urlscan.io logo urlscan.io
SecurityTrails logo

jdownie.d.pr Open in urlscan Pro
34.209.96.48  Public Scan

Go To Rescan Add Verdict Report
URL: https://jdownie.d.pr/0q66Su
Submission: On February 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 35 HTTP transactions. The main IP is 34.209.96.48, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is jdownie.d.pr.
TLS certificate: Issued by Amazon on October 6th 2021. Valid for: a year.
This is the only time jdownie.d.pr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 34.209.96.48 16509 (AMAZON-02)
4 99.86.4.37 16509 (AMAZON-02)
8 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
35 16
3    34.209.96.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-96-48.us-west-2.compute.amazonaws.com
jdownie.d.pr
d.pr
4    99.86.4.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-37.fra6.r.cloudfront.net
cdn-assets.droplr.net
8    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
app.raaft.io
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
8 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 800
177 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
5 KB
4 droplr.net
cdn-assets.droplr.net
2 MB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4676
track.hubspot.com — Cisco Umbrella Rank: 2223
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
55 KB
3 gstatic.com
fonts.gstatic.com
39 KB
3 d.pr
jdownie.d.pr
d.pr — Cisco Umbrella Rank: 489331
39 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
431 B
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4922
22 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2042
16 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2019
20 KB
1 raaft.io
app.raaft.io — Cisco Umbrella Rank: 798564
3 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2180
898 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
46 KB
35 14
Domain Requested by
8 use.fontawesome.com jdownie.d.pr
use.fontawesome.com
d.pr
4 fonts.googleapis.com jdownie.d.pr
d.pr
4 cdn-assets.droplr.net jdownie.d.pr
d.pr
3 www.google-analytics.com www.googletagmanager.com
cdn-assets.droplr.net
3 fonts.gstatic.com fonts.googleapis.com
2 api.hubspot.com cdn-assets.droplr.net
2 d.pr jdownie.d.pr
cdn-assets.droplr.net
1 track.hubspot.com jdownie.d.pr
1 stats.g.doubleclick.net cdn-assets.droplr.net
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 app.raaft.io d.pr
1 js.hs-scripts.com www.googletagmanager.com
1 www.googletagmanager.com d.pr
1 jdownie.d.pr
35 16

This site contains no links.

Subject Issuer Validity Valid
droplr.com
Amazon		 2021-10-06 -
2022-11-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
app.raaft.io
GTS CA 1D4		 2022-02-09 -
2022-05-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh

This page contains 2 frames:

Primary Page: https://jdownie.d.pr/0q66Su
Frame ID: 6A97F7930CB1F7C133E443DFC98A61C2
Requests: 10 HTTP requests in this frame

Frame: https://d.pr/0q66Su
Frame ID: 4B28DB23CE2A5D6EC87A52AF12A69CC5
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ARE_RTP_Brochure_v1.3.pdf - Droplr

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

35
Requests

100 %
HTTPS

87 %
IPv6

14
Domains

16
Subdomains

16
IPs

3
Countries

2758 kB
Transfer

9211 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0q66Su
jdownie.d.pr/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.96.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-96-48.us-west-2.compute.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
d895a9b70174549f9075aa217d51a05b8aab108f99fa7ccd9c0e16551313f3bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://jdownie.d.pr https://jdownie.d.pr

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 18 Feb 2022 14:56:39 GMT
content-type
text/html; charset=utf-8
content-length
6122
server
nginx/1.17.8
content-security-policy
frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://jdownie.d.pr https://jdownie.d.pr
etag
W/"17ea-L30+iO9Fee0hx4sdc5kCYJhed7U"
bundle.2022-01-18-8f835d17.js
cdn-assets.droplr.net/dist/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/bundle.2022-01-18-8f835d17.js
Requested by
Host: jdownie.d.pr
URL: https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
5420c6f4654c8a0adbd035e28bae582358e128a92214ee7cdc0c064fdd8f1ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jdownie.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 09:38:24 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 11:16:13 GMT
server
nginx/1.17.8
age
1142295
etag
W/"3d7f9a-17e6ce6d048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
YEU0R7PnixtZMFC1_7zXMc5XEfKC3WbDy9VZqpG-0wBKJbH_ZxLekw==
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
app.2022-01-18-8f835d17.css
cdn-assets.droplr.net/dist/style/ 		219 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/style/app.2022-01-18-8f835d17.css
Requested by
Host: jdownie.d.pr
URL: https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
cfe2d87d28c29d31f158859b14dd6622e6a0e29211e966227f5e1bff9fbaaab1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jdownie.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 03:10:40 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 11:16:13 GMT
server
nginx/1.17.8
age
1165559
etag
W/"36ddd-17e6ce6d048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
PCaVlRnyfwqyoXeHAtcENHrf8h_DA0z-NoaD4eXYL-xt-RkdaKq4vg==
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
dfa16d9872.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.js
Requested by
Host: jdownie.d.pr
URL: https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jdownie.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4552
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3KPZ13V6ZBAB897S
x-amz-id-2
PexU48lc5+24a3JB4XhmWeMkgOEsGKTlZ9xaow9e4HJm0qmztOOzG4MsuZ+tA9ZzbJ1+pBVBbc8=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"c8b10da870c9c32e92ca93daaf3395cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmZoRkiZjtCEAHrAt%2Fg8Zc4Rdx1gxNr06Jv%2F5yC6%2FbaCWzPyHG19IFDxU5ERL1lhST42zwqTMg274mEsE5e9uNnyvlAjcP7i6mWTYJP2jgZMPAJAIwjfxXGWaS9NZu5%2BCZXCSMsnc%2FRLaZxPZ9pKifBX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
6df81a79cbe283b5-MXP
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Requested by
Host: jdownie.d.pr
URL: https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9cfa20e80b57ff8c1d86e8b38b55f50e34e9f905ed6ab05217e92f8232865bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jdownie.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 14:56:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Feb 2022 14:56:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Feb 2022 14:56:39 GMT
css
fonts.googleapis.com/ 		30 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500
Requested by
Host: jdownie.d.pr
URL: https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
515d98d9fc41152e158cc024280aa6ec952f48fd02fb0b4d358f97798e6abd03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jdownie.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 14:56:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Feb 2022 14:56:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Feb 2022 14:56:39 GMT
dfa16d9872.css
use.fontawesome.com/ 		1 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jdownie.d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4553
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G54PHPPKVTB9PPJT
x-amz-id-2
3tfRI5Hdsf/f+ASyFt4tI8eAcsd/Tasgtj50dZiqdkn2S36DpG6bykoJPyT/ywhsrpy/bYlfBTI=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"a4b6d93743fb746387a1c530958fd725"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fa0cT1ePwbF4uSem5gReuXm3zYGwoO%2B7AkSxYksCprHgjHDnIH4jHC691Xfg8JnKxQR0iOaE355A1hxARtKBS0h4VTK57c3PZDAAsBYgx219tW0rLHLkLcfd82yWEoUZv%2FF7dEgIg2qm1KanvCBQlFU9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6df81a7a1c9e83b5-MXP
0q66Su
d.pr/ Frame 4B28 		30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.pr/0q66Su
Requested by
Host: jdownie.d.pr
URL: https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.96.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-96-48.us-west-2.compute.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
aafb7dc0e81939095c567d45a34ce00010e54ee3382dc0feaf0fba6fe7848ab5
Security Headers
Name Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://jdownie.d.pr https://jdownie.d.pr

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jdownie.d.pr/

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-type
text/html; charset=utf-8
content-length
30786
server
nginx/1.17.8
content-security-policy
frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://jdownie.d.pr https://jdownie.d.pr
etag
W/"7842-0kJIBhust7PhaXfJgZiOCI1AaGs"
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jdownie.d.pr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:56:27 GMT
x-content-type-options
nosniff
age
172813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 14:56:27 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/dfa16d9872.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9564899
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HSY1S6ME5S1M80SK
x-amz-id-2
lcajIKKTOtsfDiAupMBNvuawXbJlKOvfmY7RxDLpKFECAFaQnueLLH8Ci48yubYpNlc4QSzTIso=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urI%2FZYVcAHdmRMLFRG9%2FUW57LPpb75FZklNOAtKto6yJEaWIOFaC2CpRkhwY%2Fcjy25G%2FeFShYxlykxfPGJVUttF7Feo2vabbL64PXva97gG%2BSDozDG0DZi8OTlBkpvKuj%2FAFKNsLda4n5ziT7eeCaCPB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6df81a7a4ac75a3d-MXP
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/dfa16d9872.css
Origin
https://jdownie.d.pr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YCW507FM76K9ADBG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
4kBN5CXDNq2Wr8TxKchpbb3/yHkUydReKwM5ngD5V3axqvIlACgxl04LiGUPIjKypuBln69q75A=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaCXkmVfkYngyQJgFPjQuk9M%2FBTRE1If%2B3UNUZhVOeAFLtoAkMDCrLJAlHtbOvGS386N8cozsG20sUuvSgceqxQH9PuB9U5WeQukFLMtfBGZh%2Fbo0zRKzZrlE4AiMDzdw884hKQvweHr%2FjmqCdGH3s4R"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6df81a7b0e5459c5-MXP
bundle.2022-01-18-8f835d17.js
cdn-assets.droplr.net/dist/ Frame 4B28 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/bundle.2022-01-18-8f835d17.js
Requested by
Host: d.pr
URL: https://d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
5420c6f4654c8a0adbd035e28bae582358e128a92214ee7cdc0c064fdd8f1ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 09:38:24 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 11:16:13 GMT
server
nginx/1.17.8
age
1142296
etag
W/"3d7f9a-17e6ce6d048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
IuDlcxR6UBPmXkNSeubQkju3kTwh1KuHTQoTKMRzkmfximdeoHMP0w==
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
app.2022-01-18-8f835d17.css
cdn-assets.droplr.net/dist/style/ Frame 4B28 		219 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/style/app.2022-01-18-8f835d17.css
Requested by
Host: d.pr
URL: https://d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
cfe2d87d28c29d31f158859b14dd6622e6a0e29211e966227f5e1bff9fbaaab1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 03:10:40 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 11:16:13 GMT
server
nginx/1.17.8
age
1165560
etag
W/"36ddd-17e6ce6d048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
cnQcJq23iLDKwtIZLxjrfHytpWKbd4G4ivJLBl3xduAf23wPAEYs7A==
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
dfa16d9872.js
use.fontawesome.com/ Frame 4B28 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.js
Requested by
Host: d.pr
URL: https://d.pr/0q66Su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4553
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3KPZ13V6ZBAB897S
x-amz-id-2
PexU48lc5+24a3JB4XhmWeMkgOEsGKTlZ9xaow9e4HJm0qmztOOzG4MsuZ+tA9ZzbJ1+pBVBbc8=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"c8b10da870c9c32e92ca93daaf3395cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1s%2ByQ%2FXt72VYeSYPr0TKmpT%2Bri33MmNG7wrQPYKZdkfSE4gZpNr4wYG1Qo2jObNLESEjLcYT9a9EAuCfcE7an4QuUP%2B2dq64VayHPTQfk%2F5AqFaUvCVKgShGpaLuWUhCbL4wsipmt0lrYsfpPf%2FmyjF"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
6df81a7c28355a3d-MXP
css
fonts.googleapis.com/ Frame 4B28 		11 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Requested by
Host: d.pr
URL: https://d.pr/0q66Su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9cfa20e80b57ff8c1d86e8b38b55f50e34e9f905ed6ab05217e92f8232865bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 14:56:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Feb 2022 14:56:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Feb 2022 14:56:40 GMT
css
fonts.googleapis.com/ Frame 4B28 		30 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500
Requested by
Host: d.pr
URL: https://d.pr/0q66Su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
515d98d9fc41152e158cc024280aa6ec952f48fd02fb0b4d358f97798e6abd03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 14:56:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Feb 2022 14:56:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Feb 2022 14:56:40 GMT
gtm.js
www.googletagmanager.com/ Frame 4B28 		151 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Requested by
Host: d.pr
URL: https://d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27deb64c48847c9aa8d3704f6f08db4322671be53fe94a3b7f0331d1652c709a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46885
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Feb 2022 14:56:40 GMT
dfa16d9872.css
use.fontawesome.com/ Frame 4B28 		1 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4553
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G54PHPPKVTB9PPJT
x-amz-id-2
3tfRI5Hdsf/f+ASyFt4tI8eAcsd/Tasgtj50dZiqdkn2S36DpG6bykoJPyT/ywhsrpy/bYlfBTI=
last-modified
Thu, 01 Jul 2021 15:46:56 GMT
server
cloudflare
etag
W/"a4b6d93743fb746387a1c530958fd725"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MmDt0ZLEiacQWxyMge3AWEeAitENfr24M6xyw9PKzOZ7ziEqpdKB74YSED%2FAL6ySabTVI394tztDaekQzQBnrpqkaRCHUMILBXGHIxsB0Nfcs3X%2BPHKJDYUdKHVuEHq7F1e99dbcM%2BdZdMuceNFj3Bb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6df81a7c791f5a3d-MXP
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ Frame 4B28 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/dfa16d9872.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9564899
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HSY1S6ME5S1M80SK
x-amz-id-2
lcajIKKTOtsfDiAupMBNvuawXbJlKOvfmY7RxDLpKFECAFaQnueLLH8Ci48yubYpNlc4QSzTIso=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zgc3VB4gktXFDtrbeGQTVIeGh0KcgTR82EjqpTxj2WZhh7s0eHbcZOAB1BAxHQAm8qoKzVv1Sqy%2FrknEFsrgBfhdC2NWdn6EVSt53VEFYIdtzeqgY1Q14zzMDcBzJmefmGMSQZGQ91CiCS%2BGUgzW7P%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6df81a7cb9c25a3d-MXP
optimize.js
www.google-analytics.com/gtm/ Frame 4B28 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-N36GL2J
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9bdb1cbcf14ca4b46fbfe660c1b1d60c3be2124d84ca0d4c6e9edac49b9a24b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35684
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Feb 2022 14:56:40 GMT
2285731.js
js.hs-scripts.com/ Frame 4B28 		1 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2285731.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39ba10b82272b9503de58bb748c47f3e95a47da24b38ef35edbf3a52a7780bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
45
cf-polished
origSize=1422
x-hubspot-correlation-id
5b0a6530-c5e9-45c3-aef6-2db91096ba93
last-modified
Fri, 18 Feb 2022 14:55:55 GMT
server
cloudflare
x-trace
2B6FA0EAAF51AFB2C8496BC2E53C2E14994073A366000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://d.pr
expires
Fri, 18 Feb 2022 14:57:40 GMT
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6df81a7d3bbe59d7-MXP
cf-bgj
minify
view
d.pr/api/drops/0q66Su/ Frame 4B28 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pr/api/drops/0q66Su/view
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2022-01-18-8f835d17.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.96.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-96-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a8b13a13b9091fd1dae2844d801d9515945d7f6cd80f98edace060196760a7f5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://d.pr/0q66Su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Feb 2022 14:56:40 GMT
content-type
application/json; charset=utf-8
etag
W/"4cf-cfoz4XY3rm+QKaVzy8zDbwPLTfI"
content-length
1231
strict-transport-security
max-age=31557600; includeSubDomains
access-control-expose-headers
X-Droplr-Authorization,x-droplr-errorcode,x-droplr-errordetails,X-Has-More,X-Results-Count
include.js
app.raaft.io/ Frame 4B28 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.raaft.io/include.js?appId=A7H0mjU0vLzU6VCSE75V
Requested by
Host: d.pr
URL: https://d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5f2b2d6fca7624e3fbad02a3f044b3136008a97657b7d3ef855dc1a5b4e50afe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"206c-49773873e8"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
925ec7747829cf193fe3dcdf26c67e8c
cache-control
public, max-age=0
date
Fri, 18 Feb 2022 14:56:40 GMT
x-dns-prefetch-control
off
content-length
2316
x-xss-protection
1; mode=block
truncated
/ Frame 4B28 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bc6dd3afa1a82084ecb5fee4859b310577940b577d4eba7c258c4b441909acc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4B28 		883 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7713e90927b19fa636fb5700303752591552a3890172fe9497d459fb6ea31ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 4B28 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d.pr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 21:39:33 GMT
x-content-type-options
nosniff
age
321427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 14 Feb 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 4B28 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d.pr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:56:27 GMT
x-content-type-options
nosniff
age
172813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 14:56:27 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ Frame 4B28 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/dfa16d9872.css
Origin
https://d.pr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12542938
cf-ray
6df81a7ecf0059c5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
w9SYYAXoIpV8ozzevRjxRNe/GEXTamKmJuCkKxY06ui2foddcHa41EBGQVkLjpw1Wl1f9wd+dOA=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE00lLtYgzFpfXNhjJXCq9rMbg6ge0smiHdxf5N0ZUDWanFu9a7HLWEP5oTGwj0ub3oQz3l4XhnQBsFxjfiu5e6d2dSZTOuqsQRi45dH3CmoPSZOz8okAlhLPiZrNU08L2%2B5k01a%2FElcaRZT4ygwwohX"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
CABRJ2X4Z0W9JZS5
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
application/font-woff2
2285731.js
js.hs-analytics.net/analytics/1645196100000/ Frame 4B28 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1645196100000/2285731.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
650ebacb574b948c44604bad95d343aad4f47c2732b8258caeddb7737ba9055f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
cf-cache-status
HIT
age
44
x-amz-server-side-encryption
AES256
x-amz-request-id
B0VC5BEZF78T4G7Q
x-amz-id-2
GRdhPbtlmZOmrgMI9G37nW9ADgg1315nike0N/+OTLs17Yud8azz4g3pQf6jEMO7lTMnp7prwHw=
last-modified
Mon, 19 Jul 2021 14:22:04 GMT
server
cloudflare
etag
W/"d572de9fdccbf1b1a4afd2d1b0b4c853"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-ray
6df81a7f2ff783b2-MXP
expires
Fri, 18 Feb 2022 15:00:56 GMT
2285731.js
js.hs-banner.com/ Frame 4B28 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2285731.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6707ec7d090573943f18c7a21d74742963c9d133c4387ef6b8d597651b58401

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
content-encoding
br
cf-cache-status
HIT
age
43
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
F5CB2NMVQTXGVZP9
x-amz-id-2
Ct4LSehG4SBOv9/Fu42+XKA3Ta9twpN3sJDriWPB5nVQY09Tgd+YqrBCyLbHNHkWXndA47fKsVk=
timing-allow-origin
*
last-modified
Thu, 17 Feb 2022 20:46:17 GMT
server
cloudflare
etag
W/"e970d9b69781aa125fd13d613e204fa1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
qlkG936qxocTyAwD1jMZRVZeOfJN2CHL
access-control-allow-origin
https://d.pr
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6df81a7f2c5d59bf-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 18 Feb 2022 15:00:56 GMT
conversations-embed.js
js.usemessages.com/ Frame 4B28 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a68281c1d759e7214cb0c6699944953819e5a5bb78777e65fb87fecb6170f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:40 GMT
via
1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
104
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9643/bundles/project.js&cfRay=6df817f0cf4b59ef-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 08 Feb 2022 09:27:47 UTC
server
cloudflare
etag
W/"9bc16782e1eac254ba1de1dc1a59c460"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
28vyk6lF2op8UTN0Rmz7WbkS5SVIGQD3
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6df81a7f293a3759-MXP
x-amz-cf-id
a5OBXervIInTxrQR7mazlGI1hfF-ls0ZRWrSXTIF7r2Shack2PG34w==
x-hs-target-asset
conversations-embed/static-1.9643/bundles/project.js
analytics.js
www.google-analytics.com/ Frame 4B28 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4907
date
Fri, 18 Feb 2022 13:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 18 Feb 2022 15:34:53 GMT
collect
www.google-analytics.com/j/ Frame 4B28 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1602514277&t=pageview&_s=1&dl=https%3A%2F%2Fd.pr%2F0q66Su&dr=https%3A%2F%2Fjdownie.d.pr%2F&ul=en-us&de=UTF-8&dt=ARE_RTP_Brochure_v1.3.pdf%20-%20Droplr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAAC~&jid=904452013&gjid=1028143022&cid=1505383018.1645196201&tid=UA-8563674-4&_gid=886647990.1645196201&_r=1&gtm=2wg2g05M6G29M&z=596119044
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2022-01-18-8f835d17.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d.pr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 14:56:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d.pr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 4B28 		1 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8563674-4&cid=1505383018.1645196201&jid=904452013&gjid=1028143022&_gid=886647990.1645196201&_u=YEBAAEAAQAAAAC~&z=1444640445
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2022-01-18-8f835d17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d.pr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Feb 2022 14:56:40 GMT
content-type
text/plain
access-control-allow-origin
https://d.pr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
public
api.hubspot.com/livechat-public/v1/message/ Frame 4B28 		253 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.9643&mobile=false&messagesUtk=7a976c50406445f3b6543b931d09e538&traceId=7a976c50406445f3b6543b931d09e538&referrer=https%3A%2F%2Fjdownie.d.pr%2F
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2022-01-18-8f835d17.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd681fdf1bd671e4de5201a63ae35a7195df068df2fd1b7957648a60cfa6db86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer
https://d.pr/
Accept-Language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://d.pr/0q66Su

Response headers

date
Fri, 18 Feb 2022 14:56:41 GMT
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
56f0bc18-9599-4111-8540-09559708bf69
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
253
server
cloudflare
x-trace
2BDBD363C8EE3469436E85EC3D9C4FBE690DB06BAE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDPgvAHE%2FZDNCNybESogVSgelsmXfc67Ya4bPspnJPYKcFKqIqZwtDcL2Kg23t522JPYOL60Vly3PjMe%2F0Vmz9SmnG8bavmLQE507w%2BSlOQDrKHB4KOEBgnXn%2Fcq3KHvtXo%2BpLuVeTQkfxsHPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://d.pr
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
6df81a8148623757-MXP
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.9643&mobile=false&messagesUtk=7a976c50406445f3b6543b931d09e538&traceId=7a976c50406445f3b6543b931d09e538&referrer=https%3A%2F%2Fjdownie.d.pr%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://d.pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Feb 2022 14:56:41 GMT
content-type
text/plain; charset=utf-8
content-length
18
cf-ray
6df81a7fde883749-MXP
access-control-allow-origin
https://d.pr
allow
HEAD,GET,OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cf-cache-status
DYNAMIC
access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id
86ae2571-6c57-425d-8f34-f04cd6edfc79
x-trace
2B0D847962E8BF914022D3131431B593FF483BDFA1000000000000000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYgwRBT2jnvvTkAbHKEgzc6ZkZGl3EOIQ915I46faywcXnTKSh6m8ES7b0SarSA%2Ffgy3wnO%2F07qpDdey0rxQMQfXwadxV7LQQFsv3VZfu7QzzBuaZWnDjtgcoaXT%2FDmRiEU9OvS4gpeTkTLeVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
__ptq.gif
track.hubspot.com/ Frame 4B28 		45 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=2285731&r=https%3A%2F%2Fjdownie.d.pr%2F&pu=https%3A%2F%2Fd.pr%2F0q66Su&t=ARE_RTP_Brochure_v1.3.pdf+-+Droplr&cts=1645196200877&vi=eacdfca975e5551880e95a64bad89ac8&nc=true&u=23916709.eacdfca975e5551880e95a64bad89ac8.1645196200874.1645196200874.1645196200874.1&b=23916709.1.1645196200874&cc=15
Requested by
Host: jdownie.d.pr
URL: https://jdownie.d.pr/0q66Su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d.pr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 14:56:41 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
2d2dac3d-19d1-4866-b3f0-798faecd0349
cf-ray
6df81a7fd88559d1-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BIclDqWONvRdum82%2FkLLBlVbpdbJe4GSwSahoVrqlDX%2BVL2DB7FqZlu2RX%2FoWZnNgMZfjwfg8%2FUXJuqHhvnR3Rx8oQXw9g%2BVOdasAYLuuls%2F0CN8M4wj3mUWZyXIaZgmE9nAdU34QAfEURvrR1b"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| FontAwesomeCdnConfig string| cssUrl object| iframe string| host string| covideoHost

12 Cookies

Domain/Path Name / Value
jdownie.d.pr/ Name: AWSALB
Value: ufMZfMqldQhPDQa1/ffqQgYADffqezKuR9RFrxVb3KUBA757teqlpD+Si4OCIf8UMGBxY/X38d/pG3juSSI0j0jJI3/QE71j2Of+nsizwlw3pSaTQTYf+u0HpCqK
jdownie.d.pr/ Name: AWSALBCORS
Value: ufMZfMqldQhPDQa1/ffqQgYADffqezKuR9RFrxVb3KUBA757teqlpD+Si4OCIf8UMGBxY/X38d/pG3juSSI0j0jJI3/QE71j2Of+nsizwlw3pSaTQTYf+u0HpCqK
.d.pr/ Name: _ga
Value: GA1.2.1505383018.1645196201
.d.pr/ Name: _gid
Value: GA1.2.886647990.1645196201
.d.pr/ Name: _gat_UA-8563674-4
Value: 1
d.pr/ Name: AWSALB
Value: zsHLNRMnd8ppL53IlENwQdvlYI7hIMipF7ANcknUhpqWD8UnjKnEdi1F1ApxAirtpszf6velTc2DvaqCD4MS3uP4sxvSep87dM5obDels91eL/ihnHCoNo2fFyC1JNgtIJbW/N28AKV8Zi5KR48lqsg9hiQiPfFFynWQljcq8LTsTkFqH/dMYk+iPjN9QA==
d.pr/ Name: AWSALBCORS
Value: zsHLNRMnd8ppL53IlENwQdvlYI7hIMipF7ANcknUhpqWD8UnjKnEdi1F1ApxAirtpszf6velTc2DvaqCD4MS3uP4sxvSep87dM5obDels91eL/ihnHCoNo2fFyC1JNgtIJbW/N28AKV8Zi5KR48lqsg9hiQiPfFFynWQljcq8LTsTkFqH/dMYk+iPjN9QA==
.d.pr/ Name: __hstc
Value: 23916709.eacdfca975e5551880e95a64bad89ac8.1645196200874.1645196200874.1645196200874.1
.d.pr/ Name: hubspotutk
Value: eacdfca975e5551880e95a64bad89ac8
.d.pr/ Name: __hssrc
Value: 1
.d.pr/ Name: __hssc
Value: 23916709.1.1645196200874
.hubspot.com/ Name: __cf_bm
Value: ARYqCNRRXrXrmAsV_DiC5oe6FgzyNuadnXbzeZhkI88-1645196201-0-AQKzVDdCNFabi70IW0h4wZ3DAlIYp1xmiAcDcA/Nf6Y6/SHZ3368i9G/b9GIy1e7S/WAzYi0eKq8n/QwxDQmlBo=

1 Console Messages

Source Level URL
Text
javascript warning URL: https://jdownie.d.pr/0q66Su
Message:
The resource https://cdn-assets.droplr.net/dist/bundle.2022-01-18-8f835d17.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://jdownie.d.pr https://jdownie.d.pr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.raaft.io
cdn-assets.droplr.net
d.pr
fonts.googleapis.com
fonts.gstatic.com
jdownie.d.pr
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
stats.g.doubleclick.net
track.hubspot.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
2606:4700::6811:45b0
2606:4700::6811:d4cc
2606:4700::6811:efcc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:803::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2013
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9c
2a06:98c1:3120::7
34.209.96.48
99.86.4.37
27deb64c48847c9aa8d3704f6f08db4322671be53fe94a3b7f0331d1652c709a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3bc6dd3afa1a82084ecb5fee4859b310577940b577d4eba7c258c4b441909acc
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43a68281c1d759e7214cb0c6699944953819e5a5bb78777e65fb87fecb6170f6
515d98d9fc41152e158cc024280aa6ec952f48fd02fb0b4d358f97798e6abd03
5420c6f4654c8a0adbd035e28bae582358e128a92214ee7cdc0c064fdd8f1ecc
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5f2b2d6fca7624e3fbad02a3f044b3136008a97657b7d3ef855dc1a5b4e50afe
650ebacb574b948c44604bad95d343aad4f47c2732b8258caeddb7737ba9055f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45
9bdb1cbcf14ca4b46fbfe660c1b1d60c3be2124d84ca0d4c6e9edac49b9a24b7
9cfa20e80b57ff8c1d86e8b38b55f50e34e9f905ed6ab05217e92f8232865bd1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8b13a13b9091fd1dae2844d801d9515945d7f6cd80f98edace060196760a7f5
aafb7dc0e81939095c567d45a34ce00010e54ee3382dc0feaf0fba6fe7848ab5
b7713e90927b19fa636fb5700303752591552a3890172fe9497d459fb6ea31ad
c6707ec7d090573943f18c7a21d74742963c9d133c4387ef6b8d597651b58401
cfe2d87d28c29d31f158859b14dd6622e6a0e29211e966227f5e1bff9fbaaab1
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a
d895a9b70174549f9075aa217d51a05b8aab108f99fa7ccd9c0e16551313f3bc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd681fdf1bd671e4de5201a63ae35a7195df068df2fd1b7957648a60cfa6db86
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
f39ba10b82272b9503de58bb748c47f3e95a47da24b38ef35edbf3a52a7780bb