urlscan.io logo urlscan.io
SecurityTrails logo

snowsoftware.d.pr Open in urlscan Pro
52.38.139.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://snowsoftware.d.pr/f/lqq7an
Submission: On October 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 38 HTTP transactions. The main IP is 52.38.139.79, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is snowsoftware.d.pr.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 5th 2023. Valid for: a year.
This is the only time snowsoftware.d.pr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    52.38.139.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-139-79.us-west-2.compute.amazonaws.com
snowsoftware.d.pr
d.pr
4    18.66.122.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-124.fra60.r.cloudfront.net
cdn-assets.droplr.net
8    2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.97.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-71.fra56.r.cloudfront.net
cdn-sec.droplr.net
1    2a00:1450:4001:827::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
app.raaft.io
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:fba8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
Apex Domain
Subdomains		 Transfer
8 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1951
176 KB
5 droplr.net
cdn-assets.droplr.net
cdn-sec.droplr.net — Cisco Umbrella Rank: 544424
2 MB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
region1.google-analytics.com — Cisco Umbrella Rank: 1878
21 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
6 KB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 9155
track.hubspot.com — Cisco Umbrella Rank: 4798
2 KB
3 gstatic.com
fonts.gstatic.com
44 KB
3 d.pr
snowsoftware.d.pr
d.pr
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
158 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 10102
22 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 4629
21 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 4608
20 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
338 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 4897
1 KB
1 raaft.io
app.raaft.io — Cisco Umbrella Rank: 998602
3 KB
38 14
Domain Requested by
8 use.fontawesome.com snowsoftware.d.pr
use.fontawesome.com
d.pr
4 fonts.googleapis.com snowsoftware.d.pr
d.pr
4 cdn-assets.droplr.net snowsoftware.d.pr
d.pr
3 www.google-analytics.com www.googletagmanager.com
cdn-assets.droplr.net
3 fonts.gstatic.com fonts.googleapis.com
2 api.hubspot.com cdn-assets.droplr.net
2 www.googletagmanager.com d.pr
www.google-analytics.com
2 d.pr snowsoftware.d.pr
cdn-assets.droplr.net
1 track.hubspot.com snowsoftware.d.pr
1 region1.google-analytics.com www.googletagmanager.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 stats.g.doubleclick.net cdn-assets.droplr.net
1 js.hs-scripts.com www.googletagmanager.com
1 app.raaft.io d.pr
1 cdn-sec.droplr.net d.pr
1 snowsoftware.d.pr
38 18

This site contains no links.

Subject Issuer Validity Valid
droplr.com
Amazon RSA 2048 M02		 2023-08-05 -
2024-09-01		 a year crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-09-01 -
2023-11-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
app.raaft.io
GTS CA 1D4		 2023-09-19 -
2023-12-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://snowsoftware.d.pr/f/lqq7an
Frame ID: 8D2F4BC5447D3D4AC07CD4563BAA607A
Requests: 10 HTTP requests in this frame

Frame: https://d.pr/f/lqq7an
Frame ID: 35CACA0A73B0A757AF34DBC098903EAF
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NewRez_Windows_Test-snowagent-6.14.2-x64.msi - Droplr

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

38
Requests

100 %
HTTPS

81 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

2959 kB
Transfer

9766 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lqq7an
snowsoftware.d.pr/f/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.139.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-139-79.us-west-2.compute.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
1f73a473bd4129c0bbc6a2accb89bb6e886fd68bf0bcb1b65a95090f60069721
Security Headers
Name Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
5927
content-security-policy
frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr
content-type
text/html; charset=utf-8
date
Mon, 02 Oct 2023 14:58:12 GMT
etag
W/"1727-LO6tPZOYHetQeiCkJmk69etv1XA"
server
nginx/1.17.8
bundle.2023-09-28-7be7e55f.js
cdn-assets.droplr.net/dist/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/bundle.2023-09-28-7be7e55f.js
Requested by
Host: snowsoftware.d.pr
URL: https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-124.fra60.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
734e23a0fd1132e140182fe6aa0217ebca9a356acdb476319e4145eb95d6113f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://snowsoftware.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 14:27:21 GMT
content-encoding
gzip
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 14:24:48 GMT
server
nginx/1.17.8
x-amz-cf-pop
FRA60-P2
age
347451
etag
W/"3f8a8f-18adc2d8f80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-id
RsvPn6QDnRz4VJLl-cZ8KU4OaHTwyeCcruwj9CejnlKTzjL2yxNoJw==
app.2023-09-28-7be7e55f.css
cdn-assets.droplr.net/dist/style/ 		222 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/style/app.2023-09-28-7be7e55f.css
Requested by
Host: snowsoftware.d.pr
URL: https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-124.fra60.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
1b95891b6ca03582444fe88202d8cfd12a363627ff01e80a984206e89133cfad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://snowsoftware.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 14:27:21 GMT
content-encoding
gzip
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 14:24:48 GMT
server
nginx/1.17.8
x-amz-cf-pop
FRA60-P2
age
347451
etag
W/"37666-18adc2d8f80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-id
Gl3YGX2RZD5kQdP5D-PtTghcq08NArJiVDUluD4yV8n5pgtXlfRf9g==
dfa16d9872.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.js
Requested by
Host: snowsoftware.d.pr
URL: https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://snowsoftware.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7H7G6AWQZ33V2SZA
age
1190
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KiaCHvz7eTABz3mD8p9df9dU6TM62eFiTzyUIP4ox37HLpquY4pnmj8Oer+caQEA/1bZQyQVkgk=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"c8b10da870c9c32e92ca93daaf3395cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1UCrSDI3fexv7enOpbNIUxQJ0Ia%2BYsFCd8TT53Nookff5MMSoezhxSwWqA6tr1FlmQSenqgD5Io%2FpKyfnKWv0zwY4vK9UzE9oZqaV%2FkbOKmvfz9YgBTxKXZNkJC%2B%2BLvl%2BrMIMT8MetJ6%2FYwlEcH5RgC"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
80fdcd5edf8ab894-AMS
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Requested by
Host: snowsoftware.d.pr
URL: https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a836375250b0b20dacd486ac1d5d7287341b0ac0d4796defab93a4ab5dd03dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://snowsoftware.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 14:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:58:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 14:58:12 GMT
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500
Requested by
Host: snowsoftware.d.pr
URL: https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07d6b00cd884b1db490a69fcb259a29992100d609e05b29fd8fcf012eec9f508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://snowsoftware.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 14:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:58:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 14:58:12 GMT
dfa16d9872.css
use.fontawesome.com/ 		1 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://snowsoftware.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RVDFN50G9R9NQFDH
age
1190
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oQFc72XgdmG5Ci6E5mpGFtxyltVX0v9boOVjrXsOvNh1VGAEXjisqukgVNNXCMi5L1iuHuuxwY8=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"a4b6d93743fb746387a1c530958fd725"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpPGsG3Xc2FsrbiO76wOfLVK9tSjM%2Bli%2Fmn3uTKrIP7l%2Bzt%2FJi3lxJsO1fxpgkl%2B5oCPYBBp3%2BL4AIXR%2FXMkwH6d%2FGrgkHaseR9gx6E4Kr2rZ3Ru3Xtf7kemlk%2Bq0AgdBqYmaPY1Seh3v5bWyYVXqmVm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
80fdcd5f4852b894-AMS
lqq7an
d.pr/f/ Frame 35CA 		15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.pr/f/lqq7an
Requested by
Host: snowsoftware.d.pr
URL: https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.139.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-139-79.us-west-2.compute.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
c3d039cf049efeb09f67f410d01fa42a5bcaa66a784f23b89755e346fa0e2c30
Security Headers
Name Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr

Request headers

Referer
https://snowsoftware.d.pr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
15830
content-security-policy
frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr
content-type
text/html; charset=utf-8
date
Mon, 02 Oct 2023 14:58:13 GMT
etag
W/"3dd6-mpMdMpo0oIr33XB2U6KMsmVK1X0"
server
nginx/1.17.8
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://snowsoftware.d.pr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:02:57 GMT
x-content-type-options
nosniff
age
280516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 09:02:57 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/dfa16d9872.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FTABQ1S6M8KYSZNK
age
98730
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xYnfwSmAmlDJq4hX2hlDRzCNr+YMTgLKfg/pRd6QkOoRCJoEJY2nRJ+PLpPOzmuCcfRXAGg7G+8=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7RZyrkDVbECHe5IuCTXb7cznwx30x3uF3VPs3xT1x6X4Ev2ytDuCgX83kH%2FK85oiOYLjimsgUSbJHRC2AtraB3FnSTbk8D%2B%2BXfFA6XnV9nLkOOR1BZ22mKpfq5%2BcylNYHMXlSce7w9CckMR%2BuSmewDp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
80fdcd5f789ab894-AMS
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/dfa16d9872.css
Origin
https://snowsoftware.d.pr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2WE413CETFP9B9MW
alt-svc
h3=":443"; ma=86400
content-length
77160
x-amz-id-2
uTvFHYjgwoJU86BBZCBbfBzmRjYnflXMbRfrgGXZFfFp220DzOWpEwmJLuLi36lWnI3SluHrfJT2hbX5DDzw/WR2s/wbm5kL
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V63jRNsDLVzyTadqvlkiWwDer4Ot2VxSlzB50ALIhsYZcLkhoKqMGNkS7CyY6p2Vv6vpaqb8I0eetJ88FNqgF0FVgkdYfc7g60fhwXsG81SOrKUnW2rbS7ufOEVDC%2BmpCnynm%2Bkamps28Dni7VemMJl6"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80fdcd60592027c1-OTP
bundle.2023-09-28-7be7e55f.js
cdn-assets.droplr.net/dist/ Frame 35CA 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/bundle.2023-09-28-7be7e55f.js
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-124.fra60.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
734e23a0fd1132e140182fe6aa0217ebca9a356acdb476319e4145eb95d6113f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 14:27:21 GMT
content-encoding
gzip
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 14:24:48 GMT
server
nginx/1.17.8
x-amz-cf-pop
FRA60-P2
age
347452
etag
W/"3f8a8f-18adc2d8f80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-id
rUJa5iisYqSEbYhcqCqjkB-2qyenURNyT1wIrfkKI6flSSoO2WKAjQ==
app.2023-09-28-7be7e55f.css
cdn-assets.droplr.net/dist/style/ Frame 35CA 		222 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/style/app.2023-09-28-7be7e55f.css
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-124.fra60.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
1b95891b6ca03582444fe88202d8cfd12a363627ff01e80a984206e89133cfad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 14:27:21 GMT
content-encoding
gzip
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 14:24:48 GMT
server
nginx/1.17.8
x-amz-cf-pop
FRA60-P2
age
347452
etag
W/"37666-18adc2d8f80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-id
g4eDdKUd7ROrXrLSUTfB83hmgpzHYJQj9qEbWhXUkPIUi-LSNPVmfA==
dfa16d9872.js
use.fontawesome.com/ Frame 35CA 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.js
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
753T8QVF7AGXSK1S
age
5473
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gEm+FzfJmKaRrSMumV6rAcTTPD0UtCH1Qg1D/KhPm/5LwL3Cs2nNeETLM5DZAPbZM3wHWh5RM4Q=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"c8b10da870c9c32e92ca93daaf3395cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9NpD%2F%2FRYjUHULRE9P9A3s%2FyrZR%2B2%2Fy1F%2BWkcLygjlhl2KGkxdBmKl4GR214ndAAHHy0%2Fpmss0Dg17wLnjUZHd%2F%2B0%2Fcw0W5oe2QNxGj5wsDGtADyPQBfAJOC74Uv8jGymOCUDsQ%2Fo%2BmS%2FJ8%2F8qipxfWv"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
80fdcd60caf75b5d-VIE
css
fonts.googleapis.com/ Frame 35CA 		11 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a836375250b0b20dacd486ac1d5d7287341b0ac0d4796defab93a4ab5dd03dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:58:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 14:58:13 GMT
css
fonts.googleapis.com/ Frame 35CA 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07d6b00cd884b1db490a69fcb259a29992100d609e05b29fd8fcf012eec9f508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:58:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 14:58:13 GMT
gtm.js
www.googletagmanager.com/ Frame 35CA 		231 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00adf1ad87486afb8f0c9692a95ba1706bcecef93828462beb8eb7a0675ac47c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75080
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Oct 2023 14:58:13 GMT
dfa16d9872.css
use.fontawesome.com/ Frame 35CA 		1 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
753N20G1TA2XER63
age
875
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lkK5UPaDm6j73KA32z0FcrypHTVdz7ClVSZ00sPtY7j2xgjZq5n440S5hsodWxt8fDJIaBHpeQg=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"a4b6d93743fb746387a1c530958fd725"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axncaV23uPz8mnOyVPajejomGgBJdBI9MHIGnicfy%2Bnq%2BpzmG4deEpjU4wqxSwGnr1cr7kvoZEfer1GfmY6H5eiThMkZFYE71m5F00NdktmnhycKpMkQTHwcBp9k6Nqm5LrsY95NIsTc1twEJxET9GPQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
80fdcd61dc855b5d-VIE
view
d.pr/api/drops/lqq7an/ Frame 35CA 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pr/api/drops/lqq7an/view
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2023-09-28-7be7e55f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.139.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-139-79.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e9deadd1b8c02ce5a952145890d6460c8bc110753c3c2549186b18a3d704600b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://d.pr/f/lqq7an
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 02 Oct 2023 14:58:13 GMT
access-control-expose-headers
X-Droplr-Authorization,x-droplr-errorcode,x-droplr-errordetails,X-Has-More,X-Results-Count
strict-transport-security
max-age=31557600; includeSubDomains
etag
W/"56a-nme6HE23xYPzfZKzbGL/218TOnI"
content-length
1386
content-type
application/json; charset=utf-8
389337_3d22f450-3b9c-11eb-90f7-97a28b66f8c9
cdn-sec.droplr.net/logos/ Frame 35CA 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-sec.droplr.net/logos/389337_3d22f450-3b9c-11eb-90f7-97a28b66f8c9?response-content-disposition=inline&Expires=1696258753&Key-Pair-Id=APKAJTEIOJM3LSMN33SA&Signature=F6FiFDjXMShcdP5hEMqGORXtkBXMIXdwH0h7sdeXunK9N6ksA53xRhxBPtwXAxRYIoUalsTXJo8IfPOQqQXfyaKOMzX5bnzHWF7ch7VAlanoGeqZUUHux5uCZFE0YhN3FTGJk3U7IoZSTI~RX~eatlGiVPFi1BALEt1SrobMmm4_
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a66f5266f23a7821e1bab4321ab32ceb328927c6d28c8ec09c490740e2dd5977

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Fri, 11 Dec 2020 10:33:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
17396
etag
"39b0f56e0b4427fb160971366d82e618"
x-cache
Hit from cloudfront
content-type
image/png
content-disposition
inline
accept-ranges
bytes
content-length
58673
x-amz-cf-id
NLuMMI-OGKIL4egiXMf7Ju-9P6TIsGPjO7rtTHdUoj7H42GU6I6llA==
truncated
/ Frame 35CA 		883 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7713e90927b19fa636fb5700303752591552a3890172fe9497d459fb6ea31ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 35CA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d.pr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:02:57 GMT
x-content-type-options
nosniff
age
280516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 09:02:57 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 35CA 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d.pr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:33:46 GMT
x-content-type-options
nosniff
age
321867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 21:33:46 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ Frame 35CA 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/dfa16d9872.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
73RNDNECWR1ZWNKF
age
2188644
alt-svc
h3=":443"; ma=86400
x-amz-id-2
y9JuiB0uZHkHQEzlwOJLTbnr3GpbaJ2xj04Z6ky1M/Yl0Qd+7jACD/AEiCChyR/nwT2v5K2/uAA=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enU20n3FdZVo7pWs8HQmqegH6Bh9%2Bmjnf1eVVxdD1qR%2F7wV0hdbDZH0MoMD6FptC%2FTRXNQMAbltjLraGgSkD5jFOEJjv03GQbsT%2BLkZ%2BvL0Qv5EZRF30aZ4lkElCHza5d%2BjDIf8uhWIB19vtQI6GtbyQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
80fdcd630e645b5d-VIE
include.js
app.raaft.io/ Frame 35CA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.raaft.io/include.js?appId=A7H0mjU0vLzU6VCSE75V
Requested by
Host: d.pr
URL: https://d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
036e08253b0ab4b9c91b76842b6c4a5698c3cd62f93761be3db32f9b3e1020a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1feb-49773873e8"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cloud-trace-context
6a9ed0e3f3445e0a55c7d83052a6e4cf
cache-control
public, max-age=0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-raaft-id-token, x-raaft-key, x-raaft-subscription
content-length
2318
optimize.js
www.google-analytics.com/gtm/ Frame 35CA 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-N36GL2J
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
2285731.js
js.hs-scripts.com/ Frame 35CA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2285731.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd4bb0c4cb0414b9b235e0bc8e91ca48f1fc5dd10772621a442d20b373b4d2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bc97c29d-4138-4e9f-b4a9-6820eb521134
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bc97c29d-4138-4e9f-b4a9-6820eb521134
last-modified
Mon, 02 Oct 2023 14:44:38 GMT
server
cloudflare
x-trace
2BDE42B319C6FCBC8B410F1D3B0DE896B704C2FB6D000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://d.pr
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-dz5lh
cf-ray
80fdcd635fd21ca1-FRA
expires
Mon, 02 Oct 2023 14:59:13 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ Frame 35CA 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/dfa16d9872.css
Origin
https://d.pr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GY9BXG2J2NPCNCHM
age
626509
alt-svc
h3=":443"; ma=86400
content-length
77160
x-amz-id-2
6q95oX3L3X78SUb2fK9U/dtPKg6hL8pvflXZcZWvXeWnk4UJ9u7HP2agdEpP0D46wzJkWkDiIgo=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6Zf6U%2FwDTGvERx2A952%2B0ygy3sd4uqcGHw0ci8fg2exJNo3H0nB%2FhxEGgGZlxC9gBPpv4eBVzyFfD6OheccytrNeWg8ZMXycN0mIti2HYAAqttrlzQGd4rHzUjz6%2F%2FWX1q%2BjAfvH7tsXcjPU0B8wR8N"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80fdcd637d2427c1-OTP
analytics.js
www.google-analytics.com/ Frame 35CA 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 02 Oct 2023 13:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4432
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 02 Oct 2023 15:44:21 GMT
collect
www.google-analytics.com/j/ Frame 35CA 		16 B
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2082587287&t=pageview&_s=1&dl=https%3A%2F%2Fd.pr%2Ff%2Flqq7an&dr=https%3A%2F%2Fsnowsoftware.d.pr%2F&ul=en-us&de=UTF-8&dt=NewRez_Windows_Test-snowagent-6.14.2-x64.msi%20-%20Droplr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAAI~&jid=410802606&gjid=28294092&cid=108554730.1696258694&tid=UA-8563674-4&_gid=914304427.1696258694&_r=1&_slc=1&gtm=45He39r0n815M6G29M&z=1878646694
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2023-09-28-7be7e55f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6bdfe82f9a2e4934b3af7e405d994f695ac5acf70e3c2632bbc44243747a5dc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d.pr/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 14:58:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d.pr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 35CA 		1 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8563674-4&cid=108554730.1696258694&jid=410802606&gjid=28294092&_gid=914304427.1696258694&_u=YEBAAEAAQAAAACAAI~&z=1285040298
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2023-09-28-7be7e55f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d.pr/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 02 Oct 2023 14:58:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d.pr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 35CA 		239 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1NVW9YXQGF&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4594398c8bd163d48589dc3f694f3b33a89128644f4b48b3e21e27becca97b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85763
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 14:58:13 GMT
banner.js
js.hs-banner.com/v2/2285731/ Frame 35CA 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/2285731/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d48168fad4205ad6cb6a6c714699f2c60c9add5fde836886cb2a0caf9800fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
x-amz-version-id
St43wQMZmce0IIe1dehZs5js_A8PFFQB
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
MC9M9K1H7C0BSX71
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
b17de120-cd5e-41f5-a078-ddad3e82aba2
age
85
x-envoy-upstream-service-time
21
x-amz-id-2
sQnRLTaSTLMgm18l0TEy+V9us/B4jlLpVFYeK41tcVH9v5DUU89UA1RU+ld48P+uLr0+RusUW9zeVb5Pifi8tHnZVdSshFO0
x-evy-trace-listener
listener_https
x-request-id
b17de120-cd5e-41f5-a078-ddad3e82aba2
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 26 Sep 2023 19:06:10 GMT
server
cloudflare
etag
W/"390b34ba4249f516bd797479f264a97f"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d.pr
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-c5f7fd779-fzzvz
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
80fdcd646cc41e55-FRA
expires
Mon, 02 Oct 2023 15:01:48 GMT
2285731.js
js.hs-analytics.net/analytics/1696258500000/ Frame 35CA 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1696258500000/2285731.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb69b445455d862e1bc2830328bba3f73db6e9762d2031a07572af7db00c8d31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
2WEC59VMBJTZP3S9
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
1a506982-c338-4c79-bc33-f06c3aa842a6
x-envoy-upstream-service-time
21
x-amz-id-2
ocOJVnlCwl7UOjGUpdaFFtjaCwNPUzb9B4bHfFDxsKXe8VydCoPws+JFkoBZT0lgDgfHSljaFGT71DHjA6tANw==
x-evy-trace-listener
listener_https
x-request-id
1a506982-c338-4c79-bc33-f06c3aa842a6
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 15 Sep 2023 17:54:07 GMT
server
cloudflare
etag
W/"057da56f2785b16925d3d08b7e6b9b2f"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-snk2v
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
80fdcd6448819241-FRA
expires
Mon, 02 Oct 2023 15:03:13 GMT
conversations-embed.js
js.usemessages.com/ Frame 35CA 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d07a8aae13574a7cc9125e34cf57ba0ab69eb4dc17f8f04c61c28c52fe65467
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:13 GMT
x-amz-version-id
LDWfVNr1SrQyWw7D7iDZG3hymdIg4gt9
via
1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
536
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14255/bundles/project.js&cfRay=80fdc04a4d118ff2-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
cec31584-5184-4afc-ab21-f5f374e948d9
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
5
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
cec31584-5184-4afc-ab21-f5f374e948d9
last-modified
Fri, 29 Sep 2023 05:11:32 UTC
server
cloudflare
etag
W/"39778649ee5405bc12cce42d39a8b56f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-bnhh6
cf-ray
80fdcd646ecb8fdc-FRA
x-amz-cf-id
RR2Zid6UB28TzcFAg4IP853AVEJeXjkYgaFBzRwj0xEJ6sgqsp2rkA==
x-hs-target-asset
conversations-embed/static-1.14255/bundles/project.js
collect
region1.google-analytics.com/g/ Frame 35CA 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1NVW9YXQGF&gtm=45je39r0&_p=2082587287&ul=en-us&sr=1600x1200&cid=108554730.1696258694&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fd.pr%2Ff%2Flqq7an&dr=https%3A%2F%2Fsnowsoftware.d.pr%2F&dt=NewRez_Windows_Test-snowagent-6.14.2-x64.msi%20-%20Droplr&sid=1696258693&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1NVW9YXQGF&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 14:58:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d.pr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
public
api.hubspot.com/livechat-public/v1/message/ Frame 35CA 		255 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.14255&mobile=false&messagesUtk=3cf2fd139f1c493eac8452e6075d6fda&traceId=3cf2fd139f1c493eac8452e6075d6fda&referrer=https%3A%2F%2Fsnowsoftware.d.pr%2F
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2023-09-28-7be7e55f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41781c24d67fe36e893e08de5c9c11ec07db9fc95d274af96ad56fa4aba4cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d.pr/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://d.pr/f/lqq7an
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d868ba80-929c-44b7-a7ad-5790cf9034bd
x-envoy-upstream-service-time
12
content-length
255
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d868ba80-929c-44b7-a7ad-5790cf9034bd
server
cloudflare
x-trace
2B55F5D55BCB6CB8F50C0DE2918922C791493D891F000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://d.pr
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-l5z9c
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88ye0CpmpcviyYSBwNadaRQuKx8qLReiuUvBEZQMpVorXc1Ncr3R%2FGSjEyY9QA3Nsmfnoxc5tmx0WEOpC1EWQfmWk%2FzAKmxHpS2w788SSLtmGjBy8HGvOeaD%2BT6us01nReyhB%2F1DDVfG0imfQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
80fdcd66c9613a85-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.14255&mobile=false&messagesUtk=3cf2fd139f1c493eac8452e6075d6fda&traceId=3cf2fd139f1c493eac8452e6075d6fda&referrer=https%3A%2F%2Fsnowsoftware.d.pr%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://d.pr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://d.pr
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80fdcd6588323a85-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Mon, 02 Oct 2023 14:58:14 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gxyIpNNx9MomIbHJc0ccoDlIjeCxzjmMLAWeOf3ASqBLkwbt19VIFNZNtBKKPwyWyAJWUBpUmgCyVZ2d6LM4BmwMrgNGgX9ZZA5eyLL0XlKbSRkhoY7MDQxLN6YwuxcUaI1wGHsIlvBdlf5Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
51
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-ztn57
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
db6de54a-ac20-4422-b501-9cf157adaf30
x-request-id
db6de54a-ac20-4422-b501-9cf157adaf30
x-trace
2B0A3A484F4F7FEFC7A342E58AFC40FC3506C9F60D000000000000000000
__ptq.gif
track.hubspot.com/ Frame 35CA 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1666088104&v=1.1&a=2285731&r=https%3A%2F%2Fsnowsoftware.d.pr%2F&pu=https%3A%2F%2Fd.pr%2Ff%2Flqq7an&t=NewRez_Windows_Test-snowagent-6.14.2-x64.msi+-+Droplr&cts=1696258693981&vi=c402686c97a0f39bad75bf3ea18412a0&nc=true&u=23916709.c402686c97a0f39bad75bf3ea18412a0.1696258693973.1696258693973.1696258693973.1&b=23916709.1.1696258693973&cc=15
Requested by
Host: snowsoftware.d.pr
URL: https://snowsoftware.d.pr/f/lqq7an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:58:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1cd738c3-393a-47e0-a1ec-1dafa48320fa
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1cd738c3-393a-47e0-a1ec-1dafa48320fa
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seSAp3pKGZ1K3914T1NlYRdCBU4XO9izXl%2F5pKrVBL1ILxWl3i%2FI2x3VNDXSn8U1nPfzupQ9MuAOYwGEGd%2Bn5umxWBvX4hncPZKvaA%2FoyylArHby%2FWLJ20VrIts8YEACHRrzsd0%2F9%2FYCsp36fQ7D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-smv59
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
80fdcd659c8b37e9-FRA
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| FontAwesomeCdnConfig string| cssUrl object| iframe string| host string| covideoHost

13 Cookies

Domain/Path Name / Value
snowsoftware.d.pr/ Name: AWSALB
Value: 01+rUV08RZTGSIALDtSlK0gE/tgw2R1AFDDrLveqYXZeFjhaN8MDnjNgUnH2Qx/kIHf6faX2JZN0n6fe6RXCi6H49ZvbS+bjxbobkSrHfIbzzreSXf5WMEXiwjty
snowsoftware.d.pr/ Name: AWSALBCORS
Value: 01+rUV08RZTGSIALDtSlK0gE/tgw2R1AFDDrLveqYXZeFjhaN8MDnjNgUnH2Qx/kIHf6faX2JZN0n6fe6RXCi6H49ZvbS+bjxbobkSrHfIbzzreSXf5WMEXiwjty
.d.pr/ Name: _ga
Value: GA1.2.108554730.1696258694
.d.pr/ Name: _gid
Value: GA1.2.914304427.1696258694
.d.pr/ Name: _gat_UA-8563674-4
Value: 1
.d.pr/ Name: _ga_1NVW9YXQGF
Value: GS1.2.1696258693.1.0.1696258693.0.0.0
d.pr/ Name: AWSALB
Value: vMCqN6c6M1ttpscTUrjAuHOcl8kgbmkY6e9a6zFNp3stTCIZn92mksWHYSq16oSdG/N2XRJzv+nxh+wFbcaOS5vlbejJqJY6kD4CZ3cbzijghvEuJl6/6/WI0fie4u2UXIPJOVGJz6/Z4GMjChHDpE8xMcGGRnzS/AUEvsFn98zPBPbwmtR4MLGF6Rj7vw==
d.pr/ Name: AWSALBCORS
Value: vMCqN6c6M1ttpscTUrjAuHOcl8kgbmkY6e9a6zFNp3stTCIZn92mksWHYSq16oSdG/N2XRJzv+nxh+wFbcaOS5vlbejJqJY6kD4CZ3cbzijghvEuJl6/6/WI0fie4u2UXIPJOVGJz6/Z4GMjChHDpE8xMcGGRnzS/AUEvsFn98zPBPbwmtR4MLGF6Rj7vw==
.d.pr/ Name: __hstc
Value: 23916709.c402686c97a0f39bad75bf3ea18412a0.1696258693973.1696258693973.1696258693973.1
.d.pr/ Name: hubspotutk
Value: c402686c97a0f39bad75bf3ea18412a0
.d.pr/ Name: __hssrc
Value: 1
.d.pr/ Name: __hssc
Value: 23916709.1.1696258693973
.hubspot.com/ Name: __cf_bm
Value: jjgK2.OtPWS7ojXaS7xi1UWvrTGZDEBSKheB6XSAdhw-1696258694-0-AVIBwWhqYz78VbZ7IInz3zs5A4xIPqaPfd4KLCJXKlSeBd3jSiLATOIHeL3LSO0i+ZHl2jApx6qeKK4uqMiTWN0=

2 Console Messages

Source Level URL
Text
network error URL: https://www.google-analytics.com/gtm/optimize.js?id=GTM-N36GL2J
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://snowsoftware.d.pr/f/lqq7an
Message:
The resource https://cdn-assets.droplr.net/dist/bundle.2023-09-28-7be7e55f.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://snowsoftware.d.pr https://snowsoftware.d.pr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.raaft.io
cdn-assets.droplr.net
cdn-sec.droplr.net
d.pr
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
region1.google-analytics.com
snowsoftware.d.pr
stats.g.doubleclick.net
track.hubspot.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
18.66.122.124
18.66.97.71
2001:4860:4802:34::36
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:bf59
2606:4700::6811:fba8
2606:4700::6813:9b53
2606:4700:e0::ac40:660b
2a00:1450:4001:80b::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2013
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9d
52.38.139.79
00adf1ad87486afb8f0c9692a95ba1706bcecef93828462beb8eb7a0675ac47c
036e08253b0ab4b9c91b76842b6c4a5698c3cd62f93761be3db32f9b3e1020a0
07d6b00cd884b1db490a69fcb259a29992100d609e05b29fd8fcf012eec9f508
1b95891b6ca03582444fe88202d8cfd12a363627ff01e80a984206e89133cfad
1f73a473bd4129c0bbc6a2accb89bb6e886fd68bf0bcb1b65a95090f60069721
23d48168fad4205ad6cb6a6c714699f2c60c9add5fde836886cb2a0caf9800fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4594398c8bd163d48589dc3f694f3b33a89128644f4b48b3e21e27becca97b2c
5a836375250b0b20dacd486ac1d5d7287341b0ac0d4796defab93a4ab5dd03dc
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdfe82f9a2e4934b3af7e405d994f695ac5acf70e3c2632bbc44243747a5dc9
734e23a0fd1132e140182fe6aa0217ebca9a356acdb476319e4145eb95d6113f
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8d07a8aae13574a7cc9125e34cf57ba0ab69eb4dc17f8f04c61c28c52fe65467
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45
a66f5266f23a7821e1bab4321ab32ceb328927c6d28c8ec09c490740e2dd5977
b41781c24d67fe36e893e08de5c9c11ec07db9fc95d274af96ad56fa4aba4cbc
b7713e90927b19fa636fb5700303752591552a3890172fe9497d459fb6ea31ad
bcd4bb0c4cb0414b9b235e0bc8e91ca48f1fc5dd10772621a442d20b373b4d2d
c3d039cf049efeb09f67f410d01fa42a5bcaa66a784f23b89755e346fa0e2c30
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9deadd1b8c02ce5a952145890d6460c8bc110753c3c2549186b18a3d704600b
eb69b445455d862e1bc2830328bba3f73db6e9762d2031a07572af7db00c8d31