d.pr Open in urlscan Pro
35.166.230.116  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request W515jx Show response d.pr/i/	31 KB 31 KB	621ms 222ms	Document text/html	35.166.230.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.pr/i/W515jx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.166.230.116 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-166-230-116.us-west-2.compute.amazonaws.com Software nginx/1.17.8 / Resource Hash 03b54792e6c7a755d10ca730aee25ea66eb9ddc4f987960185d66e7415a3d7ef Security Headers Name Value Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://d.pr https://d.pr Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 31404 content-security-policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://d.pr https://d.pr content-type text/html; charset=utf-8 date Wed, 07 Jun 2023 02:41:39 GMT etag W/"7aac-aibRAxFxSCRaTFjcBxRHIVfxtm0" server nginx/1.17.8
GET H2	200	W515jx cdn-std.droplr.net/files/acc_880447/	114 KB 115 KB	38ms 12ms	Image image/png	18.66.147.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-std.droplr.net/files/acc_880447/W515jx Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-24.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 718245f5389c68c726e9d99dd58de0f339687007c0518dc6eaed9ea5d1aeb724 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:25:36 GMT via 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront) last-modified Wed, 07 Jun 2023 02:23:39 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 964 etag "f41af23d8714672ba5514901beafb4a3" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png content-disposition attachment; filename="Screen Shot 2023-06-07 at 09.23.28.png" accept-ranges bytes content-length 116941 x-amz-cf-id jixubYdMtgpVSI2hmGeJbX8FgP7FCGP9KXw_LBwSg6JSa_9E9vZTYw==
GET H2	200	bundle.2023-05-24-8956445d.js Show response cdn-assets.droplr.net/dist/	4 MB 1 MB	49ms 19ms	Script application/javascript	13.224.189.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-assets.droplr.net/dist/bundle.2023-05-24-8956445d.js Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-81.fra2.r.cloudfront.net Software nginx/1.17.8 / Resource Hash b4c69370d0e4a3749db13d21911afa808444977742c4a2a909582899d145297b Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 24 May 2023 15:28:50 GMT content-encoding gzip via 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront) last-modified Wed, 24 May 2023 15:26:54 GMT server nginx/1.17.8 x-amz-cf-pop FRA2-C1 age 1163569 etag W/"3f85fc-1884e5ec630" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 x-amz-cf-id EMozM9Fx16YZZbqWZd3XV5jALl7Mh-eu8Zoz2zMJyXEfkLGNom6JHw==
GET H2	200	app.2023-05-24-8956445d.css cdn-assets.droplr.net/dist/style/	222 KB 40 KB	39ms 10ms	Stylesheet text/css	13.224.189.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-assets.droplr.net/dist/style/app.2023-05-24-8956445d.css Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-81.fra2.r.cloudfront.net Software nginx/1.17.8 / Resource Hash b93e205b7b02c0892ce6e2527636247f751e728e92985da588ec99278d0a8cea Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 24 May 2023 15:28:50 GMT content-encoding gzip via 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront) last-modified Wed, 24 May 2023 15:26:54 GMT server nginx/1.17.8 x-amz-cf-pop FRA2-C1 age 1163569 etag W/"37631-1884e5ec630" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 x-amz-cf-id sdZ0vacDheb_U3aYXHRUgv-53TiktsJsDiszAFpwMdiK61dTDA_MCw==
GET H2	200	dfa16d9872.js Show response use.fontawesome.com/	9 KB 4 KB	35ms 17ms	Script text/javascript	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/dfa16d9872.js Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 7XWSBRGWMGV19GJ8 age 2088 alt-svc h3=":443"; ma=86400 x-amz-id-2 kYagO9G/oJ1rTPhpOpJI1yTpknOvbSCuUYYW6wYZMxJ8j9TdkwCm6Qj/XgFk3Pi+SeZASPI9Hzc= last-modified Thu, 01 Jul 2021 15:46:56 GMT server cloudflare etag W/"c8b10da870c9c32e92ca93daaf3395cc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KS%2BykWlOKgyQJWcCfKlSjbN9JQLACkKItLaxxlaiQOf10DupqX88ofXl82tE0kiZDDIbOT%2ByTntR4nR6l91PZYcf%2Bw%2BHjVq%2BW7JoUJULAXmRG2pjFLkD43gGjrGSXyYmjWFF%2BX7fMdC68YygJF2uuHM3"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=1800 cf-ray 7d35898f5c0b3815-FRA
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	42ms 20ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a4e2a19abcc624f9217859561c067dae2115d71a56fb79334f12335a6627580e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 07 Jun 2023 02:41:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:41:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 07 Jun 2023 02:41:39 GMT
GET H2	200	css fonts.googleapis.com/	36 KB 2 KB	45ms 23ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500 Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eef818d35a07761032033feaeb88420ddfb0f923c6433b7533f42c68897a3f0f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 07 Jun 2023 02:41:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 07 Jun 2023 02:41:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 07 Jun 2023 02:41:39 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	217 KB 69 KB	64ms 28ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e00a86b0972929c0861006a08a71251029dd02c3bb5985f93d9339d76db1a11e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69893 x-xss-protection 0 last-modified Wed, 07 Jun 2023 01:19:19 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 07 Jun 2023 02:41:39 GMT
GET H2	200	dfa16d9872.css use.fontawesome.com/	1 KB 757 B	28ms 12ms	Stylesheet text/css	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/dfa16d9872.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id W3KB73FN2J7T15TN age 2088 alt-svc h3=":443"; ma=86400 x-amz-id-2 Qf63TqU6gYexKLjAAwLdPTxNErLp+K8iHzeomwX98UICuqHbyCUC0dLR0sISmd5y0eKUaIiuaco= last-modified Thu, 01 Jul 2021 15:46:56 GMT server cloudflare etag W/"a4b6d93743fb746387a1c530958fd725" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKfaa1a6QTitnAVzPCA6igu9iAMESEO6k1%2BFqPOFbylRUjlV8yWNZqFGlW1d3Dw6TEMCYlcLmOnToB9VtDJNDqXP7u6DbGMgO2NVMtWhY4V30ASvWMNtyz2UdNJiTpit09lfzGO7EQbEI5GNXY6AAN1I"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 7d35898fac303815-FRA
GET H3	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/	30 KB 7 KB	17ms 16ms	Stylesheet text/css	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers accept-language de-DE,de;q=0.9 Referer https://use.fontawesome.com/dfa16d9872.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 0QHPNNV7SX3T19DE age 456270 alt-svc h3=":443"; ma=86400 x-amz-id-2 CoMe04ILtaoTXdOMXkJEi15AhFfSutZooRZsH6QXwumQhNmZldTwXFqKQx0Qe3L0dX8kCpXO6rQ= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag W/"36082410df2ef7f83932219089dc1443" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mzOqnmm9WrPavaGljxm5CxWJabh8rif7SPdFrbe4IDBoSGJlwkBfS78AfYt2I7c5BkmFF75bol%2Fs4v5BqR93qlk%2Fd1g6vTKY63z%2BF6xSrfiwU%2FAB3N1IZ%2BvhUMOYKRcqUkZ63cMGucHJTrbWziH4w93"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 7d35898fdcc4373d-FRA
GET H3	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.7.0/fonts/	75 KB 76 KB	29ms 13ms	Font application/font-woff2	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/dfa16d9872.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://use.fontawesome.com/dfa16d9872.css Origin https://d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 36R4NX58DKKQ0JQ1 age 719785 alt-svc h3=":443"; ma=86400 content-length 77160 x-amz-id-2 rMKq8rYxawjeODxAWHyMr1rKPPgSE01oRUKfOGFxNL/Kjh1wnMPqJ0fIN5lbzdkEbZWBs8g02+s= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baSsrI0wZfRseG7%2Fre069WRHETBvjBg2yFAfEZ7inSeRI%2Fg7b5A%2Fj4fwbNYF%2F61sUCdNR2vSWFa7KMsgShET9J9uMBOY%2F2UlE5UgfIytGbmPEo8%2F3fDev%2BiTTwlgsy7ovY1RQIJi64hKIjmkLHGs4ayX"}],"group":"cf-nel","max_age":604800} vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control max-age=31556926 accept-ranges bytes cf-ray 7d3589901baf9208-FRA
GET H2	404	optimize.js www.google-analytics.com/gtm/	0 0	35ms 15ms	Script text/html	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=GTM-N36GL2J Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers
GET H2	200	2285731.js Show response js.hs-scripts.com/	1 KB 1 KB	388ms 371ms	Script application/javascript	2606:4700::6812:883b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/2285731.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:883b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a9b4d9c7220c29a2f5b90c40402d71656e2d2453cf70c29dbfd612ace0172d4 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:40 GMT content-encoding br cf-cache-status EXPIRED x-hubspot-correlation-id 4b73ff06-cd26-4e53-aed6-0dae14cfbb64 x-evy-trace-route-service-name envoyset-translator x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 12513269-e15f-4e35-abf8-6ffa03908526 last-modified Wed, 07 Jun 2023 02:10:37 GMT server cloudflare x-trace 2B64FB86834441033C13190F1D496855F95D341831000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://d.pr x-evy-trace-virtual-host all cache-control public, max-age=60 access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-c5nrx cf-ray 7d3589903b0f9101-FRA expires Wed, 07 Jun 2023 02:42:40 GMT
GET DATA	200 OK	truncated /	10 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bc6dd3afa1a82084ecb5fee4859b310577940b577d4eba7c258c4b441909acc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	27ms 6ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 05 Jun 2023 18:52:01 GMT x-content-type-options nosniff age 114578 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jun 2024 18:52:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 20 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 07 Jun 2023 02:35:27 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 372 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Wed, 07 Jun 2023 04:35:27 GMT
POST H2	200	view Show response d.pr/api/drops/W515jx/	1 KB 2 KB	205ms 204ms	XHR application/json	35.166.230.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.pr/api/drops/W515jx/view Requested by Host: cdn-assets.droplr.net URL: https://cdn-assets.droplr.net/dist/bundle.2023-05-24-8956445d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.166.230.116 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-166-230-116.us-west-2.compute.amazonaws.com Software / Resource Hash d9641964fcbbf5c50f6d3fafe00a6aae611b3dd2708007e992945b9aae437107 Security Headers Name Value Strict-Transport-Security max-age=31557600; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://d.pr/i/W515jx accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers access-control-allow-origin * date Wed, 07 Jun 2023 02:41:40 GMT access-control-expose-headers X-Droplr-Authorization,x-droplr-errorcode,x-droplr-errordetails,X-Has-More,X-Results-Count strict-transport-security max-age=31557600; includeSubDomains etag W/"53d-i6BEstv6zXxx/qebDmyac89+x3c" content-length 1341 content-type application/json; charset=utf-8
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d.pr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 05 Jun 2023 18:52:01 GMT x-content-type-options nosniff age 114579 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14824 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jun 2024 18:52:01 GMT
GET H2	200	include.js Show response app.raaft.io/	8 KB 3 KB	194ms 134ms	Script application/javascript	2a00:1450:4001:829::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.raaft.io/include.js?appId=A7H0mjU0vLzU6VCSE75V Requested by Host: d.pr URL: https://d.pr/i/W515jx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash 036e08253b0ab4b9c91b76842b6c4a5698c3cd62f93761be3db32f9b3e1020a0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:40 GMT content-encoding gzip last-modified Tue, 01 Jan 1980 00:00:01 GMT server Google Frontend x-powered-by Express etag W/"1feb-49773873e8" vary Accept-Encoding access-control-allow-methods * content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cloud-trace-context 0ca8bd38f92f81f8d51dea7f41570a20 cache-control public, max-age=0 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-raaft-id-token, x-raaft-key, x-raaft-subscription content-length 2318
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	13ms 13ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1788588557&t=pageview&_s=1&dl=https%3A%2F%2Fd.pr%2Fi%2FW515jx&ul=en-us&de=UTF-8&dt=Screen%20Shot%202023-06-07%20at%2009.23.28.png%20-%20Droplr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAAI~&jid=2145422777&gjid=1970574015&cid=712949832.1686105700&tid=UA-8563674-4&_gid=1204214285.1686105700&_r=1&_slc=1&gtm=45He3650n815M6G29M&z=520760787 Requested by Host: cdn-assets.droplr.net URL: https://cdn-assets.droplr.net/dist/bundle.2023-05-24-8956445d.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://d.pr/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 07 Jun 2023 02:41:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://d.pr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 338 B	63ms 21ms	XHR text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-8563674-4&cid=712949832.1686105700&jid=2145422777&gjid=1970574015&_gid=1204214285.1686105700&_u=YEBAAEAAQAAAACAAI~&z=1159424415 Requested by Host: cdn-assets.droplr.net URL: https://cdn-assets.droplr.net/dist/bundle.2023-05-24-8956445d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://d.pr/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 07 Jun 2023 02:41:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://d.pr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	conversations-embed.js Show response js.usemessages.com/	75 KB 22 KB	33ms 16ms	Script application/javascript	2606:4700::6811:61ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2285731.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:61ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a39c3cdbdb987dee562a2de964a1d39e27e889fea5e108c3b4ba49fcea2fdc8c Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:40 GMT x-amz-version-id tpkjbFWgcaEMzfLPc7S4pq7_HxVMVYYE via 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-amz-cf-pop IAD12-P3 age 83 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13373/bundles/project.js&cfRay=7d35878b5f8b9978-IAD x-cache Hit from cloudfront cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 7750d28f-23ba-4118-b756-6eaa4f7c8cf4 last-modified Fri, 02 Jun 2023 04:38:53 UTC server cloudflare etag W/"087fd2cd45ce20566625b1ec1f62b5c4" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-5c7n7 cf-ray 7d358992ad2c692e-FRA x-amz-cf-id -Di72TBrP1LlmgtwGpkXV8kOXVN71Kkt2aEQwGHq2nG0vQegM5ts6w== x-hs-target-asset conversations-embed/static-1.13373/bundles/project.js
GET H2	200	2285731.js Show response js.hs-analytics.net/analytics/1686105600000/	66 KB 21 KB	167ms 151ms	Script text/javascript	2606:4700::6810:88ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1686105600000/2285731.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2285731.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 060cf2786c1a13c87f3a06906f0508cd17c4a9f6ea37841643b0126191c984e7 Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:40 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id PEDJNVJJJKPP40ET x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-envoy-upstream-service-time 33 x-amz-id-2 SF8bUqhrPf7A1nQofeEHVBKWPx8Ob6Cf080TUk9RIp5Q/0UhpBLB6VYFRHMF0NyObYpYgjQFvYU= x-evy-trace-listener listener_https x-request-id 054653e7-e4ed-414b-9d58-a30573659c83 x-evy-trace-route-configuration listener_https/all last-modified Wed, 31 May 2023 18:49:25 GMT server cloudflare etag W/"0019954e0b9706284aa0d6e23d078c25" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd cache-control max-age=300,public access-control-allow-credentials false cf-ray 7d358992ab67915c-FRA expires Wed, 07 Jun 2023 02:46:40 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/2285731/	208 KB 64 KB	436ms 411ms	Script text/javascript	2606:4700::6812:18c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/2285731/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2285731.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4a32c87b383fec1a06fc698519fa03cde50ee7c018ea39ffeb1c64d2ae0b0fd Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:40 GMT x-amz-version-id p4GGL5b.eyFaPIm55M9YHgOB6X84ies2 content-encoding br cf-cache-status REVALIDATED x-amz-request-id GFQPBW97MXF1C3G1 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-envoy-upstream-service-time 21 x-amz-id-2 8P3JoYpbgRJtsAuTdz9b7Rw7KkzfHz3jXdmFDC60Hf4FG0MpIQk7j+atshIkN2WYQxhMBzo+u10= x-evy-trace-listener listener_https x-request-id 883f8fed-266b-4eb8-9f75-7572372ff821 x-evy-trace-route-configuration listener_https/all last-modified Mon, 05 Jun 2023 17:15:35 GMT server cloudflare etag W/"1165a14302c4c6977df2a51b6517345f" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://d.pr x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7 vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 7d358992bd293609-FRA expires Wed, 07 Jun 2023 02:46:40 GMT
OPTIONS H2	200	public api.hubspot.com/livechat-public/v1/message/	0 0	136ms 119ms	Preflight text/plain	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.13373&mobile=false&messagesUtk=ee154f27674844519e138fc132b195d3&traceId=ee154f27674844519e138fc132b195d3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers x-hubspot-messages-uri Access-Control-Request-Method GET Origin https://d.pr Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://d.pr allow HEAD,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d358992fdb08fd4-FRA content-length 18 content-type text/plain; charset=utf-8 date Wed, 07 Jun 2023 02:41:40 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMz0fmijn6YtxyAUIteratLn%2FVCR%2FYWXdYhebFtSoxxDj%2FJgASNLpcE5ISKgId33ZjVxnBawz75kTlhq0gM7sgGsF3Qqb7CI4m%2FyUovyO0KS01ciLzXInlWX6vU2HaxPm86wLyabTyfOaSBlGQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding x-envoy-upstream-service-time 3 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-lh7ht x-evy-trace-virtual-host all x-hubspot-correlation-id 1aa835c9-4747-4639-91be-89fa6818240f x-request-id 562c2d45-837f-4fd4-8a98-1ef711d46448 x-trace 2B39B1F82CF157283BB3001A66959BE594E78DAB0E000000000000000000
GET H2	200	public Show response api.hubspot.com/livechat-public/v1/message/	255 B 961 B	134ms 134ms	XHR application/json	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.13373&mobile=false&messagesUtk=ee154f27674844519e138fc132b195d3&traceId=ee154f27674844519e138fc132b195d3 Requested by Host: cdn-assets.droplr.net URL: https://cdn-assets.droplr.net/dist/bundle.2023-05-24-8956445d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c4a9ad47ab70d1575706723bde24976cf34f3642a276cfba8075c0af6c45b76 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://d.pr/ accept-language de-DE,de;q=0.9 X-HubSpot-Messages-Uri https://d.pr/i/W515jx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0a805833-26d3-4dae-9c68-38bb3ebd24bb x-envoy-upstream-service-time 14 alt-svc h3=":443"; ma=86400 content-length 255 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fcd36d2b-77bc-42f8-9817-f989085a218f server cloudflare x-trace 2B2A33453D548570C0385ACDA73BE785874B87A90D000000000000000000 vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://d.pr x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-gtcbx cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plD030D6%2FVOVS9cF2%2Bztm16Q3sGgIEi2SXNMdsVIz7w8VYNdoBKeX2rzc0O31Q%2BTHH6VypMQVHxuf90Qj6HTPkSnpeISOMVRFMvJdFReCo7%2B5xhdUtlc3S3cx0NOemgQ%2B2Nc0IRf328Qc4LSSQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7d358993bdeb8fd4-FRA access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	132ms 115ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=78086756&v=1.1&a=2285731&pu=https%3A%2F%2Fd.pr%2Fi%2FW515jx&t=Screen+Shot+2023-06-07+at+09.23.28.png+-+Droplr&cts=1686105700709&vi=ee17f8d5a6a6f993a1c99576538a6393&nc=true&u=23916709.ee17f8d5a6a6f993a1c99576538a6393.1686105700706.1686105700706.1686105700706.1&b=23916709.1.1686105700706&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://d.pr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 02:41:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 50a8fd7f-e4e2-439d-9cf8-ab632350e0fa p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 609d392a-8a39-47a4-bd11-031913fd3853 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nU6zYRftoorviBx%2B%2F5wi%2FVt2kGsi%2B1yYpsnm%2B7K0BJRz%2FZMntMHIn3fHBayhh6modWKnWDWmMRNgkpMsnohVYojdeH71J06sVZmdmJntKkjwIVLABpos%2Bl2b124p6esbt%2FvevCUgLTNNjYQ9taFn"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-j9299 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7d3589958bc21c9d-FRA x-robots-tag none

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer object| FontAwesomeCdnConfig string| cssUrl boolean| isIE function| detectIE object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _ object| config object| regeneratorRuntime function| setImmediate function| clearImmediate function| saveAs object| core object| Base64 function| raaft object| gaplugins object| gaGlobal object| gaData object| _hsp boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.d.pr/	1970-01-20 21:57:45	Name: _ga Value: GA1.2.712949832.1686105700
			.d.pr/	1970-01-20 12:23:12	Name: _gid Value: GA1.2.1204214285.1686105700
			.d.pr/	1970-01-20 12:21:45	Name: _gat_UA-8563674-4 Value: 1
			d.pr/	1970-01-20 12:31:50	Name: AWSALB Value: JM4+0o0oYxFJQ3+MRY7IcfK4yGDCbctXsOND4kOITgTQV/IjEdQUc3AwlegzWy7ZITzUQ2saabU757a/TFLB4p9FdWALlBYYO415xLCQn7W7Tz1+TSO3TBtHhUBcrWTG2hsvtuqhso6MBHZHW0327CQQ/iOQkgQqcgCKyo5c8KF2ERKE6SWDftCfQLIzgw==
			d.pr/	1970-01-20 12:31:50	Name: AWSALBCORS Value: JM4+0o0oYxFJQ3+MRY7IcfK4yGDCbctXsOND4kOITgTQV/IjEdQUc3AwlegzWy7ZITzUQ2saabU757a/TFLB4p9FdWALlBYYO415xLCQn7W7Tz1+TSO3TBtHhUBcrWTG2hsvtuqhso6MBHZHW0327CQQ/iOQkgQqcgCKyo5c8KF2ERKE6SWDftCfQLIzgw==
			.d.pr/	1970-01-20 16:40:57	Name: __hstc Value: 23916709.ee17f8d5a6a6f993a1c99576538a6393.1686105700706.1686105700706.1686105700706.1
			.d.pr/	1970-01-20 16:40:57	Name: hubspotutk Value: ee17f8d5a6a6f993a1c99576538a6393
			.d.pr/	1969-12-31 23:59:59	Name: __hssrc Value: 1
			.d.pr/	1970-01-20 12:21:47	Name: __hssc Value: 23916709.1.1686105700706
			.hubspot.com/	1970-01-20 12:21:47	Name: __cf_bm Value: CBKrhGOgfYM.ajffKLnxXLxP7sk4aidqxSEK7tTw_7I-1686105700-0-ATg4wdRBhBz0v4q/dkfBKdga2ltaF+78iXpzAJMQ/iHyFFzKCwzyED/iOAtBw/epINugCvMhJ0xrp3q7rGEYnE4=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.google-analytics.com/gtm/optimize.js?id=GTM-N36GL2J Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://d.pr https://d.pr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.raaft.io
cdn-assets.droplr.net
cdn-std.droplr.net
d.pr
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
stats.g.doubleclick.net
track.hubspot.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
13.224.189.81
18.66.147.24
2606:4700::6810:88ce
2606:4700::6811:61ac
2606:4700::6812:18c4
2606:4700::6812:883b
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700:e2::ac40:840f
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:829::2013
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9d
35.166.230.116
036e08253b0ab4b9c91b76842b6c4a5698c3cd62f93761be3db32f9b3e1020a0
03b54792e6c7a755d10ca730aee25ea66eb9ddc4f987960185d66e7415a3d7ef
060cf2786c1a13c87f3a06906f0508cd17c4a9f6ea37841643b0126191c984e7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3bc6dd3afa1a82084ecb5fee4859b310577940b577d4eba7c258c4b441909acc
5a9b4d9c7220c29a2f5b90c40402d71656e2d2453cf70c29dbfd612ace0172d4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c4a9ad47ab70d1575706723bde24976cf34f3642a276cfba8075c0af6c45b76
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718245f5389c68c726e9d99dd58de0f339687007c0518dc6eaed9ea5d1aeb724
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45
a39c3cdbdb987dee562a2de964a1d39e27e889fea5e108c3b4ba49fcea2fdc8c
a4a32c87b383fec1a06fc698519fa03cde50ee7c018ea39ffeb1c64d2ae0b0fd
a4e2a19abcc624f9217859561c067dae2115d71a56fb79334f12335a6627580e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4c69370d0e4a3749db13d21911afa808444977742c4a2a909582899d145297b
b93e205b7b02c0892ce6e2527636247f751e728e92985da588ec99278d0a8cea
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a
d9641964fcbbf5c50f6d3fafe00a6aae611b3dd2708007e992945b9aae437107
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e00a86b0972929c0861006a08a71251029dd02c3bb5985f93d9339d76db1a11e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eef818d35a07761032033feaeb88420ddfb0f923c6433b7533f42c68897a3f0f