urlscan.io logo urlscan.io
SecurityTrails logo

d.pr Open in urlscan Pro
52.24.108.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://d.pr/i/XB1Gle&#43
Effective URL: https://d.pr/i/XB1Gle&
Submission: On July 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 24 HTTP transactions. The main IP is 52.24.108.221, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is d.pr.
TLS certificate: Issued by Amazon on December 3rd 2019. Valid for: a year.
This is the only time d.pr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 52.24.108.221 16509 (AMAZON-02)
2 13.224.194.100 16509 (AMAZON-02)
4 23.111.9.35 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
24 16
3    52.24.108.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-108-221.us-west-2.compute.amazonaws.com
d.pr
2    13.224.194.100 (Seattle, United States)

ASN16509 (AMAZON-02, US)
cdn-assets.droplr.net
4    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
app.raaft.io
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Domain Requested by
4 use.fontawesome.com d.pr
use.fontawesome.com
3 fonts.gstatic.com d.pr
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
3 d.pr 1 redirects cdn-assets.droplr.net
2 fonts.googleapis.com d.pr
2 cdn-assets.droplr.net d.pr
1 track.hubspot.com
1 api.hubspot.com cdn-assets.droplr.net
1 app.raaft.io d.pr
1 stats.g.doubleclick.net d.pr
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-scripts.com www.googletagmanager.com
1 www.googletagmanager.com d.pr
24 15

This site contains no links.

Subject Issuer Validity Valid
droplr.com
Amazon		 2019-12-03 -
2021-01-03		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
app.raaft.io
GTS CA 1D2		 2020-07-03 -
2020-10-01		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-05 -
2021-07-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://d.pr/i/XB1Gle&
Frame ID: B51200E895DB8C6C242563648332A350
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://d.pr/i/XB1Gle& HTTP 302
    https://d.pr/i/XB1Gle& Page URL

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

14
Domains

15
Subdomains

16
IPs

3
Countries

1290 kB
Transfer

4234 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://d.pr/i/XB1Gle& HTTP 302
    https://d.pr/i/XB1Gle& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2133079553&t=pageview&_s=1&dl=https%3A%2F%2Fd.pr%2Fi%2FXB1Gle%26&ul=en-us&de=UTF-8&dt=Home%20%E2%80%A2%20Droplr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=1713851796&gjid=598265625&cid=1008246451.1594833984&tid=UA-8563674-4&_gid=1109730357.1594833984&_r=1&gtm=2wg7835M6G29M&z=612832735 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8563674-4&cid=1008246451.1594833984&jid=1713851796&_gid=1109730357.1594833984&gjid=598265625&_v=j83&z=612832735

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XB1Gle&
d.pr/i/
Redirect Chain
  • http://d.pr/i/XB1Gle&
  • https://d.pr/i/XB1Gle&
25 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.108.221 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-108-221.us-west-2.compute.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
ba62eced9442707ab00e548b76aecbb362fe9a2ec27c37794e62e10873ae8a87

Request headers

:method
GET
:authority
d.pr
:scheme
https
:path
/i/XB1Gle&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AWSALB=pfZ4DYJ2AeVIacw5QNjA+gp4q5zlTiEOwZNVu5/e5GY/r7jAJXkcxRFvFB8Aak5dvZDxW4CITEN7djJ5A1t0W6NNwX8RSKquqFSEJ6YVjxLjxo+0JpuVEYhnUgoZ; AWSALBCORS=pfZ4DYJ2AeVIacw5QNjA+gp4q5zlTiEOwZNVu5/e5GY/r7jAJXkcxRFvFB8Aak5dvZDxW4CITEN7djJ5A1t0W6NNwX8RSKquqFSEJ6YVjxLjxo+0JpuVEYhnUgoZ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 15 Jul 2020 17:26:23 GMT
content-type
text/html; charset=utf-8
content-length
25957
set-cookie
AWSALB=B0slBrw5m74lPcJkb8ATLxMr81KOfFA2pinab8f4D+qpCyiUF2xTtvhAkoJYRtF0GOGgRQ7m8S6MWxYV/HrvIPJztvrAga9GTBXwD1dil4nbMZ5I7xRft+616Isc; Expires=Wed, 22 Jul 2020 17:26:23 GMT; Path=/ AWSALBCORS=B0slBrw5m74lPcJkb8ATLxMr81KOfFA2pinab8f4D+qpCyiUF2xTtvhAkoJYRtF0GOGgRQ7m8S6MWxYV/HrvIPJztvrAga9GTBXwD1dil4nbMZ5I7xRft+616Isc; Expires=Wed, 22 Jul 2020 17:26:23 GMT; Path=/; SameSite=None; Secure
server
nginx/1.17.8
etag
W/"6565-FiH+BW/yJRIqGuIdPphbCVBMPCM"

Redirect headers

Date
Wed, 15 Jul 2020 17:26:22 GMT
Content-Type
text/html; charset=utf-8
Content-Length
96
Connection
keep-alive
Set-Cookie
AWSALB=pfZ4DYJ2AeVIacw5QNjA+gp4q5zlTiEOwZNVu5/e5GY/r7jAJXkcxRFvFB8Aak5dvZDxW4CITEN7djJ5A1t0W6NNwX8RSKquqFSEJ6YVjxLjxo+0JpuVEYhnUgoZ; Expires=Wed, 22 Jul 2020 17:26:22 GMT; Path=/ AWSALBCORS=pfZ4DYJ2AeVIacw5QNjA+gp4q5zlTiEOwZNVu5/e5GY/r7jAJXkcxRFvFB8Aak5dvZDxW4CITEN7djJ5A1t0W6NNwX8RSKquqFSEJ6YVjxLjxo+0JpuVEYhnUgoZ; Expires=Wed, 22 Jul 2020 17:26:22 GMT; Path=/; SameSite=None
Server
nginx/1.17.8
Location
https://d.pr/i/XB1Gle&
Vary
Accept
bundle.2020-07-07-cda3a3d3.js
cdn-assets.droplr.net/dist/ 		3 MB
974 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/bundle.2020-07-07-cda3a3d3.js
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
ce1e9ca0eba4ce4568c4b5b30c2d0410efae05b533316b0273f22289f9676404

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 06 Jul 2020 19:36:14 GMT
content-encoding
gzip
last-modified
Mon, 06 Jul 2020 19:33:40 GMT
server
nginx/1.17.8
age
769809
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
khRHMKgoaxdTuuIjYW3_bYus_aBKbjXzwkK3rMW3yahqCh5NQiO0YQ==
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
app.2020-07-07-cda3a3d3.css
cdn-assets.droplr.net/dist/style/ 		206 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/style/app.2020-07-07-cda3a3d3.css
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
d57e1f4f9be1464d3f98703bb390a35ebdf3365bfe36ba9ec9386e3fdaae670b

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 06 Jul 2020 19:36:14 GMT
content-encoding
gzip
last-modified
Mon, 06 Jul 2020 19:33:40 GMT
server
nginx/1.17.8
age
769809
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
7Efi-dcX4P7xUc3-8AxJMxU6UD7gTz5vSZepQhEmfDNMVZsBI1_SVA==
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
dfa16d9872.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.js
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 18:29:14 GMT
server
NetDNA-cache/2.2
x-amz-request-id
9CE124A8F12299D8
etag
W/"c8b10da870c9c32e92ca93daaf3395cc"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
qSypm6fZLsZHZL3CLqpAfk7C+34u65+uu3iMa+tBxx1+EaCKFerJy3gWiTnO5cNR/DzOL0IsSmc=
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48dd00d8fe53241222a7eabb424eea7e87aabdebfab05027f32c9e7df422ec18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 17:26:23 GMT
server
ESF
date
Wed, 15 Jul 2020 17:26:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Jul 2020 17:26:23 GMT
css
fonts.googleapis.com/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8cf0f3189d6cf137949086cffcdcffe61850050e2c0cf426517bdcb7511e1603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 16:11:26 GMT
server
ESF
date
Wed, 15 Jul 2020 17:26:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Jul 2020 17:26:23 GMT
gtm.js
www.googletagmanager.com/ 		127 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b5a10172088e0add64fca1f06ec6b779525f48305fae959caacbcf99e5dfe071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33586
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Jul 2020 17:26:23 GMT
dfa16d9872.css
use.fontawesome.com/ 		1 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 18:29:14 GMT
server
NetDNA-cache/2.2
x-amz-request-id
7B33BC5678E8B088
etag
W/"a4b6d93743fb746387a1c530958fd725"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
ep/ij3R9icWd3EbtDxg3MOT5J6lj17zJZig/Bzbt79nu+sII1EEX8NVlYqfc8U3bM5dXMFxyLzY=
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1805
date
Wed, 15 Jul 2020 16:56:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 15 Jul 2020 18:56:18 GMT
2285731.js
js.hs-scripts.com/ 		1 KB
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2285731.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34263c5f6c9f712b8a20a29e632570b1f4bf3242ca9d232b66f5e71c45b6d8

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1
cf-polished
origSize=1226
status
200
cf-request-id
03f51c700a000014564f3c7200000001
cf-bgj
minify
server
cloudflare
x-trace
2B525EF502CBB10F95F360A879CAA2E38681205DF3000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://d.pr
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5b35302cddba1456-FRA
expires
Wed, 15 Jul 2020 17:27:23 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2016 17:21:58 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
js
www.google-analytics.com/gtm/ 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-N36GL2J&t=gtm1&cid=1008246451.1594833984
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9ff4722c02e748113fca3b0cbad6de00f07ddd5573aedc31ea5c22cd5465af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28057
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Jul 2020 17:26:23 GMT
2285731.js
js.hs-banner.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2285731.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1092edd18d8b56061b69fa03260004ec20e99662332d5fdc7f5420409afc7ac0

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=dbX94A==, md5=63C4fO2T6XTeEmFSCVs3cw==
date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
br
cf-cache-status
HIT
age
130
x-guploader-uploadid
AAANsUnfGYCx4D3yAQafPXfgwAg6en8deAl6YF8lSRzmjc2YIuoHtyoNS-B3Q0u5IRZ6r_59c9bkakMvZwd2QuK4iBo
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
03f51c702100000625bca48200000001
timing-allow-origin
*
last-modified
Sat, 04 Jul 2020 17:57:29 GMT
server
cloudflare
etag
W/"eb70b87ced93e974de126152095b3773"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1593885449861671
access-control-allow-origin
https://d.pr
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
23309
cf-ray
5b35302d082d0625-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 15 Jul 2020 17:29:13 GMT
2285731.js
js.hs-analytics.net/analytics/1594833900000/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1594833900000/2285731.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15040fbb5332c1740dcbc36bc3392b731d8abad850ac5821f6477a7b6785b617

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
content-encoding
br
cf-cache-status
HIT
age
63
x-amz-server-side-encryption
AES256
status
200
x-amz-request-id
9T2P2X6P1V5RBQ5M
x-amz-id-2
1HOjZtOoIw6H9zhmAtBlFxkQGC+z5K3rgr81Qwu0tEm2916wESXglG3gJcPHrioQb+Opsf2prNw=
last-modified
Mon, 06 Jul 2020 17:42:49 GMT
server
cloudflare
etag
W/"4807c24ed77537cc5e26239ea8ac62d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
03f51c70210000d6dd85128200000001
cf-ray
5b35302d0f01d6dd-FRA
expires
Wed, 15 Jul 2020 17:30:20 GMT
conversations-embed.js
js.usemessages.com/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c35592b78286fb0ec123cb4d502e31f57f3cc3b9754ce178dbe748c2e2ed4a

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
via
1.1 46dd9daa6209c4a2b51ec7ba64ab699e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
21
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
03f51c7035000005ccedb8d200000001
last-modified
Mon, 13 Jul 2020 08:21:18 UTC
server
cloudflare
etag
W/"671460de5549c5febf768f68154e895f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
iEoz4qLRlrZ3A0djk9Sur0jkc9y7laGe
cache-control
max-age=600
x-amz-cf-pop
IAD79-C3
cf-ray
5b35302d2dfb05cc-FRA
x-amz-cf-id
6nZTQPYl3_15lkwLWW_v3K6s8FQxmgg6SnRgJJZXxdDq5mJVtEinZw==
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2133079553&t=pageview&_s=1&dl=https%3A%2F%2Fd.pr%2Fi%2FXB1Gle%26&ul=en-us&de=UTF-8&dt=Home%20%E2%80%A2%20Droplr&sd=24-bit&sr=1600x1200&vp=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8563674-4&cid=1008246451.1594833984&jid=1713851796&_gid=1109730357.1594833984&gjid=598265625&_v=j83&z=612832735
35 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8563674-4&cid=1008246451.1594833984&jid=1713851796&_gid=1109730357.1594833984&gjid=598265625&_v=j83&z=612832735
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 15 Jul 2020 17:26:23 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Jul 2020 17:26:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8563674-4&cid=1008246451.1594833984&jid=1713851796&_gid=1109730357.1594833984&gjid=598265625&_v=j83&z=612832735
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://use.fontawesome.com/dfa16d9872.css
Origin
https://d.pr

Response headers

date
Wed, 15 Jul 2020 17:26:23 GMT
last-modified
Mon, 17 Jul 2017 16:24:59 GMT
server
NetDNA-cache/2.2
status
200
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
77160
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a455554763fa5e9a42e6650d16b15909b010282b3c58c3322578116221f32ed3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e277ddfb07cc5fcdc359b735ea8ed63278873255844870d141ca477d14273d2e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Origin
https://d.pr

Response headers

date
Tue, 14 Jul 2020 10:00:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
113182
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
expires
Wed, 14 Jul 2021 10:00:01 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Origin
https://d.pr

Response headers

date
Thu, 11 Jun 2020 09:04:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:17 GMT
server
sffe
age
2967739
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12976
x-xss-protection
0
expires
Fri, 11 Jun 2021 09:04:04 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Origin
https://d.pr

Response headers

date
Thu, 09 Jul 2020 04:23:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:07 GMT
server
sffe
age
565394
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13108
x-xss-protection
0
expires
Fri, 09 Jul 2021 04:23:09 GMT
XB1Gle&
d.pr/api/drops/ 		104 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pr/api/drops/XB1Gle&?content-disposition=inline
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2020-07-07-cda3a3d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.108.221 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-108-221.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
36abec30b6ebb82982994d966d720479a03b920fabd7d234b8c711c7b5351d01
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 17:26:24 GMT
droplr-errordetails
Authentication scheme not supported
droplr-errorcode
Authentication.UnknownScheme
status
401
etag
W/"68-IXx1rq1Kn0gIT9jkEfRSKbxin/g"
strict-transport-security
max-age=31557600; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Droplr-Authorization,x-droplr-errorcode,x-droplr-errordetails,X-Has-More,X-Results-Count
x-droplr-errorcode
Authentication.UnknownScheme
content-length
104
x-droplr-errordetails
Authentication scheme not supported
include.js
app.raaft.io/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.raaft.io/include.js?appId=A7H0mjU0vLzU6VCSE75V
Requested by
Host: d.pr
URL: https://d.pr/i/XB1Gle&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5f2b2d6fca7624e3fbad02a3f044b3136008a97657b7d3ef855dc1a5b4e50afe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
content-length
2316
x-xss-protection
1; mode=block
last-modified
Fri, 03 Apr 2020 19:38:30 GMT
server
Google Frontend
date
Wed, 15 Jul 2020 17:26:24 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
7a08b48465e5dfbccd731a6e059b0a0c
cache-control
public, max-age=0
etag
W/"206c-171418d46f0"
public
api.hubspot.com/livechat-public/v1/message/ 		259 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.6979&mobile=false&messagesUtk=a8cc5f7c46f142bfad7be03a41c8f08f&traceId=a8cc5f7c46f142bfad7be03a41c8f08f
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2020-07-07-cda3a3d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc87141bcb257cba276f58022eeb83e9b6fd05d5411102ba1ab4bbc9e5bcfec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://d.pr/i/XB1Gle&
X-HubSpot-Messages-Uri
https://d.pr/i/XB1Gle&#43

Response headers

date
Wed, 15 Jul 2020 17:26:24 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
206
cf-request-id
03f51c7301000097c0c4be7200000001
server
cloudflare
x-trace
2B6D9796F54151C3C6E8F2A651C8EA0D2E284C71E6000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://d.pr
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
5b3530319b0797c0-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
__ptq.gif
track.hubspot.com/ 		45 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=2285731&pu=https%3A%2F%2Fd.pr%2Fi%2FXB1Gle%26%2343&t=Home+%E2%80%A2+Droplr&cts=1594833984390&vi=0bd185ebc30bc47639c390b5bf9aa7ce&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://d.pr/i/XB1Gle&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5b353032689305c4-FRA
date
Wed, 15 Jul 2020 17:26:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
03f51c7385000005c4873c2200000001
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| FontAwesomeCdnConfig string| cssUrl object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _hsq object| _paq boolean| _hstc_loaded object| _hsp boolean| _hspb_loaded object| google_optimize boolean| isIE function| detectIE function| _ object| config object| regeneratorRuntime function| setImmediate function| clearImmediate object| core object| Base64 function| raaft boolean| hubspot_live_messages_running object| HubSpotConversations boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

9 Cookies

Domain/Path Name / Value
.d.pr/ Name: __hssrc
Value: 1
.d.pr/ Name: __hstc
Value: 23916709.0bd185ebc30bc47639c390b5bf9aa7ce.1594833984388.1594833984388.1594833984388.1
.d.pr/ Name: hubspotutk
Value: 0bd185ebc30bc47639c390b5bf9aa7ce
.d.pr/ Name: _gid
Value: GA1.2.1109730357.1594833984
d.pr/ Name: AWSALBCORS
Value: c+sYy44AL26PNAhy2ZZ4BrUdDEmEqHgNRL2isiRqWyG7dp3pQMI0+zwzBxn5b+9Nc+eocDBsQqhnydAKxmHPmd1pa2lmEKbbQTwo4we3cJg6p/L9GPCZpTo7u4bXo18Gbr0rviyU7nkAPvvZsxU4747st4RT7vUMfDhdx4C1ZsSVaLv/bZadmWzeWxWbbw==
d.pr/ Name: AWSALB
Value: c+sYy44AL26PNAhy2ZZ4BrUdDEmEqHgNRL2isiRqWyG7dp3pQMI0+zwzBxn5b+9Nc+eocDBsQqhnydAKxmHPmd1pa2lmEKbbQTwo4we3cJg6p/L9GPCZpTo7u4bXo18Gbr0rviyU7nkAPvvZsxU4747st4RT7vUMfDhdx4C1ZsSVaLv/bZadmWzeWxWbbw==
.d.pr/ Name: __hssc
Value: 23916709.1.1594833984388
.d.pr/ Name: _gat_UA-8563674-4
Value: 1
.d.pr/ Name: _ga
Value: GA1.2.1008246451.1594833984

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.raaft.io
cdn-assets.droplr.net
d.pr
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
stats.g.doubleclick.net
track.hubspot.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
13.224.194.100
23.111.9.35
2606:4700::6811:47b0
2606:4700::6811:d5cc
2606:4700::6811:efcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:818::2003
2a00:1450:4001:81f::2013
2a00:1450:400c:c04::9b
52.24.108.221
08c35592b78286fb0ec123cb4d502e31f57f3cc3b9754ce178dbe748c2e2ed4a
1092edd18d8b56061b69fa03260004ec20e99662332d5fdc7f5420409afc7ac0
15040fbb5332c1740dcbc36bc3392b731d8abad850ac5821f6477a7b6785b617
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36abec30b6ebb82982994d966d720479a03b920fabd7d234b8c711c7b5351d01
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
48dd00d8fe53241222a7eabb424eea7e87aabdebfab05027f32c9e7df422ec18
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5f2b2d6fca7624e3fbad02a3f044b3136008a97657b7d3ef855dc1a5b4e50afe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cf0f3189d6cf137949086cffcdcffe61850050e2c0cf426517bdcb7511e1603
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45
a455554763fa5e9a42e6650d16b15909b010282b3c58c3322578116221f32ed3
b5a10172088e0add64fca1f06ec6b779525f48305fae959caacbcf99e5dfe071
ba62eced9442707ab00e548b76aecbb362fe9a2ec27c37794e62e10873ae8a87
ce1e9ca0eba4ce4568c4b5b30c2d0410efae05b533316b0273f22289f9676404
cf34263c5f6c9f712b8a20a29e632570b1f4bf3242ca9d232b66f5e71c45b6d8
cfc87141bcb257cba276f58022eeb83e9b6fd05d5411102ba1ab4bbc9e5bcfec
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a
d57e1f4f9be1464d3f98703bb390a35ebdf3365bfe36ba9ec9386e3fdaae670b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e277ddfb07cc5fcdc359b735ea8ed63278873255844870d141ca477d14273d2e
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f9ff4722c02e748113fca3b0cbad6de00f07ddd5573aedc31ea5c22cd5465af9
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955