urlscan.io logo urlscan.io
SecurityTrails logo

d.pr Open in urlscan Pro
35.81.41.248  Public Scan

Go To Rescan Add Verdict Report
URL: https://d.pr/v/veWMzi
Submission: On October 28 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 1 countries across 18 domains to perform 42 HTTP transactions. The main IP is 35.81.41.248, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is d.pr. The Cisco Umbrella rank of the primary domain is 745611.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 4th 2024. Valid for: a year.
This is the only time d.pr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35.81.41.248 16509 (AMAZON-02)
4 3.167.56.70 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.132.117 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.160.41.76 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
42 23
2    35.81.41.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-41-248.us-west-2.compute.amazonaws.com
d.pr
4    3.167.56.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-70.iad61.r.cloudfront.net
cdn-assets.droplr.net
4    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.85.132.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-117.iad50.r.cloudfront.net
cdn-sec.droplr.net
3    2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
3    18.160.41.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-76.iad55.r.cloudfront.net
cdn-std.droplr.net
1    2607:f8b0:4004:c08::79 (Washington, United States)

ASN15169 (GOOGLE, US)
app.raaft.io
3    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
app.hubspot.com
1    2606:4700::6812:f06c (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c21::9d (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2606:4700::6812:5b3e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn1.hubspot.net
1    2607:f8b0:4004:c06::68 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
8 droplr.net
cdn-assets.droplr.net
cdn-sec.droplr.net — Cisco Umbrella Rank: 767073
cdn-std.droplr.net — Cisco Umbrella Rank: 489688
1 MB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
381 KB
4 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 5132
app.hubspot.com — Cisco Umbrella Rank: 5859
track.hubspot.com — Cisco Umbrella Rank: 2324
3 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
88 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
3 gstatic.com
fonts.gstatic.com
47 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
5 KB
2 d.pr
d.pr — Cisco Umbrella Rank: 745611
16 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
1 hubspot.net
cdn1.hubspot.net — Cisco Umbrella Rank: 71420
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3483
787 B
1 raaft.io
app.raaft.io — Cisco Umbrella Rank: 822654
2 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2191
25 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5048
26 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3176
4 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2172
26 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2500
983 B
42 18
Domain Requested by
5 www.googletagmanager.com d.pr
www.google-analytics.com
js.hsadspixel.net
www.googletagmanager.com
4 use.fontawesome.com d.pr
use.fontawesome.com
4 cdn-assets.droplr.net d.pr
3 cdn-std.droplr.net cdn-assets.droplr.net
d.pr
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cdn-assets.droplr.net
3 fonts.gstatic.com fonts.googleapis.com
2 api.hubspot.com cdn-assets.droplr.net
2 fonts.googleapis.com d.pr
2 d.pr cdn-assets.droplr.net
1 track.hubspot.com
1 www.google.com d.pr
1 cdn1.hubspot.net js.usemessages.com
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 app.hubspot.com js.usemessages.com
1 api.hubapi.com cdn-assets.droplr.net
1 app.raaft.io d.pr
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-scripts.com www.googletagmanager.com
1 cdn-sec.droplr.net d.pr
42 23

This site contains links to these domains. Also see Links.

Domain
droplr.com
Subject Issuer Validity Valid
droplr.com
Amazon RSA 2048 M02		 2024-07-04 -
2025-08-01		 a year crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hs-scripts.com
WE1		 2024-09-26 -
2024-12-25		 3 months crt.sh
hs-banner.com
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
hsadspixel.net
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
usemessages.com
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh
hs-analytics.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
app.raaft.io
WR3		 2024-10-26 -
2025-01-24		 3 months crt.sh
hubspot.com
WE1		 2024-10-03 -
2025-01-01		 3 months crt.sh
hubapi.com
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hubspot.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://d.pr/v/veWMzi
Frame ID: 53B9279A855BE5CEDC8CEBB1FEAB6BDD
Requests: 44 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/2285731/threads/utk/c609a8bdf7d44fca9863c45721ff9be7?uuid=63e8136decb042b684dd29e3814b5af0&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=d.pr&inApp53=false&messagesUtk=c609a8bdf7d44fca9863c45721ff9be7&url=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: 84319BD584C394EF94311E0A2A5F1620
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976976893?random=1730137896548&cv=11&fst=1730137896548&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v9189449088za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&hn=www.googleadservices.com&frm=0&tiba=Screen%20Capture%20on%202024-10-25%20at%2014-55-05.mp4%20-%20Droplr&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1117382413.1730137897&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 6BD4BAF0F92AE87273CC6803D116D9D1
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fd.pr
Frame ID: C4298DDD08D04F9FD77E0D359A2B2623
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Screen Capture on 2024-10-25 at 14-55-05.mp4 - Droplr

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

42
Requests

100 %
HTTPS

82 %
IPv6

18
Domains

23
Subdomains

23
IPs

1
Countries

2050 kB
Transfer

6745 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request veWMzi
d.pr/v/ 		13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.41.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-41-248.us-west-2.compute.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
e6c6a13c55b2bd6e757d5c17c5160444ef1f0b6b8d8e6f84822f53c51033ab44
Security Headers
Name Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://d.pr https://d.pr

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
13424
content-security-policy
frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://d.pr https://d.pr
content-type
text/html; charset=utf-8
date
Mon, 28 Oct 2024 17:51:34 GMT
etag
W/"3470-ShzBbCWx24it/vNMB1qj9a31N5I"
server
nginx/1.17.8
bundle.2024-10-17-41a5d207.js
cdn-assets.droplr.net/dist/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/bundle.2024-10-17-41a5d207.js
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-70.iad61.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
6f654259374053d48c0a3c3f2bcec0103dc4b3b33b89c09897bfa2729886512f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
public, max-age=1209600
content-encoding
gzip
etag
W/"41a063-1929aad7d10"
age
385258
via
1.1 80aa189f24b00266add6baaca0818654.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
CfZK15-foUw7yxcJ8pPernxU3TRHlUmevc53gXWenhAni-nkZXwOlw==
date
Thu, 24 Oct 2024 06:50:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 17 Oct 2024 13:31:54 GMT
server
nginx/1.17.8
x-amz-cf-pop
IAD61-P5
vary
Accept-Encoding
app.2024-10-17-41a5d207.css
cdn-assets.droplr.net/dist/style/ 		225 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/style/app.2024-10-17-41a5d207.css
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-70.iad61.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
e55f844afa999a4ab5efe0657e793f9f345019d1bfb91a3eb82d962866d5be8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
public, max-age=1209600
content-encoding
gzip
etag
W/"384ab-1929aad7d10"
age
483088
via
1.1 80aa189f24b00266add6baaca0818654.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
60eRuGLdnppwT_tYpzW4gc7ajV9LMK2H5AWlkqSEibfEyKjWpbiAtA==
date
Wed, 23 Oct 2024 03:40:07 GMT
content-type
text/css; charset=UTF-8
last-modified
Thu, 17 Oct 2024 13:31:54 GMT
server
nginx/1.17.8
x-amz-cf-pop
IAD61-P5
vary
Accept-Encoding
dfa16d9872.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.js
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"c8b10da870c9c32e92ca93daaf3395cc"
age
6803
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liSB2JxyQaDbyVfLGXg3lcJ%2FQk4NAHOnoK7TezKyeEOyFEIYiGAPvCbefLAodP4a5I%2FgyN%2B%2BitMZsywwnpwje72TCDPR%2FEixzBYvnp%2FPEZcowLcuQODBqkj1Ojg%2Bx5s6fQGGQpaMTcQYLUdDbVNg9MTO"}],"group":"cf-nel","max_age":604800}
cf-ray
8d9cc65468571881-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7810&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2211&delivery_rate=497316&cwnd=254&unsent_bytes=0&cid=79d04cb0cef9f80e&ts=33&x=0"
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
text/javascript
last-modified
Fri, 22 Sep 2023 01:34:02 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f00038df031c4e23010b0f0d573ad055e5d7b57304268532b2964862b2d5347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 17:51:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 28 Oct 2024 17:51:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		53 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58676e39f8e4c8dec74942f52edbe2a0e2d492b639f1378e24e83764e719790e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 17:51:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 28 Oct 2024 17:51:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		273 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d581d842c739fb56125c5c75b9f568b7b3ad93b5e52f977dce554cba7d36fb2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 28 Oct 2024 17:51:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 16:29:15 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
88095
x-xss-protection
0
server
Google Tag Manager
dfa16d9872.css
use.fontawesome.com/ 		1 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/dfa16d9872.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"a4b6d93743fb746387a1c530958fd725"
age
6803
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEDH4vNtOFiNCjMJ%2BPu3lxFeX6PmCR%2F1eeU2unYhKfbTP0Ps%2Bk5PPT5G8jRf%2F6ywpnswsri2K66Fm913SNlDXdgjxji%2Bh%2FZkF2Z3rhOskToffLJqg8cRiD3IrG63oyKe2nvvmy4Tkx50bIAzelD5BhI3"}],"group":"cf-nel","max_age":604800}
cf-ray
8d9cc654989c1881-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8061&sent=12&recv=14&lost=0&retrans=0&sent_bytes=8295&recv_bytes=2298&delivery_rate=676515&cwnd=254&unsent_bytes=0&cid=79d04cb0cef9f80e&ts=64&x=0"
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:34:02 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://use.fontawesome.com/dfa16d9872.css

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"36082410df2ef7f83932219089dc1443"
age
436925
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FohmY4kmzaOv%2BmP%2FLlx44lyadrYYLNf3%2Bnw7VQp2N9uwcTPbWyi%2FyCqNQiA%2FcFeEgF4DNUWSMpdwep4HXu%2BuJysp3p5db6gEgRZadBrbQJRFAcbNZrlz6yxxd76CBdoTUHxPFkWlxNF%2BF7h38amgGK5c"}],"group":"cf-nel","max_age":604800}
cf-ray
8d9cc654c8db1881-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8456&sent=15&recv=16&lost=0&retrans=0&sent_bytes=9175&recv_bytes=2410&delivery_rate=676515&cwnd=254&unsent_bytes=0&cid=79d04cb0cef9f80e&ts=98&x=0"
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
vary
Accept-Encoding
server
cloudflare
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/dfa16d9872.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://d.pr
Referer
https://use.fontawesome.com/dfa16d9872.css

Response headers

cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
1044396
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xonBlsSrDnBOHuR6XC%2FlPH6dqBzOvIezseyk5de75lp0BuJvipJ93X4fnMCkKhEcyXTaXEGO23lML%2B9Md9i666Qb7leWaUFx15yvQJEe0RyTS3LlFHuweqkfL9cR1hBLHwCSCqyvpc8eQ25Z5NVHvI0Y"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10483&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3995&recv_bytes=2236&delivery_rate=265299&cwnd=253&unsent_bytes=0&cid=e17122f0d54f2e21&ts=35&x=0"
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
application/font-woff2
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9cc65559c88c1d-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
8527_b4189680-bf84-11ea-90dd-6d063630cecd
cdn-sec.droplr.net/logos/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-sec.droplr.net/logos/8527_b4189680-bf84-11ea-90dd-6d063630cecd?response-content-disposition=inline&Expires=1730137954&Key-Pair-Id=APKAJTEIOJM3LSMN33SA&Signature=XEeOTShxeh7WfKkpxDME2W~Bp1iWEfbHUsIAb1dNnupewIV9a2CG-YSXzZV1QuMV6tjmcO0BhttR8H0iMdEPPOccSEhkkZOPMYt0VcJCcql2NtnE9vr0oCuiT03fm2DUoTf34IKSti5KNJ50ZlykscIhvVROpp~rjyBwpJik9i0_
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-117.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b5b54d50b5d8212f74d0178918d1583416fa2deca30ee47400aadca7d1cc011

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

x-amz-cf-pop
IAD50-C2
etag
"8174bdeb8782f1a2534a8adf3d9a130f"
x-amz-version-id
null
age
32239
via
1.1 d01a0cfc47d6e412dd81c986ff5d69da.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
31603
x-amz-cf-id
YMkUzDF7BkaAiTHoNTYDr6-bcFBpyhJwe5BKIRnxYEgr3EkeAas_zQ==
date
Mon, 28 Oct 2024 08:54:17 GMT
content-type
image/png
last-modified
Mon, 06 Jul 2020 12:32:07 GMT
server
AmazonS3
content-disposition
inline
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://d.pr
Referer
https://fonts.googleapis.com/

Response headers

age
344315
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 18:13:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 18:13:00 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
2285731.js
js.hs-scripts.com/ 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2285731.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4ea4bb408c79e53f7e07894b8d10c842d4d03f7f46e41a76a2e50a948901c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
73
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 17:53:05 GMT
date
Mon, 28 Oct 2024 17:51:35 GMT
x-hubspot-correlation-id
732df8e2-f24f-4197-aa76-7a997545c1d2
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Mon, 28 Oct 2024 17:50:22 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8d9cc655fe7542cb-EWR
accept-ranges
bytes
access-control-allow-origin
https://d.pr
content-length
619
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-encoding
gzip
age
6331
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 18:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 16:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
banner.js
js.hs-banner.com/v2/2285731/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/2285731/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c95e1865f77fb2f362fb229d3e044e5652c5f173851791e3f8452aa3a011578

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
accf7e81-7f5a-4158-a6e2-efca4d6406f7
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"29dcc0daf58fe55ce68d47bfc50b8136"
x-amz-version-id
u867zdT2hBDl.fCC4dZ2sfonOf9PEek4
age
144
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Mon, 28 Oct 2024 17:49:47 GMT
x-evy-trace-listener
listener_https
date
Mon, 28 Oct 2024 17:51:35 GMT
x-hubspot-correlation-id
accf7e81-7f5a-4158-a6e2-efca4d6406f7
content-type
text/javascript; charset=UTF-8
last-modified
Thu, 24 Oct 2024 11:15:13 GMT
vary
origin, Accept-Encoding
x-amz-id-2
sA0+FUfm0w5XtGnJ7S85Fo/Cp2/PM29NRSjM+An0V5A2KWN7nxOZHkixjER273uomuixmF/m3363KvNKwLmmp6LqL7hpRQn8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-pfx9l
x-envoy-upstream-service-time
40
access-control-allow-credentials
true
x-amz-request-id
02X2AFGW61BD5QS2
cf-ray
8d9cc656db45188d-EWR
access-control-allow-origin
https://d.pr
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

x-evy-trace-virtual-host
all
x-request-id
d5a0a17d-ae16-437a-be13-a8116d8033ef
content-encoding
gzip
cf-cache-status
HIT
etag
W/"0df6051fb4e3e5c67b55de874a5fe993"
x-amz-version-id
KtgVA4GHJgyUOPf7T5TRgmfap.5FKp0l
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
423
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
I3Um1QO6f2Jvg8-JoH2kbrIQkBTrvW6XzQpOf0ADsGVuj8utUMut1w==
date
Mon, 28 Oct 2024 17:51:35 GMT
x-hubspot-correlation-id
d5a0a17d-ae16-437a-be13-a8116d8033ef
content-type
application/javascript; charset=utf-8
last-modified
Mon, 21 Oct 2024 14:24:42 UTC
vary
Accept-Encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7df4f6b649-x4vlr
x-envoy-upstream-service-time
1
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.605/bundles/pixels-release.js&cfRay=8d6452853fb128a2-IAD
via
1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
cf-ray
8d9cc656e99f41cd-EWR
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
adsscriptloaderstatic/static-1.605/bundles/pixels-release.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
conversations-embed.js
js.usemessages.com/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4621daf70705ca4ad2cdfa8c95058ddcf4966d0146230d6abe449f49f7c8d107
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

x-evy-trace-virtual-host
all
x-request-id
4c0e8a6a-e804-4e38-b248-2995743c66ac
content-encoding
gzip
cf-cache-status
HIT
etag
W/"efed4c800767ce92e6061f17ccc5987d"
x-amz-version-id
r.mCsQD_WlXWwN3xiO22xDXPwu0BfTog
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age
72
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
x-amz-cf-id
DLtBKfRcfpjMc-p9NEwR3fmsPkCYXBgdVq8SQFhB029awOnwvUiVoQ==
date
Mon, 28 Oct 2024 17:51:35 GMT
x-hubspot-correlation-id
4c0e8a6a-e804-4e38-b248-2995743c66ac
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 17:50:37 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7df4f6b649-jptdg
x-envoy-upstream-service-time
7
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18435/bundles/project.js&cfRay=8d7bde5a4d9f42e5-IAD
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-ray
8d9cc656dc887298-EWR
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.18435/bundles/project.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
2285731.js
js.hs-analytics.net/analytics/1730137800000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1730137800000/2285731.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2285731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c54cfb597d080d1d6c8158b230a8942be232fd5b73e8962d85843154366f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
36868d48-f900-4e4c-9a5e-c2635fd21875
content-encoding
gzip
cf-cache-status
HIT
etag
W/"afb564db5626165b1e561a2972111eac"
x-amz-version-id
null
age
41
expires
Mon, 28 Oct 2024 17:55:22 GMT
x-evy-trace-listener
listener_https
date
Mon, 28 Oct 2024 17:51:35 GMT
x-hubspot-correlation-id
36868d48-f900-4e4c-9a5e-c2635fd21875
content-type
text/javascript
last-modified
Thu, 24 Oct 2024 11:16:25 GMT
vary
origin, Accept-Encoding
x-amz-id-2
4eb+tqeZuLeKpsyjfMjkw1UIY1NuBn9zdhKlclcWj5WWd9Z6sb1FLq5WFONJHGxxAMmk9JaGNiE=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-j8c2t
x-envoy-upstream-service-time
49
access-control-allow-credentials
false
x-amz-request-id
ES1J1S0MA3WC91TN
cf-ray
8d9cc656eb945e6a-EWR
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
collect
www.google-analytics.com/j/ 		15 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1187955872&t=pageview&_s=1&dl=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&ul=en-us&de=UTF-8&dt=Screen%20Capture%20on%202024-10-25%20at%2014-55-05.mp4%20-%20Droplr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=782816109&gjid=510881516&cid=1175293756.1730137895&tid=UA-8563674-4&_gid=1354593778.1730137895&_r=1&_slc=1&gtm=45He4ao0n815M6G29Mza200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848&z=1439681172
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c7ad79adadeb67fa1c59d13f14ec2bf1653903d0e89490c7f9c18ecdc9482217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://d.pr/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:35 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://d.pr
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		289 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1NVW9YXQGF&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d09df945c61ff9c40892b3a89ecc5bf271a224c9477ec822ee7e210b81af71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 17:51:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102013
x-xss-protection
0
server
Google Tag Manager
view
d.pr/api/drops/veWMzi/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pr/api/drops/veWMzi/view
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2024-10-17-41a5d207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.41.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-41-248.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c9dd31f92c488f09bb47162e30332092185d15c0269c2026717b2dfa8124129f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains

Request headers

Referer
https://d.pr/v/veWMzi
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

strict-transport-security
max-age=31557600; includeSubDomains
access-control-allow-origin
*
access-control-expose-headers
X-Droplr-Authorization,x-droplr-errorcode,x-droplr-errordetails,X-Has-More,X-Results-Count
content-length
1690
date
Mon, 28 Oct 2024 17:51:35 GMT
etag
W/"69a-mu7qXqQ/H5d1tB0Lrux76XXhXZY"
content-type
application/json; charset=utf-8
veWMzi.preview_medium.jpg
cdn-std.droplr.net/previews/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-std.droplr.net/previews/veWMzi.preview_medium.jpg
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2024-10-17-41a5d207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-76.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6eaff2c50d1411704971e0a950a47fbd6fe6781820481885a3aa95577bee596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

x-amz-version-id
null
etag
"5818578730451a0741bfd1d99bcf0efe"
age
268093
via
1.1 a770e75e0ebdb44f23f7a7ef20bbbffa.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
18165
x-amz-cf-id
FGatzXp4WEoNvgmP6k1ExXo2C2o23QzGI0F4J0xqoFO3pJ-I7HwGUQ==
date
Fri, 25 Oct 2024 15:23:23 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 12:57:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P1
x-amz-server-side-encryption
AES256
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Source+Sans+Pro:300,400,600,700&subset=latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://d.pr
Referer
https://fonts.googleapis.com/

Response headers

age
265047
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 16:14:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:14:08 GMT
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14824
x-xss-protection
0
server
sffe
veWMzi
cdn-std.droplr.net/files/acc_272017/ 		484 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-std.droplr.net/files/acc_272017/veWMzi
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-76.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://d.pr/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
null
etag
"55edade52f510c0421de0fc3d2a2f4e1"
age
267986
Content-Range
bytes 0-11755291/11755292
via
1.1 a770e75e0ebdb44f23f7a7ef20bbbffa.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
Content-Length
11755292
x-amz-cf-id
hsz9Hjm0MDV6dbU3ERZHiaungyNz2WULrn8sPeS-Z0FtB4N5tM8P3g==
date
Fri, 25 Oct 2024 15:25:10 GMT
content-type
video/mp4
last-modified
Fri, 25 Oct 2024 12:58:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P1
x-amz-server-side-encryption
AES256
include.js
app.raaft.io/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.raaft.io/include.js?appId=A7H0mjU0vLzU6VCSE75V
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash
8357c24c2b3bd5bf051ed86d8af5cad491e77ef7655e63fa346ac61780580047

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
public, max-age=0
content-encoding
gzip
etag
W/"1fe6-49773873e8"
via
1.1 google
access-control-allow-origin
*
date
Mon, 28 Oct 2024 17:51:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-powered-by
Express
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:100,300,400,500,700|Product+Sans:400|Google+Sans:400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://d.pr
Referer
https://fonts.googleapis.com/

Response headers

age
289217
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 09:31:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 09:31:18 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.18435&mobile=false&messagesUtk=c609a8bdf7d44fca9863c45721ff9be7&traceId=c609a8bdf7d44fca9863c45721ff9be7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://d.pr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://d.pr
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8d9cc65bdea27d0b-EWR
content-length
18
content-type
text/plain; charset=utf-8
date
Mon, 28 Oct 2024 17:51:36 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxJ2%2BNhqXtsxY%2Fp5p6%2FOV5YBm4anGSLCtVORCBXsBoOyJdMYBajyYo9OSIFDyPLWoVag0UEClvqBfXoSd034j5INzb85awaimU5nANlURpLERTUyUliMD0V4y2cylsFB1%2FJRJBPMWNHw9lHO2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hubspot-correlation-id
e94aaa54-7c5f-4563-b2d5-004556a9b576
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2285731&conversations-embed=static-1.18435&mobile=false&messagesUtk=c609a8bdf7d44fca9863c45721ff9be7&traceId=c609a8bdf7d44fca9863c45721ff9be7
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2024-10-17-41a5d207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d8e8bd08919cc513372b53f70463fde80321eac9c5d952ae0bb388d0578130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri
https://d.pr/v/veWMzi
Referer
https://d.pr/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5O7od4ITxXFG21xJ1NuINAa6a7U6PDIfkJBUh1E0y8tmWb3P5XdnK2AiebG9sUkwxOe8f4CkdBipXAyyqdO5fmNMziubZXM%2BgBZbI%2B5vDrS4FMuiBb85PHa7mg3Gjv3936NIyeBj6NpMGs6R6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 17:51:36 GMT
x-hubspot-correlation-id
2e573baf-f0ec-4ad4-a608-c24783bf75d5
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8d9cc65c5f677d0b-EWR
access-control-allow-origin
https://d.pr
content-length
1337
server
cloudflare
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		115 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=2285731
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2024-10-17-41a5d207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3abe39a43ccc1dc38b384b7a22c49f78004e98b7133ca08e12c7e57c445fd825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

access-control-max-age
180
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VgkxQaiSm7F1JiBDdk7FsIusQUuASKCyMl69AVKukM7wj2aYeIaVFArZamQ6Alz5PaEqqExQ%2BWhVdzuddwi7%2F6aNUmMUzKHZNvkvSDMb4FRGqJ8kEsuI8RYReq33Kc699PuZSc2wwArxvDd"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 17:51:36 GMT
x-hubspot-correlation-id
a391eef1-a601-48f2-8a88-7ceb44ac97e6
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8d9cc65bee0d5e60-EWR
access-control-allow-origin
https://d.pr
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1NVW9YXQGF&gtm=45je4ao0v9126132042za200&_p=1730137895094&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101533422~101823848&ul=en-us&sr=1600x1200&cid=1175293756.1730137895&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&dt=Screen%20Capture%20on%202024-10-25%20at%2014-55-05.mp4%20-%20Droplr&sid=1730137895&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1299
Requested by
Host: cdn-assets.droplr.net
URL: https://cdn-assets.droplr.net/dist/bundle.2024-10-17-41a5d207.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://d.pr
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:36 GMT
content-type
text/plain
server
Golfe2
veWMzi
cdn-std.droplr.net/files/acc_272017/ 		88 KB
88 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-std.droplr.net/files/acc_272017/veWMzi
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-76.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc682588533cba5be400d89c8c933b8bb47527abaef4ba45e9a9e77a7f6f952d

Request headers

Referer
https://d.pr/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=11665408-

Response headers

x-amz-version-id
null
age
267987
etag
"55edade52f510c0421de0fc3d2a2f4e1"
Content-Range
bytes 11665408-11755291/11755292
via
1.1 a770e75e0ebdb44f23f7a7ef20bbbffa.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
Content-Length
89884
x-amz-cf-id
4SQ5tcTRvCDeSPZl3hwrLd5xMgMPwltduZ9xK7v3Hgb9gh54wQBFxA==
date
Fri, 25 Oct 2024 15:25:10 GMT
last-modified
Fri, 25 Oct 2024 12:58:41 GMT
x-amz-cf-pop
IAD55-P1
server
AmazonS3
content-type
video/mp4
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		282 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-976976893
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d96a4eb549d6503c6d5064d4e73f656df1da9c728f8a3bdd76c02de4fe1aa4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 17:51:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 16:29:15 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99366
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		282 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-976976893&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M6G29M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db35a6e9988786d8b3f442f2e63bf048412a0e7e72a589a8c9bada96c72efd5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 17:51:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 17:51:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 16:29:15 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99361
x-xss-protection
0
server
Google Tag Manager
c609a8bdf7d44fca9863c45721ff9be7
app.hubspot.com/conversations-visitor/2285731/threads/utk/ Frame 8431 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/2285731/threads/utk/c609a8bdf7d44fca9863c45721ff9be7?uuid=63e8136decb042b684dd29e3814b5af0&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=d.pr&inApp53=false&messagesUtk=c609a8bdf7d44fca9863c45721ff9be7&url=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://d.pr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
age
2183
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
8d9cc65e1bdc4241-EWR
content-encoding
gzip
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20884/html/index.html&cfRay=8d9cc65e1bdc4241&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F2285731%2Fthreads%2Futk%2Fc609a8bdf7d44fca9863c45721ff9be7%3Fuuid%3D63e8136decb042b684dd29e3814b5af0%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dd.pr%26inApp53%3Dfalse%26messagesUtk%3Dc609a8bdf7d44fca9863c45721ff9be7%26url%3Dhttps%253A%252F%252Fd.pr%252Fv%252FveWMzi%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fd.pr%2F&cfenv=prod&pdt=2024-10-28&csp=ro
content-type
text/html; charset=utf-8
date
Mon, 28 Oct 2024 17:51:36 GMT
etag
W/"c52a8564b71c45af5c991b835aa31d37"
last-modified
Thu, 24 Oct 2024 17:50:37 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8d9cc65e1bdc4241&resource=conversations-visitor-ui/static-1.20884/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-amz-cf-id
Sghn5M0-cN1x5xb3SonCvPDlsja5GQ6c1H_zQvI2lL0CGHR_pTEC4w==
x-amz-cf-pop
IAD12-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
Z5Bc9dh8yCO9pJY6PDeRdc41KDOIixhn
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
5
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-86c46c9777-gvw7k
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.20884/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
48c63ddb-a32f-490b-b75e-19c95acd4fda
x-request-id
48c63ddb-a32f-490b-b75e-19c95acd4fda
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976976893/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976976893/?random=1730137896548&cv=11&fst=1730137896548&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v9189449088za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&hn=www.googleadservices.com&frm=0&tiba=Screen%20Capture%20on%202024-10-25%20at%2014-55-05.mp4%20-%20Droplr&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1117382413.1730137897&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976976893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f501f811d428551c0ef055ad61e24d528486b988367ab6eb019ebbe8d5a50780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2350
date
Mon, 28 Oct 2024 17:51:36 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
976976893
td.doubleclick.net/td/rul/ Frame 6BD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976976893?random=1730137896548&cv=11&fst=1730137896548&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v9189449088za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&hn=www.googleadservices.com&frm=0&tiba=Screen%20Capture%20on%202024-10-25%20at%2014-55-05.mp4%20-%20Droplr&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1117382413.1730137897&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976976893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d.pr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 17:51:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
regular.woff2
cdn1.hubspot.net/googlefonts/fonts/Helvetica/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn1.hubspot.net/googlefonts/fonts/Helvetica/regular.woff2
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://d.pr
Referer
https://d.pr/

Response headers

content-encoding
br
cf-cache-status
EXPIRED
x-amz-version-id
oQ5g.LoAEFK3mdk3M1pWALQQ6oLrzuy3
etag
W/"f6e4b6cdb45684ca8239a8161901d7ad"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATqPro6555U1AKdeviqaOCRjnfP1eE3VElya%2FS08VheTfOqOLVaFFzN5NrdVzfysKBPNizEv9K0SQ6bBAmKuUnPHIKjtyH1wBqsVOKewXn%2BjX8NhJNyVxvf7ibxWsz%2FEOraWWJpm95KL8HWbvA8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
expires
Mon, 28 Oct 2024 18:51:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
1QNiERBc3qZJqEtgZI2p_8e8pS_lCKhCC9Xp5tbHkPNfVAD0k5z4Xw==
date
Mon, 28 Oct 2024 17:51:37 GMT
content-type
text/html
last-modified
Tue, 19 Feb 2019 20:12:00 GMT
vary
Accept-Encoding
cache-control
public, max-age=3600
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via
1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront)
cf-ray
8d9cc65e3d311a38-EWR
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P1
server
cloudflare
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame C429 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fd.pr
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976976893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 17:51:36 GMT
expires
Tue, 28 Oct 2025 17:51:36 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/976976893/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976976893/?random=1730137896548&cv=11&fst=1730134800000&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v9189449088za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&hn=www.googleadservices.com&frm=0&tiba=Screen%20Capture%20on%202024-10-25%20at%2014-55-05.mp4%20-%20Droplr&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1117382413.1730137897&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfA8Cl8CPEjeF253v9fBd2YAnZVbwupQ&random=1421856157&rmt_tld=0&ipr=y
Requested by
Host: d.pr
URL: https://d.pr/v/veWMzi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 28 Oct 2024 17:51:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1639347869&v=1.1&a=2285731&pu=https%3A%2F%2Fd.pr%2Fv%2FveWMzi&t=Screen+Capture+on+2024-10-25+at+14-55-05.mp4+-+Droplr&cts=1730137897185&vi=1b22a6df63be9b6141eb08434551159d&nc=true&u=23916709.1b22a6df63be9b6141eb08434551159d.1730137897181.1730137897181.1730137897181.1&b=23916709.1.1730137897181&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

x-robots-tag
none
x-request-id
b28eb94b-9542-4698-b3a1-f5ddca957f54
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PyxH%2BHxltoUl%2Bq6DbpxFOw4Y7ym7YbuqjV1kIz5lQbujl6ewlLzLZM6avFu6rwjb3lD5g%2BMK%2B5sti1I7dUQhxlqCdnfRt%2BMcDPFq%2BB%2BCJ7SCBc77udfJhB4VoHcqUCTzZwsxVdEI7MEEjEf2JY7"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 28 Oct 2024 17:51:37 GMT
x-hubspot-correlation-id
b28eb94b-9542-4698-b3a1-f5ddca957f54
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-nmk9z
x-envoy-upstream-service-time
7
access-control-allow-credentials
false
cf-ray
8d9cc66199db7295-EWR
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
favicon.svg
cdn-assets.droplr.net/dist/images/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/images/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-70.iad61.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
e277ddfb07cc5fcdc359b735ea8ed63278873255844870d141ca477d14273d2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
public, max-age=1209600
content-encoding
gzip
etag
W/"a07-1929aad7d10"
age
35640
via
1.1 80aa189f24b00266add6baaca0818654.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
VFnUfmAtigSxO-gRUTyY7w6l45PwFQkebUAozgpWYedbe3yQa73h2A==
date
Mon, 28 Oct 2024 07:57:37 GMT
content-type
image/svg+xml
last-modified
Thu, 17 Oct 2024 13:31:54 GMT
server
nginx/1.17.8
x-amz-cf-pop
IAD61-P5
vary
Accept-Encoding
favicon.png
cdn-assets.droplr.net/dist/images/ 		20 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.droplr.net/dist/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-70.iad61.r.cloudfront.net
Software
nginx/1.17.8 /
Resource Hash
1be85c3bfef4ef49494ad799e37f7a0ec525830cd96c4abe883fe98f40d74cd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d.pr/

Response headers

cache-control
public, max-age=1209600
etag
W/"4ebf-1929aad7d10"
age
558390
via
1.1 80aa189f24b00266add6baaca0818654.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
20159
x-amz-cf-id
R7zayjVIYuY3GaxoeDTfO-GZUg1D4KGrTWhmmLjvmpmEKkif5Fwmvw==
date
Tue, 22 Oct 2024 06:45:07 GMT
content-type
image/png
last-modified
Thu, 17 Oct 2024 13:31:54 GMT
server
nginx/1.17.8
x-amz-cf-pop
IAD61-P5

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer object| FontAwesomeCdnConfig string| cssUrl function| detectIE object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _hsp object| gaplugins object| gaGlobal object| gaData function| _ object| config object| regeneratorRuntime function| setImmediate function| clearImmediate function| saveAs object| core object| Base64 function| raaft boolean| PIXELS_RAN object| enabledEventSettings object| _hsq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| hubspot_live_messages_running object| HubSpotConversations boolean| _hspb_loaded boolean| _hspb_ran object| GooglebQhCsO boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

15 Cookies

Domain/Path Name / Value
.d.pr/ Name: _ga
Value: GA1.2.1175293756.1730137895
.d.pr/ Name: _gid
Value: GA1.2.1354593778.1730137895
.d.pr/ Name: _gat_UA-8563674-4
Value: 1
d.pr/ Name: AWSALB
Value: hN5frnsNqonVSmhOqVm5JfE/lUw0pp8kg6dif1Wm6pDq4cxsYzLx1VZGvKuq9sNQ6vmnCQM7KP4ngaNVL82q9d0u41vUiBupUezhjs39tzEPpEbq2o4+iYTeOtS5afEu2HlPPpEOl0kNoWAI8FuiZaNya2a3z4/mtSokaMtZvby1XNdLrmk18TO7INQsBg==
d.pr/ Name: AWSALBCORS
Value: hN5frnsNqonVSmhOqVm5JfE/lUw0pp8kg6dif1Wm6pDq4cxsYzLx1VZGvKuq9sNQ6vmnCQM7KP4ngaNVL82q9d0u41vUiBupUezhjs39tzEPpEbq2o4+iYTeOtS5afEu2HlPPpEOl0kNoWAI8FuiZaNya2a3z4/mtSokaMtZvby1XNdLrmk18TO7INQsBg==
.d.pr/ Name: _ga_1NVW9YXQGF
Value: GS1.2.1730137895.1.0.1730137895.0.0.0
.d.pr/ Name: _gcl_au
Value: 1.1.1117382413.1730137897
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.d.pr/ Name: messagesUtk
Value: c609a8bdf7d44fca9863c45721ff9be7
.d.pr/ Name: __hstc
Value: 23916709.1b22a6df63be9b6141eb08434551159d.1730137897181.1730137897181.1730137897181.1
.d.pr/ Name: hubspotutk
Value: 1b22a6df63be9b6141eb08434551159d
.d.pr/ Name: __hssrc
Value: 1
.d.pr/ Name: __hssc
Value: 23916709.1.1730137897181
.hubspot.com/ Name: __cf_bm
Value: 5.hJEUWw2d4bmo7swLC_X8o5SP9_L8hrB6Vw6qHDlIk-1730137897-1.0.1.1-63tn04bZl.MsYuu.OuMm6SOGaKWUmECkHjZJytAxbCAMEW7sXvMToY3g_ZVuGcCDHxq.3FQbcza8po_FDlrN6w
.hubspot.com/ Name: _cfuvid
Value: WQE002rTPFP3wgaG_3lXDkN1PBf2mjGokxwNUOptQWI-1730137897270-0.0.1.1-604800000

2 Console Messages

Source Level URL
Text
network error URL: https://cdn1.hubspot.net/googlefonts/fonts/Helvetica/regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://d.pr/v/veWMzi
Message:
The resource https://cdn1.hubspot.net/googlefonts/fonts/Helvetica/regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors d.pr vidmails.com covideo.com http://vidmails.com http://covideo.com https://vidmails.com https://covideo.com https://www.covideo.com http://www.covideo.com http://d.pr https://d.pr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
app.hubspot.com
app.raaft.io
cdn-assets.droplr.net
cdn-sec.droplr.net
cdn-std.droplr.net
cdn1.hubspot.net
d.pr
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
td.doubleclick.net
track.hubspot.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
18.160.41.76
2001:4860:4802:38::178
2606:4700:3036::6815:1b98
2606:4700:4400::ac40:9310
2606:4700::6810:4c8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8dd1
2606:4700::6811:afc9
2606:4700::6811:df98
2606:4700::6812:5b3e
2606:4700::6812:f06c
2607:f8b0:4004:c06::68
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::79
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c21::9d
3.167.56.70
35.81.41.248
52.85.132.117
0d96a4eb549d6503c6d5064d4e73f656df1da9c728f8a3bdd76c02de4fe1aa4f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1b5b54d50b5d8212f74d0178918d1583416fa2deca30ee47400aadca7d1cc011
1be85c3bfef4ef49494ad799e37f7a0ec525830cd96c4abe883fe98f40d74cd2
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c95e1865f77fb2f362fb229d3e044e5652c5f173851791e3f8452aa3a011578
2f4ea4bb408c79e53f7e07894b8d10c842d4d03f7f46e41a76a2e50a948901c2
3abe39a43ccc1dc38b384b7a22c49f78004e98b7133ca08e12c7e57c445fd825
4621daf70705ca4ad2cdfa8c95058ddcf4966d0146230d6abe449f49f7c8d107
58676e39f8e4c8dec74942f52edbe2a0e2d492b639f1378e24e83764e719790e
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63c54cfb597d080d1d6c8158b230a8942be232fd5b73e8962d85843154366f7d
6f00038df031c4e23010b0f0d573ad055e5d7b57304268532b2964862b2d5347
6f654259374053d48c0a3c3f2bcec0103dc4b3b33b89c09897bfa2729886512f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8357c24c2b3bd5bf051ed86d8af5cad491e77ef7655e63fa346ac61780580047
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d09df945c61ff9c40892b3a89ecc5bf271a224c9477ec822ee7e210b81af71c
990f66c91d139482c57ec9cff2bff68a22c392f13c22a1e66797823e750aeb45
bc682588533cba5be400d89c8c933b8bb47527abaef4ba45e9a9e77a7f6f952d
c7ad79adadeb67fa1c59d13f14ec2bf1653903d0e89490c7f9c18ecdc9482217
c9dd31f92c488f09bb47162e30332092185d15c0269c2026717b2dfa8124129f
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d03e8684a577a176f3c3f36dd196a9b5602110eeebd24faf3b9611a3ad84d10a
d3d8e8bd08919cc513372b53f70463fde80321eac9c5d952ae0bb388d0578130
d581d842c739fb56125c5c75b9f568b7b3ad93b5e52f977dce554cba7d36fb2f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
db35a6e9988786d8b3f442f2e63bf048412a0e7e72a589a8c9bada96c72efd5b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e277ddfb07cc5fcdc359b735ea8ed63278873255844870d141ca477d14273d2e
e55f844afa999a4ab5efe0657e793f9f345019d1bfb91a3eb82d962866d5be8c
e6c6a13c55b2bd6e757d5c17c5160444ef1f0b6b8d8e6f84822f53c51033ab44
e6eaff2c50d1411704971e0a950a47fbd6fe6781820481885a3aa95577bee596
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e
f501f811d428551c0ef055ad61e24d528486b988367ab6eb019ebbe8d5a50780