX4" server nginx/1.17.8
GET H3	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/	30 KB 7 KB	25ms 25ms	Stylesheet text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers accept-language de-DE,de;q=0.9 Referer https://use.fontawesome.com/dfa16d9872.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 9971044 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 6GF0CWA6RHGCSRNW x-amz-id-2 QWWXgZjVQLhJg7PqsyyrYYK6e7VSU1aVrTd7grpvIPFDb0K063bVp3YUAifq/Ai6lDtupej72k8= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag W/"36082410df2ef7f83932219089dc1443" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lczSYyDeVVHwRKMHCzyKkSU30aAuKA2mlFjpzSc4DJYHOQRQaTICiKMIm2DGdywGJRpkCOFc7H624%2FKTFjg4wdtHN2wHEM40q%2F6LToDrpA3yQIOhjkYsY792G1NSdx3WSaGEnqosD1gxEt8uNY6T6Hdu"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 70e68fb488cb9018-FRA
GET H3	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.7.0/fonts/	75 KB 76 KB	245ms 229ms	Font application/font-woff2	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://use.fontawesome.com/dfa16d9872.css Origin http://snowsoftware.d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:41 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id DN7FTM73PCMTF8KH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 x-amz-id-2 v54krUmSqEzNjTqhp7xffJKQOQVFKlXo2V+85uJAnugLbyTad3nyTBd7kdqEEq505iHp4Rsa0g0= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVWUBfA4xvyo4uoFbEcKCdFQf59xqtv4qkYp9StuxiohAxzF1QiTPlOsey1x57aaGerDcy1coqwcmCzfxZbqt0%2B2jF3MxaTgMZTFmDKhPKMrrrIhAXoGBaE8ELnxvY4hL8ur9apngaMVHwsYarbdNCt7"}],"group":"cf-nel","max_age":604800} content-type application/font-woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 70e68fb4dc4f9bb0-FRA
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	122ms 38ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://snowsoftware.d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 18 May 2022 19:23:45 GMT x-content-type-options nosniff age 163496 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 19:23:45 GMT
GET H2	200	bundle.2022-03-23-dcbc85b9.js Show response cdn-assets.droplr.net/dist/ Frame 967E	4 MB 1 MB	9ms 8ms	Script application/javascript	99.86.7.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-assets.droplr.net/dist/bundle.2022-03-23-dcbc85b9.js Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-108.fra6.r.cloudfront.net Software nginx/1.17.8 / Resource Hash b74dd8d5985ef1faeffb2d163d4465d6f31ab7583312c7057f1ca082a0e23382 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 07 May 2022 19:35:14 GMT content-encoding gzip last-modified Wed, 23 Mar 2022 08:20:07 GMT server nginx/1.17.8 age 1113208 etag W/"3d7ff7-17fb5dc96d8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 x-amz-cf-pop FRA6-C1 x-amz-cf-id -gFxdZtJLLkijjdD0QstvtzinqsQyiiGAueAIYVPVthLKnaDLhp0pw== via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
GET H2	200	app.2022-03-23-dcbc85b9.css cdn-assets.droplr.net/dist/style/ Frame 967E	220 KB 40 KB	11ms 10ms	Stylesheet text/css	99.86.7.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-assets.droplr.net/dist/style/app.2022-03-23-dcbc85b9.css Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-108.fra6.r.cloudfront.net Software nginx/1.17.8 / Resource Hash 13d56ce6b73f94f5813a8e2e373c021cdf835b413214598b90e0f5d495199446 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 18 May 2022 19:36:18 GMT content-encoding gzip last-modified Wed, 23 Mar 2022 08:20:07 GMT server nginx/1.17.8 age 162744 etag W/"36e0b-17fb5dc96d8" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 x-amz-cf-pop FRA6-C1 x-amz-cf-id LuA6VJr-ghtfdbOsbaRckv6KAUIeRL9P7uppt_Tr5iRb0MLt97bPeg== via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
GET H3	200	dfa16d9872.js Show response use.fontawesome.com/ Frame 967E	9 KB 4 KB	25ms 24ms	Script text/javascript	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/dfa16d9872.js Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id NQE0615PGN5NCT3Y x-amz-id-2 DLWOCad7zU8n0MDOiKx+Eo/tO3DE3l4zyfP+NA7XaQRNM7bK9QuAAG65qyHmNSMb+SCumTjOoHU= last-modified Thu, 01 Jul 2021 15:46:56 GMT server cloudflare etag W/"c8b10da870c9c32e92ca93daaf3395cc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUT3PQjmPEmPsIX0gtgAzdhOUjrGEoQOf2G19pz8CmGojkYVTyYxlNJrp5EW1Q0evQI0cDVeAO1T1FYhEBQoBmJ93qoAtHvrdBubX7WHCeiGhSuW5ftJ83JT5kL6PI4J03GeE8m1xhHlqv4Jnek5tkbn"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=1800 cf-ray 70e68fb978859018-FRA
GET H3	200	css fonts.googleapis.com/ Frame 967E	11 KB 869 B	135ms 55ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aa68c1e4029b55067a716a3af23be63487c238d2dd4adf9408b52d3503e6373a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 May 2022 16:46:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 20 May 2022 16:48:42 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 May 2022 16:48:42 GMT
GET H3	200	css fonts.googleapis.com/ Frame 967E	30 KB 2 KB	130ms 51ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500 Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8b81f497e610375bb66226983941840eeccc35fe056703aa34960aeca4ee7e77 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 May 2022 16:48:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 20 May 2022 16:48:42 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 May 2022 16:48:42 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 967E	153 KB 47 KB	129ms 46ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 597f8d43eb8b637efea94714d3fc58ddd856a2657d2265f5b3e9af51a76572d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47724 x-xss-protection 0 last-modified Fri, 20 May 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 20 May 2022 16:48:42 GMT
GET H3	200	dfa16d9872.css use.fontawesome.com/ Frame 967E	1 KB 1023 B	21ms 21ms	Stylesheet text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/dfa16d9872.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2414 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id ZECWX3VPHAJCGY30 x-amz-id-2 hoS9a+AogrzLJMxpP201vqb6BllyWmRPz963Eclll/KgF09z+A+TCuyuJ8tq5MdEM/3g646dT0E= last-modified Thu, 01 Jul 2021 15:46:56 GMT server cloudflare etag W/"a4b6d93743fb746387a1c530958fd725" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBlx4EZVGP373zhl%2FpH43QqpqwdJZs3HsXtIzhYaDD8fFFZSPtlJwIhM4EY9ucZXe665BHpOXgltpLK4WPdSx2ZYIXEjptWGvXYJEBw0IcxqdRAzDWHUFC1nzXCn8VbrdNHo5jLgZFyaMrdnXaqHIrxx"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 70e68fb9a8cb9018-FRA
GET H3	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/ Frame 967E	30 KB 7 KB	25ms 25ms	Stylesheet text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers accept-language de-DE,de;q=0.9 Referer https://use.fontawesome.com/dfa16d9872.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 9971045 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 6GF0CWA6RHGCSRNW x-amz-id-2 QWWXgZjVQLhJg7PqsyyrYYK6e7VSU1aVrTd7grpvIPFDb0K063bVp3YUAifq/Ai6lDtupej72k8= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag W/"36082410df2ef7f83932219089dc1443" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ijs42%2B3snIRQ%2BS84cKYg9MOWr7WUKwFB6vCbATCTqwhllyoapX4kIO0M8ytClx%2FX2d5I%2F53YgIU%2FXrfRA9OTxI9tp%2FqUqoFrFUXS%2BhvSVt7NLLKFd8Lqf3B0ZE6YofO6SDDHAL8SUVA78%2FLCX%2B0KVpPj"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 70e68fb9c9129018-FRA
GET H3	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.7.0/fonts/ Frame 967E	75 KB 76 KB	25ms 25ms	Font application/font-woff2	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://use.fontawesome.com/dfa16d9872.css Origin https://d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:42 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 9970787 cf-ray 70e68fb9ff869bb0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 x-amz-id-2 r0QmPQez49AoBs1oG9iE1R7TgxwuIloIAhOc3rQhLghwWacnvRs6B1XqvBRpIEaaV0LtpRp9iCA= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgATc38C4DMa5JaZFpmPTElFDaHSEeiAtAPtt3GR1mIXnAwCeZDwF36Jd5SaryVUb4dp4kCPvw7tP9jimwd0scV0IyW4PybjJHH2gGapuiCIn%2BGHNPXqEyMOhTcxGE13i%2B6jbcBhhQnghW5MzC0EpHQA"}],"group":"cf-nel","max_age":604800} x-amz-request-id Y5PK3EQQGDQTE5YP access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes content-type application/font-woff2
POST H2	200	view Show response d.pr/api/drops/yakSEK/ Frame 967E	1 KB 2 KB	364ms 363ms	XHR application/json	52.34.165.185 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.pr/api/drops/yakSEK/view Requested by Host: cdn-assets.droplr.net URL: https://cdn-assets.droplr.net/dist/bundle.2022-03-23-dcbc85b9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.34.165.185 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-34-165-185.us-west-2.compute.amazonaws.com Software / Resource Hash 1f0901b171d87aac76b980fa156677100369e5048fab7ffcc91008963f5ccdfc Security Headers Name Value Strict-Transport-Security max-age=31557600; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://d.pr/yakSEK accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 20 May 2022 16:48:43 GMT content-type application/json; charset=utf-8 etag W/"4bf-0DLChotxYy4K1CZI/D9dzMu9oME" content-length 1215 strict-transport-security max-age=31557600; includeSubDomains access-control-expose-headers X-Droplr-Authorization,x-droplr-errorcode,x-droplr-errordetails,X-Has-More,X-Results-Count
GET H2	200	include.js Show response app.raaft.io/ Frame 967E	8 KB 3 KB	270ms 157ms	Script application/javascript	2a00:1450:4001:813::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.raaft.io/include.js?appId=A7H0mjU0vLzU6VCSE75V Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 5f2b2d6fca7624e3fbad02a3f044b3136008a97657b7d3ef855dc1a5b4e50afe Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff last-modified Tue, 01 Jan 1980 00:00:01 GMT server Google Frontend etag W/"206c-49773873e8" x-download-options noopen vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 59ccfc53a59a2f5ac36167af5eaf4a3a cache-control public, max-age=0 date Fri, 20 May 2022 16:48:43 GMT x-dns-prefetch-control off content-length 2316 x-xss-protection 1; mode=block
GET H2	200	389337_3d22f450-3b9c-11eb-90f7-97a28b66f8c9 cdn-sec.droplr.net/logos/ Frame 967E	57 KB 58 KB	119ms 10ms	Image image/png	99.86.7.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-sec.droplr.net/logos/389337_3d22f450-3b9c-11eb-90f7-97a28b66f8c9?response-content-disposition=inline&Expires=1653065382&Key-Pair-Id=APKAJTEIOJM3LSMN33SA&Signature=J1lXQLDGER4hLOZ5yKAOepvxrtzzTxeADntQEXIFmCThOn4cQZW2MhpHK0lJMk2NG-JKUmqjkCMuALo~c5EMCU4fmbomgMEIvLklpyRWQom60yT2GhJmCllU9Q4L~y0H4FaeU8LfuFigmWSlv2YwExHjAwlArwnoM4stMt4pGXM_ Requested by Host: d.pr URL: https://d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-49.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash a66f5266f23a7821e1bab4321ab32ceb328927c6d28c8ec09c490740e2dd5977 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 16 May 2022 05:31:24 GMT via 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront) last-modified Fri, 11 Dec 2020 10:33:00 GMT server AmazonS3 age 386239 etag "39b0f56e0b4427fb160971366d82e618" x-cache Hit from cloudfront content-type image/png content-disposition inline x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 58673 x-amz-cf-id jHzdNuxycXLKIsomrP6IJ9CExuvLpas1XKKuvDVIOlDvjB_zK25g6w==
GET DATA	200 OK	truncated / Frame 967E	883 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b7713e90927b19fa636fb5700303752591552a3890172fe9497d459fb6ea31ad Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/ Frame 967E	13 KB 13 KB	112ms 38ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 18 May 2022 19:23:45 GMT x-content-type-options nosniff age 163497 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 19:23:45 GMT
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/ Frame 967E	13 KB 13 KB	116ms 42ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Wed, 18 May 2022 19:24:52 GMT x-content-type-options nosniff age 163430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13052 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:09:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 19:24:52 GMT
GET H2	200	optimize.js Show response www.google-analytics.com/gtm/ Frame 967E	93 KB 37 KB	136ms 46ms	Script application/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=GTM-N36GL2J Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a9dbe30d96e147056f4dc8d0527b22bd9fbf7b8cb945b990d27581d9bb4dfd49 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37278 x-xss-protection 0 last-modified Fri, 20 May 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 20 May 2022 16:48:42 GMT
GET H2	200	2285731.js Show response js.hs-scripts.com/ Frame 967E	1 KB 929 B	224ms 135ms	Script application/javascript	2606:4700::6811:d4cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/2285731.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d46bbfb9c8393e6751f4f632415291f579a56fa1c848a58b99401e11e7043ad1 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:43 GMT content-encoding br vary Accept-Encoding cf-cache-status EXPIRED x-hubspot-correlation-id 968a6a44-42cb-4c55-9258-4e2418a9bcc8 last-modified Fri, 20 May 2022 16:44:23 GMT server cloudflare x-trace 2B1C59053F2F70C8B62DC286642AB7AF577187F363000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://d.pr cache-control public, max-age=60 access-control-allow-credentials true cf-ray 70e68fbc988a92b9-FRA expires Fri, 20 May 2022 16:49:43 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame 967E	49 KB 20 KB	116ms 37ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4437 date Fri, 20 May 2022 15:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 20 May 2022 17:34:46 GMT
GET H2	200	2285731.js Show response js.hs-banner.com/ Frame 967E	61 KB 16 KB	66ms 32ms	Script text/javascript	2606:4700:4400::6812:21ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/2285731.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2285731.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6707ec7d090573943f18c7a21d74742963c9d133c4387ef6b8d597651b58401 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:43 GMT content-encoding br cf-cache-status HIT age 259 x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-request-id F6PP5PTV6S8E942A x-amz-id-2 i9clfsRQhFiIi/6PuFpzHLbB7MMDsnQdcDuIAM55wFcefui7nKh9PRxeYC6bNNP3nmu89guJmWk= timing-allow-origin * last-modified Thu, 17 Feb 2022 20:46:17 GMT server cloudflare etag W/"e970d9b69781aa125fd13d613e204fa1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id qlkG936qxocTyAwD1jMZRVZeOfJN2CHL access-control-allow-origin https://d.pr access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 70e68fbdbbc29b4c-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Fri, 20 May 2022 16:49:24 GMT
GET H2	200	2285731.js Show response js.hs-analytics.net/analytics/1653065100000/ Frame 967E	62 KB 20 KB	193ms 175ms	Script text/javascript	2606:4700::6811:43b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1653065100000/2285731.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2285731.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e75e0a7e2998891548305ddb875560c1194a61620add236be105093c267deed8 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:43 GMT content-encoding br cf-cache-status MISS x-amz-request-id PVPVM8KGP0VKSZHK x-amz-server-side-encryption AES256 cf-ray 70e68fbd9bbf68e9-FRA x-amz-id-2 xHcPHL56E3KTXbyPN6VXOAWE46Y3cxA+Nomot/Fo5l/tIaNMqpo3ulW6WCzYmTRFOpSfvs0AL9c= last-modified Thu, 14 Apr 2022 15:12:35 GMT server cloudflare etag W/"240cf5a6528d793edd8e0d517c687a96" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id null cache-control max-age=300, public access-control-allow-credentials false content-type text/javascript expires Fri, 20 May 2022 16:53:43 GMT
GET H2	200	conversations-embed.js Show response js.usemessages.com/ Frame 967E	80 KB 22 KB	55ms 30ms	Script application/javascript	2606:4700::6811:efcc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2285731.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 101c817c991baecc23fa099b2bde2f4c610b52bfb16b012ee40dd119412e05a5 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:43 GMT via 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront) cf-cache-status HIT age 197 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10080/bundles/project.js&cfRay=70e68aee6c55920b-IAD x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br last-modified Thu, 19 May 2022 04:12:33 UTC server cloudflare etag W/"4691c28d0a6c8e3e793f076aacf5f2b9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id ArLUtBryiag6MbIVrwUeU1IsRkfBdWdD cache-control max-age=600 x-hs-cache-status HIT x-amz-cf-pop IAD89-P1 cf-ray 70e68fbdae8e926b-FRA x-amz-cf-id 1iTDERKNB20YWidnBXn_lmgz4y42N4N7APaNcgmbmAxgPWZN5yrMsg== x-hs-target-asset conversations-embed/static-1.10080/bundles/project.js
OPTIONS H2	200	public api.hubspot.com/livechat-public/v1/message/ Frame	0 0	182ms 141ms	Preflight text/plain	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.10080&mobile=false&messagesUtk=c9b05b4ba52e4451b7b38e8f2a65146c&traceId=c9b05b4ba52e4451b7b38e8f2a65146c&referrer=http%3A%2F%2Fsnowsoftware.d.pr%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers x-hubspot-messages-uri Access-Control-Request-Method GET Origin https://d.pr Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://d.pr allow HEAD,GET,OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 70e68fbe3a309a1b-FRA content-length 18 content-type text/plain; charset=utf-8 date Fri, 20 May 2022 16:48:43 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lmVN%2BWVeLAEI3sgMkBsjZyanpuSl73Krh%2BsaGuX3H0GlqGa1%2FToGLitOpgNR01dLQDht7rNWzWf7vzBSyCfovhaRvE5HUCtmTOV5rS0yauwKpN9wGvTTMrCFwDLWwAFweqm0Vj8gKnOolKmGQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-hubspot-correlation-id 52948d81-f99b-42f6-b592-430a71ff8066 x-trace 2BB6C4BD81F590A8A868AF2C69FAB7CBF0B59047ED000000000000000000
GET H3	200	public Show response api.hubspot.com/livechat-public/v1/message/ Frame 967E	253 B 1 KB	440ms 428ms	XHR application/json	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.10080&mobile=false&messagesUtk=c9b05b4ba52e4451b7b38e8f2a65146c&traceId=c9b05b4ba52e4451b7b38e8f2a65146c&referrer=http%3A%2F%2Fsnowsoftware.d.pr%2F Requested by Host: cdn-assets.droplr.net URL: https://cdn-assets.droplr.net/dist/bundle.2022-03-23-dcbc85b9.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75b5c4f03a48d06a30f3c1267dec4b8c9b9ce993f835cc2b3db4b077283a5e7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Referer https://d.pr/ accept-language de-DE,de;q=0.9 X-HubSpot-Messages-Uri https://d.pr/yakSEK Response headers date Fri, 20 May 2022 16:48:43 GMT access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 38d7b904-46fe-4a28-aad6-f002a7cf4fc2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 253 server cloudflare x-trace 2B361009AF49730B8CC5E18C17236CDA38B3020481000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BaMdwt9MTk1Ht%2Bp%2FE2dTT%2BkZ4CWheNw2SlD2W27D%2Bvz%2BJZhIxlwg8IIH8Suuf4yCxcEwYgaxM9mzKERTrdHPKQNihTh6auCNZWhm0wtfdPMxgbk7B6qfUcn0JfI07NmtD9Mn9l68kGqcw6xFw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://d.pr cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 access-control-allow-credentials false cf-ray 70e68fbf2dbd9225-FRA access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
GET H2	200	__ptq.gif track.hubspot.com/ Frame 967E	45 B 961 B	155ms 137ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3605317381&v=1.1&a=2285731&r=http%3A%2F%2Fsnowsoftware.d.pr%2F&pu=https%3A%2F%2Fd.pr%2FyakSEK&t=04570215.zip+-+Droplr&cts=1653065323315&vi=86a5e450ce36770a1077ded24d994018&nc=true&cc=15 Requested by Host: snowsoftware.d.pr URL: http://snowsoftware.d.pr/yakSEK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 16:48:43 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 223a048b-1d11-4456-8138-ddc13bfc330e cf-ray 70e68fbee9dd920e-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH55SQyjUKZDN8CuhixdD3V5RTulbXhAfTRz0vNvn4aViFZgy3%2FCZNJ7sXPV9oRdvBBGpxhphpU7FlP3y67dXYcUJ6XQVeSkjuZ9CFQpKNawOU3TKxsbwpv6ld8jKQJ11V20w2oJoMJtRNhEhnjI"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| FontAwesomeCdnConfig string| cssUrl object| iframe string| host string| covideoHost

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			snowsoftware.d.pr/	1970-01-20 03:21:10	Name: AWSALB Value: sMyNs+znIqZCY90MUgmiY6ExZieLxEh1zgVoIF4GYJbQyBsKjKJ8DwwxtmPSUhHN7hPut9Aolt4ozzMXvavPs3C/A8f9NuODgYx7fSXtjyuR7BWKzpGK9q9VXDVn
			d.pr/	1970-01-20 03:21:10	Name: AWSALBCORS Value: vElUXxOHwaLA5xhhYevBe2zTWz1Q4COPg6zztOaNc6Dow3hMrfRR734qYOYaj7kHnfxMmLxfH9kfs+lZ4VUY/q3jKEsluUA7N3mlwa54vIRft7KVtF3PtquWi4vxQtv69FA8u2eU/XzytrRem219iMsSUq2ufebc26zf7rmKaI0jn+UwaYzQd/J1n/1uHg==
			.hubspot.com/	1970-01-20 03:11:07	Name: __cf_bm Value: rjBP7VLwW1YPWaK.uNSv9auosh3JEiz5a.2CBZeKhDY-1653065323-0-AeKd/GnGB5jrhYC6CVqFUgGtMKH6YnMtHWfNRVcmRFevII9uK4fmZ4Ym5fFYU7PwCTFD2XiAybRi9ZxavpXjMnw=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.raaft.io
cdn-assets.droplr.net
cdn-sec.droplr.net
d.pr
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
snowsoftware.d.pr
track.hubspot.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
2606:4700:4400::6812:21ab
2606:4700::6811:43b0
2606:4700::6811:d4cc
2606:4700::6811:efcc
2606:4700::6813:9b53
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:813::2013
2a06:98c1:3121::a
35.83.210.32
52.34.165.185
99.86.7.108
99.86.7.49
101c817c991baecc23fa099b2bde2f4c610b52bfb16b012ee40dd119412e05a5
13d56ce6b73f94f5813a8e2e373c021cdf835b413214598b90e0f5d495199446
1f0901b171d87aac76b980fa156677100369e5048fab7ffcc91008963f5ccdfc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
597f8d43eb8b637efea94714d3fc58ddd856a2657d2265f5b3e9af51a76572d7
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5f2b2d6fca7624e3fbad02a3f044b3136008a97657b7d3ef855dc1a5b4e50afe
75b5c4f03a48d06a30f3c1267dec4b8c9b9ce993f835cc2b3db4b077283a5e7f
8b81f497e610375bb66226983941840eeccc35fe056703aa34960aeca4ee7e77
9077080a4e674afbf6c094bcbd44ef7160e4deb4d5303b17d7c8e1093fde9d08
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a66f5266f23a7821e1bab4321ab32ceb328927c6d28c8ec09c490740e2dd5977
a9dbe30d96e147056f4dc8d0527b22bd9fbf7b8cb945b990d27581d9bb4dfd49
aa68c1e4029b55067a716a3af23be63487c238d2dd4adf9408b52d3503e6373a
b74dd8d5985ef1faeffb2d163d4465d6f31ab7583312c7057f1ca082a0e23382
b7713e90927b19fa636fb5700303752591552a3890172fe9497d459fb6ea31ad
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c6707ec7d090573943f18c7a21d74742963c9d133c4387ef6b8d597651b58401
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a
d46bbfb9c8393e6751f4f632415291f579a56fa1c848a58b99401e11e7043ad1
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e75e0a7e2998891548305ddb875560c1194a61620add236be105093c267deed8
fee2635e229fb8ab2e93e4589c97fc66e6f6afe5ea2d40885336ad02072dee7c