urlscan.io logo urlscan.io
SecurityTrails logo

www.kaptea.io Open in urlscan Pro
80.84.234.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u2309499.ct.sendgrid.net/ls/click?upn=Ymd2n7RV47riE84f-2BrIN4d-2BNPnDbLIkK6RJAPpvMayp-2BCQSPq-2FT2Ih3fayi6twD-2BgyvhFghkB...
Effective URL: https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6u...
Submission: On March 16 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 26 HTTP transactions. The main IP is 80.84.234.19, located in Netherlands and belongs to ASN-PROSERVE Amsterdam, NL. The main domain is www.kaptea.io.
TLS certificate: Issued by R3 on February 15th 2022. Valid for: 3 months.
This is the only time www.kaptea.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.118.28 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u2309499.ct.sendgrid.net
2    80.84.234.19 (Netherlands)

ASN21155 (ASN-PROSERVE Amsterdam, NL)
PTR: ams2-c7-1.anuhosting.net
www.kaptea.io
8    18.133.15.98 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
betterproposals.io
4    2a02:26f0:ef::5c7b:c209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.218.105.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
8 betterproposals.io
betterproposals.io — Cisco Umbrella Rank: 586671
32 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 251
43 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 427
p.typekit.net — Cisco Umbrella Rank: 527
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
501 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
114 KB
2 kaptea.io
www.kaptea.io
949 B
1 gstatic.com
fonts.gstatic.com
19 KB
1 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 3560
149 KB
1 amazonaws.com
s3-eu-west-1.amazonaws.com
32 KB
1 sendgrid.net
u2309499.ct.sendgrid.net
353 B
26 10
Domain Requested by
8 betterproposals.io www.kaptea.io
betterproposals.io
4 fonts.googleapis.com betterproposals.io
2 www.facebook.com betterproposals.io
2 connect.facebook.net betterproposals.io
connect.facebook.net
2 p.typekit.net use.typekit.net
2 ajax.googleapis.com betterproposals.io
2 use.typekit.net betterproposals.io
2 www.kaptea.io 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 images.unsplash.com betterproposals.io
1 s3-eu-west-1.amazonaws.com betterproposals.io
1 u2309499.ct.sendgrid.net 1 redirects
26 12

This site contains no links.

Subject Issuer Validity Valid
*.kaptea.io
R3		 2022-02-15 -
2022-05-16		 3 months crt.sh
*.betterproposals.io
Amazon		 2022-02-27 -
2023-03-28		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-12-17 -
2022-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.camp-fire.jp
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-20 -
2022-06-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Frame ID: F241E42CB6F612E485FE06B962EC46CB
Requests: 2 HTTP requests in this frame

Frame: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Frame ID: E8577FA5C7159C2A1E7DDFC2D5EA0D18
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Proposal Cover

Page URL History Show full URLs

  1. https://u2309499.ct.sendgrid.net/ls/click?upn=Ymd2n7RV47riE84f-2BrIN4d-2BNPnDbLIkK6RJAPpvMayp-2BCQSPq-2FT2Ih3... HTTP 302
    http://www.kaptea.io/proposal//cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&C... HTTP 301
    https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&Co... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

26
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

10
IPs

5
Countries

392 kB
Transfer

874 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u2309499.ct.sendgrid.net/ls/click?upn=Ymd2n7RV47riE84f-2BrIN4d-2BNPnDbLIkK6RJAPpvMayp-2BCQSPq-2FT2Ih3fayi6twD-2BgyvhFghkB88i5pTSpyPq9BhLfZygVyN-2BCz0DswLPzBroqv95saGVWYYmmRrAr1NnV7WnTzD6HxPFreMcqPcGT2G6yEvIX-2BlJzRFRanOY1KWv5tTIJ6nPujDXpSs-2Brjg2ToyYSqDJkVUKpMS4O9ag1w-3D-3DeUoH_M2Gl3ARLBj-2BBqlOerbeXWJSOIS48MA9bI5coxuwR10rVwZVJCX1NvauqlA3hQM93gGHUodsPicEJifsE5ftMj6JS7eGQJ3ug-2BSt-2FpDD7YSOIxpyn2uTIaPCEVcE80C9Sjrwi6WneJov-2BXvxFHrZ6w9p5MrzDGOpPgxHvFpdnnndpWP871e7-2FRQe9QAMRVFTEy8qKDCRecmigriocicyH1A-3D-3D HTTP 302
    http://www.kaptea.io/proposal//cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs HTTP 301
    https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cover.php
www.kaptea.io/proposal/
Redirect Chain
  • https://u2309499.ct.sendgrid.net/ls/click?upn=Ymd2n7RV47riE84f-2BrIN4d-2BNPnDbLIkK6RJAPpvMayp-2BCQSPq-2FT2Ih3fayi6twD-2BgyvhFghkB88i5pTSpyPq9BhLfZygVyN-2BCz0DswLPzBroqv95saGVWYYmmRrAr1NnV7WnTzD6HxP...
  • http://www.kaptea.io/proposal//cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
  • https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
599 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.234.19 , Netherlands, ASN21155 (ASN-PROSERVE Amsterdam, NL),
Reverse DNS
ams2-c7-1.anuhosting.net
Software
Apache/2 / PHP/7.3.31
Resource Hash
301f7361712724846b286fa229b3222a0ff3daaea5239e493c518219ac89e892

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.3.31
vary
Accept-Encoding,User-Agent
cache-control
max-age=0
expires
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
content-length
418
content-type
text/html; charset=UTF-8
date
Wed, 16 Mar 2022 16:26:41 GMT
server
Apache/2

Redirect headers

Date
Wed, 16 Mar 2022 16:26:41 GMT
Server
Apache/2
Location
https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Content-Length
361
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
custom.css
betterproposals.io/proposal/ 		142 B
368 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/proposal/custom.css
Requested by
Host: www.kaptea.io
URL: https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
a93e6b12e746ff1240e5c690aa8c00b78f3348d072f8d981241110696c49768c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kaptea.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
accept-ranges
bytes
content-length
123
x-xss-protection
1; mode=block
cover.php
betterproposals.io/proposal/ Frame E857 		35 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Requested by
Host: www.kaptea.io
URL: https://www.kaptea.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
ec84153e83dfc5eb67576520efc59c07c368641613b8a7a84c1b498e6c8c9779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kaptea.io/

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-type
text/html; charset=UTF-8
content-length
7102
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-powered-by
PHP/5.6.40
cache-control
max-age=1, private, must-revalidate
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
vary
Accept-Encoding
content-encoding
gzip
x-xss-protection
1; mode=block
x-content-type-options
nosniff
uci0kgk.css
use.typekit.net/ Frame E857 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/uci0kgk.css
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7c323077094651bcfb8b965383ff562f51ebd341a3644d4ed6fe427248bf0aa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 16 Mar 2022 16:26:41 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
928
normalize.css
betterproposals.io/proposal/css/ Frame E857 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/proposal/css/normalize.css
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
00ba86355398d936e28d997cdb8a451ab0ffc678a8a0dff3f5c026858f5a4845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
accept-ranges
bytes
content-length
2070
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame E857 		8 KB
815 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b958ebd8b0fea32159976030426270c8622f663c76ca1f7889c2eefbff45a6ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 15:33:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 16:26:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 16:26:41 GMT
css
fonts.googleapis.com/ Frame E857 		1 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dancing+Script
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cdc55c0446f33f4c730363f83734efcf12c10a2f439c4be1ace4a698271abcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 16:05:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 16:26:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 16:26:41 GMT
jsj6btw.css
use.typekit.net/ Frame E857 		1 KB
821 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/jsj6btw.css
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
937cbe54c44ab49ff76b73bef8bfae6b332a3ba13c7410687551aed7e1a98fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 16 Mar 2022 16:26:41 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
589
css
fonts.googleapis.com/ Frame E857 		1 KB
516 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:300
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d410bcc3e9cc0eddcd6af981787dee00b8fb691692002b745d5c49279ba13e50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 16:26:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 16:26:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 16:26:41 GMT
css
fonts.googleapis.com/ Frame E857 		3 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
340252488522f32ab2fc3cf58612bb96154fa954926667dca0dfec272c1178ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 14:50:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 16:26:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 16:26:41 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/themes/ui-lightness/ Frame E857 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/themes/ui-lightness/jquery-ui.css
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4db455b3a332659b90bd42757cc2d6f11fea1c288740b352cbbeddf1af850636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 01:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6143
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 01:03:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ Frame E857 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 01:14:26 GMT
jquery.validationEngine.js
betterproposals.io/hosted_scripts/jquery-validation-engine/js/ Frame E857 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/hosted_scripts/jquery-validation-engine/js/jquery.validationEngine.js
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
33e87aae3e7b810d6ca7c1f99c23dd29df246084e38745fa2f0774fbd6e37d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=216000, private
accept-ranges
bytes
content-length
15901
x-xss-protection
1; mode=block
jquery.validationEngine-en.js
betterproposals.io/hosted_scripts/jquery-validation-engine/js/languages/ Frame E857 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/hosted_scripts/jquery-validation-engine/js/languages/jquery.validationEngine-en.js
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
4f2d5ff1cb9de8710634fddaca7faf7dfdb7ca7b9ddf206ab397839bc59bad04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=216000, private
accept-ranges
bytes
content-length
2452
x-xss-protection
1; mode=block
validationEngine.jquery.css
betterproposals.io/hosted_scripts/jquery-validation-engine/css/ Frame E857 		3 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/hosted_scripts/jquery-validation-engine/css/validationEngine.jquery.css
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
a5fe412e9739d021b6b57bd5128855360da11031255b5d7fc5f3e141bb3f8466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
accept-ranges
bytes
content-length
721
x-xss-protection
1; mode=block
tipTip.css
betterproposals.io/hosted_scripts/tiptip/ Frame E857 		2 KB
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/hosted_scripts/tiptip/tipTip.css
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
08c2d76eef4add94d454383a816a746c7489d8143b5dd5b0d5207a6e02319914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
accept-ranges
bytes
content-length
595
x-xss-protection
1; mode=block
jquery.tipTip.minified.js
betterproposals.io/hosted_scripts/tiptip/ Frame E857 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betterproposals.io/hosted_scripts/tiptip/jquery.tipTip.minified.js
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.15.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-15-98.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
160388861c09e2d2cc763a9de91b2765548c88c4d718d5a201e61f437ebf4c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=216000, private
accept-ranges
bytes
content-length
1708
x-xss-protection
1; mode=block
Solta-Consulting-Limitied-TA-KAPTEA_Kaptea-Logo-Mixed-Reverse_8454.png
s3-eu-west-1.amazonaws.com/businessautomation/Proposal_Cover_Logos/ Frame E857 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/businessautomation/Proposal_Cover_Logos/Solta-Consulting-Limitied-TA-KAPTEA_Kaptea-Logo-Mixed-Reverse_8454.png
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.105.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
00877e120838b05ebac65e12d24f5bd6fb0008e877015565b4f7fe8b9ac1f195

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:26:42 GMT
Last-Modified
Fri, 04 Mar 2022 08:55:55 GMT
Server
AmazonS3
x-amz-request-id
TG7QB94E4C40WFPV
x-amz-meta-content-disposition
attachment
ETag
"07eb4d2701fe4f05708637bfcd21989b"
Content-Type
image/png
x-amz-meta-content-type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
32271
x-amz-id-2
/VE3Hi7n9RlbcIPQjsn0K0Td6nwWumSYDFe78qTcLqw41PlMCjoesaX3a6bdMQht8JkrZSacgIQ=
p.css
p.typekit.net/ Frame E857 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=jsj6btw&ht=tk&f=28096&a=6963403&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/jsj6btw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
p.css
p.typekit.net/ Frame E857 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=uci0kgk&ht=tk&f=175.28151.34661.34662.34665.34666.34863&a=6963403&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uci0kgk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
fbevents.js
connect.facebook.net/en_US/ Frame E857 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
zqA3YalHj/nAmz44ELVwqlWaDZUqPeTCGcNFeNmWS3+i9/kxRGcGVc68gnaoh17jEl4oTY3+IAPsTmUM6abKLg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Mar 2022 16:26:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
photo-1588196749597-9ff075ee6b5b
images.unsplash.com/ Frame E857 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1588196749597-9ff075ee6b5b?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxODc2MDB8MHwxfHNlYXJjaHw0fHx2aWRlbyUyMGNvbmZlcmVuY2luZ3xlbnwxfDB8fHwxNjQ2Mzg0MDA4&ixlib=rb-1.2.1&q=80&w=1080
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1a27b3cce5fc574db2a4a21e26c5aa2605b387124dd162a147b8c863859aa6a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
x-content-type-options
nosniff
fastly-restarts
1
last-modified
Tue, 22 Feb 2022 14:06:32 GMT
server
imgix
age
1909209
x-cache
MISS, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
d508b90ea7efcb0f22a23b97828e527ed6627322
accept-ranges
bytes
content-length
152561
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10076-SJC, cache-sjc10024-SJC, cache-hhn4030-HHN
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32KxfXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v16/ Frame E857 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v16/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32KxfXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31363ced7cfb8afdf23deef5ea4c8b6ea4ec1aec4e9bd7a82a41ecea98aab5d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://betterproposals.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:51:37 GMT
x-content-type-options
nosniff
age
77704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18724
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:25:00 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 18:51:37 GMT
1015789581848856
connect.facebook.net/signals/config/ Frame E857 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1015789581848856?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
450711a83c28839d2db20aaf36ff583cb1032cb661d698be6e25a2915843d30a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
/QLBNosEKy7zHsvaYLSM/EguRmWTqlpeVXVcR+kMypPuftuwdJ+8gsrvJlh3eaIfN4kQXy9v1f/IZpXdf0qrpQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Mar 2022 16:26:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame E857 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1015789581848856&ev=PageView&dl=https%3A%2F%2Fbetterproposals.io%2Fproposal%2Fcover.php%3FProposalID%3Dc72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k%26ContactID%3DLtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs&rl=https%3A%2F%2Fwww.kaptea.io%2F&if=true&ts=1647448001731&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&it=1647448001632&coo=false&rqm=GET
Requested by
Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=c72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k&ContactID=LtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 16 Mar 2022 16:26:41 GMT
/
www.facebook.com/tr/ Frame E857 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1015789581848856&ev=Microdata&dl=https%3A%2F%2Fbetterproposals.io%2Fproposal%2Fcover.php%3FProposalID%3Dc72lyfpjhOMNijpHkdXXb7bsNNPJQtAO4qUbfn5OT5k%26ContactID%3DLtvDdbERMI6upJwn6j3rz0BwV4aK9xBL0PQn32sLdLs&rl=https%3A%2F%2Fwww.kaptea.io%2F&if=true&ts=1647448003235&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Proposal%20from%20Kaptea%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&it=1647448001632&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://betterproposals.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:26:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 16 Mar 2022 16:26:43 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored

2 Cookies

Domain/Path Name / Value
.unsplash.com/ Name: ugid
Value: 7d551a0547cb280d5fe13504da8932a95491493
.facebook.com/ Name: fr
Value: 0lXPrYTqQ5xZ6ilEu..BiMg_B...1.0.BiMg_B.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
betterproposals.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
images.unsplash.com
p.typekit.net
s3-eu-west-1.amazonaws.com
u2309499.ct.sendgrid.net
use.typekit.net
www.facebook.com
www.kaptea.io
167.89.118.28
18.133.15.98
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a02:26f0:ef::5c7b:c209
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::720
52.218.105.50
80.84.234.19
00877e120838b05ebac65e12d24f5bd6fb0008e877015565b4f7fe8b9ac1f195
00ba86355398d936e28d997cdb8a451ab0ffc678a8a0dff3f5c026858f5a4845
08c2d76eef4add94d454383a816a746c7489d8143b5dd5b0d5207a6e02319914
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160388861c09e2d2cc763a9de91b2765548c88c4d718d5a201e61f437ebf4c93
1a27b3cce5fc574db2a4a21e26c5aa2605b387124dd162a147b8c863859aa6a2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
301f7361712724846b286fa229b3222a0ff3daaea5239e493c518219ac89e892
31363ced7cfb8afdf23deef5ea4c8b6ea4ec1aec4e9bd7a82a41ecea98aab5d0
33e87aae3e7b810d6ca7c1f99c23dd29df246084e38745fa2f0774fbd6e37d9c
340252488522f32ab2fc3cf58612bb96154fa954926667dca0dfec272c1178ca
3cdc55c0446f33f4c730363f83734efcf12c10a2f439c4be1ace4a698271abcc
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
450711a83c28839d2db20aaf36ff583cb1032cb661d698be6e25a2915843d30a
4db455b3a332659b90bd42757cc2d6f11fea1c288740b352cbbeddf1af850636
4f2d5ff1cb9de8710634fddaca7faf7dfdb7ca7b9ddf206ab397839bc59bad04
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
7c323077094651bcfb8b965383ff562f51ebd341a3644d4ed6fe427248bf0aa9
937cbe54c44ab49ff76b73bef8bfae6b332a3ba13c7410687551aed7e1a98fb4
a5fe412e9739d021b6b57bd5128855360da11031255b5d7fc5f3e141bb3f8466
a93e6b12e746ff1240e5c690aa8c00b78f3348d072f8d981241110696c49768c
b958ebd8b0fea32159976030426270c8622f663c76ca1f7889c2eefbff45a6ba
d410bcc3e9cc0eddcd6af981787dee00b8fb691692002b745d5c49279ba13e50
ec84153e83dfc5eb67576520efc59c07c368641613b8a7a84c1b498e6c8c9779