dr.cash Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dr.cash/sign-up
Submission: On January 22 via api (January 22nd 2024, 4:11:26 pm UTC) from US — Scanned from NL

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 59 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dr.cash.
TLS certificate: Issued by E1 on December 6th 2023. Valid for: 3 months.

This is the only time dr.cash was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
6	2.19.96.137 2.19.96.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 5	2600:9000:210... 2600:9000:2104:f800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a05:d018:cc3... 2a05:d018:cc3:fe05:d174:90d8:a61a:34b2	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	34.241.154.2 34.241.154.2	16509 (AMAZON-02) (AMAZON-02)
1	18.239.36.23 18.239.36.23	16509 (AMAZON-02) (AMAZON-02)
2	13.224.103.7 13.224.103.7	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.93.29.232 3.93.29.232	14618 (AMAZON-AES) (AMAZON-AES)
59	18

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dr.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.96.137 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-137.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2104:f800:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe05:d174:90d8:a61a:34b2 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.154.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-154-2.eu-west-1.compute.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-23.ams58.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.103.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-7.zrh50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.29.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-29-232.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	dr.cash dr.cash	150 KB
8	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 3274 d.adroll.com — Cisco Umbrella Rank: 1407 ipv4.d.adroll.com — Cisco Umbrella Rank: 11856	31 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	3 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	36 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	143 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	462 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	72 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2157	382 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1661 api-iam.intercom.io — Cisco Umbrella Rank: 2016	6 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 9209	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	390 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	94 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	167 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
59	15

	Domain	Requested by
13	dr.cash	dr.cash
7	mc.yandex.com	3 redirects dr.cash mc.yandex.ru
6	analytics.tiktok.com	dr.cash analytics.tiktok.com
5	s.adroll.com	1 redirects www.googletagmanager.com dr.cash s.adroll.com
5	www.google.com	dr.cash www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	mc.yandex.ru	1 redirects dr.cash
2	js.intercomcdn.com	widget.intercom.io
2	fonts.gstatic.com	www.google.com
2	d.adroll.com	1 redirects s.adroll.com
2	www.google.nl	dr.cash
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	dr.cash connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	dr.cash www.googletagmanager.com
1	api-iam.intercom.io	js.intercomcdn.com
1	www.facebook.com
1	widget.intercom.io	dr.cash
1	ipv4.d.adroll.com	dr.cash
59	20

This site contains no links.

Subject Issuer	Validity	Valid
dr.cash E1	`2023-12-06` - `2024-03-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-31` - `2024-01-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://dr.cash/sign-up
Frame ID: ED8BC5197C4FB5FF2583450637C031F1
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_qZMUAAAAAE0mLqU8OdTvyvnkTfwDMuYvw0vW&co=aHR0cHM6Ly9kci5jYXNoOjQ0Mw..&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=45bo3gxyl516
Frame ID: C57D650B6F85D68203521A48001DB6D8
Requests: 8 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.ed6720b2.js
Frame ID: 933DCCDC8ED9CCC354B312AB314F2415
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign Up — dr.cash

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

59
Requests

93 %
HTTPS

72 %
IPv6

15
Domains

20
Subdomains

18
IPs

5
Countries

1563 kB
Transfer

4519 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://s.adroll.com/j/pre/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10256.R2rYtu8sfiKse1ZpMUU4HteMiK5GvRph1Rt6ndh4N14cfaZW1WHLeSuT4BQ-RbQ2.4a5zsK4dncZqN1pN-Qj1figMbTw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10256.wK-scg2UbAy72OWiqnuSGHDzfcG3DLWfCq0-xL852ByVqru17KvQ4s1gvbVqk_xqa7T-8ijJ4REZp9NPcftGB93JlJ0Yicz2MjXUXjJE3i-IniZByrFvajqxV8O3urmwxfT0_bLzK-YBA12_bZzL-d_u8R1V6fJj_bpajjFbMre24Nhq4I8nrZCitKVY5eAFqV104FzG6Tmsh1UcWHiFOGSL1Nr0XI4goHGFqp3BJrY%2C.Y3B6HNcw2dAM_v62Rh9zXzF9NIA%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10256.sqaRwbztEA_HCdrDXzDjL8gtZxxtC5_Sj9xHerY3q9nNmVzEqTQUkOPwDQbskC5I2Xon66ObcAB2jLTYf64xDO7O3YjxyxsUJsKEmHVtmiqWGRYgT0UFP_086H9Scu36h9q_iNhgl09DWocqj_bJgoHZX_69XWG4hDOpSzKpqMT5JtEKgE2j8kEe4b_GPNLqWzGjVKZecCaDfy4AVjHeIg%2C%2C.mycfDZVaUPnBl-BLZ7WvM1wg8dU%2C

Request Chain 46

https://d.adroll.com/pixel/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT?adroll_fpc=2c7ce335a04a12924090eca2343ec92f-1705939881920&pv=66099201894.04439&arrfrr=https%3A%2F%2Fdr.cash%2Fsign-up&cookie=&adroll_s_ref=&keyw=&p0=337 HTTP 302
https://s.adroll.com/pixel/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/G5XDMYNXE5H3NH6F2MIYYU.js

Request Chain 50

https://mc.yandex.com/watch/84420421?wmode=7&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1480373801007%3Ahid%3A633336183%3Az%3A60%3Ai%3A20240122171121%3Aet%3A1705939882%3Ac%3A1%3Arn%3A448983935%3Arqn%3A1%3Au%3A1705939882832449947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C54%2C74%2C1%2C0%2C0%2C%2C131%2C1%2C%2C%2C%2C344%3Aco%3A0%3Acpf%3A1%3Ans%3A1705939881113%3Agi%3AR0ExLjIuODExOTcyNTM2LjE3MDU5Mzk4ODI%3D%3Afp%3A309%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705939882%3At%3ASign%20Up%20%E2%80%94%20dr.cash&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/84420421/1?wmode=7&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1480373801007%3Ahid%3A633336183%3Az%3A60%3Ai%3A20240122171121%3Aet%3A1705939882%3Ac%3A1%3Arn%3A448983935%3Arqn%3A1%3Au%3A1705939882832449947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C54%2C74%2C1%2C0%2C0%2C%2C131%2C1%2C%2C%2C%2C344%3Aco%3A0%3Acpf%3A1%3Ans%3A1705939881113%3Agi%3AR0ExLjIuODExOTcyNTM2LjE3MDU5Mzk4ODI%3D%3Afp%3A309%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705939882%3At%3ASign%20Up%20%E2%80%94%20dr.cash&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sign-up Show response
dr.cash/ 14 KB
3 KB 212ms
75ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696cd525a61f739700b2d9e4f05631ffe3195e82669e6f3ba653bed1817275c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84991281ead73c87-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 16:11:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOjelcBvNxW7RXdNeznkSkW56BkW%2BiwGIMsfWRCmr42%2F%2FgUV8xW7BPJi1rrm%2BY%2FDrppA7eDXglV2UYvAy6YKymSmyOFPmgPm0pQIsx1uynEAcWh2K524lMHbkjXxDUxNzUtLLoTx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 app.styles.7db79e716c4a03e11161.css
dr.cash/assets/css/ 117 KB
15 KB 44ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c07bd93f658daba37c39d0e8f0e9ae5fd90b0d86d4316863189046b0d8dd449

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 934
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m19XwSSFzS3dtMD%2BHo%2FMfw7lWMNeLygWubtVgGyNh0IVXgmwWiy6GjXkJ%2BjkVoM%2B9RwHx2to8t0zIzSeRP6I9kh1oA9HjDZAGvImLx2WfZwxpCrbLKiADq8OPfqE%2B1NZMyI2qqUK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cf-ray: 849912826baf3c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sign-up.styles.fde412e0b420dc1a88b7.css
dr.cash/assets/css/ 3 KB
997 B 65ms
64ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/css/sign-up.styles.fde412e0b420dc1a88b7.css
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f44d050771c1830b26e2df9777a4261ee29c8fd5e0673774507c7d6ff2c4b24e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txnMzxbVHf%2B4LNBF%2FWeBqmqCUFMXH6rDrDC2hyP1HSX1%2BXH9NBu9svA3lJF7uoGqTtj1UY%2Foitvi5B0R%2BroqxyUplVra%2FECrEhToy4WW3Hvda3qgN9ZO9oxsO7ULgz4322%2B74Bcy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cf-ray: 849912826bb23c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 runtime.bdf98842ddc8c9a8ae6f.js Show response
dr.cash/assets/js/ 1 KB
1 KB 36ms
35ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/js/runtime.bdf98842ddc8c9a8ae6f.js
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b76565ece51143457d8bcdc8720aa52703787262345b7e703334b671a489939

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 916
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKnnI9CK1gwQSpuptUhC04ST%2B4nKxY%2FadoPyJXZLpQs2O4ySlA%2FfCOj3W1tXUfB2ZTBWItLib8OA9vr9yy2g7mDGfBnqcbltoZW5ZyB5fNEhpK8lcBqShwzCXlMgdOz%2BiysdhHPC"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 849912826bb53c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.scripts.721d93ecef4979b1ae19.js Show response
dr.cash/assets/js/ 69 KB
12 KB 39ms
39ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/js/app.scripts.721d93ecef4979b1ae19.js
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a21a4d16a66fe5c14c3fa5e1114bf740491a3952e890bf6c7957aa4a8bc81064

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 916
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42amcDVgpfY0MX6qyvzDds2mmosNHyRVRhafqLD6UdA5dGokBjppSiLVqRcpUJjSnBaiVupJjgTSKzkwQ7qyVwcDfJUFvn7vdrbff5JRbyuauls0okq6HAqeCLLKBIrJKl2nvkSN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 849912826bb63c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sign-up.scripts.ca3a7552f437c8cb0d97.js Show response
dr.cash/assets/js/ 6 KB
3 KB 78ms
78ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/js/sign-up.scripts.ca3a7552f437c8cb0d97.js
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5112cd24118ddbb3acc9bb307a025d694ff0e3b24aed3664abe37cc7d105dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Difr099RD9VP6wzm%2FuuZ5oQVbRXEya2%2BMjKxTi70RFo%2F3DL6hD%2Fsi5yaqsKnfJM6h7Dm%2BBhT0OFAVvWXnsUSdFQDKN1ne11wKz3Zrq%2FZBen0J3X1oLg9RqIIcTsHI9JnrkmEHmei"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 849912826bb93c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.svg
dr.cash/assets/images/sign-up/svg/ 4 KB
2 KB 38ms
38ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dr.cash/assets/images/sign-up/svg/logo.svg
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd3a245be576029c45538c737e2f7f113e1e0e4ba144630a8fc820883801c90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 374
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbzMdgreNSSkeP6whcRNKdDdVYYVqddgsx0SBsfbphsIAMIj1YdeK2SAWsNfe0G1cU6KKGagHxOdwtWsJ05jCt6F9PqCnve66sInEvwaGfStBMNrKj1ljEbN9tQsxW1t9j5Cyd61"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 849912826bbd3c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 close.svg
dr.cash/assets/images/sign-up/svg/ 307 B
437 B 43ms
42ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dr.cash/assets/images/sign-up/svg/close.svg
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e24b6304680594eddb280823c120a2a8df4c39d42a76b759d772a32dbc03ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 374
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVGO%2Bqi75Es9si7x8Vjg4qvT4Q%2FC%2B04ckMN%2Fqb4h%2FtwNx%2Bf%2FaremtekoZuCpCgfPytvI3ha7dPsSZNpN3lc9%2BD8NrvvzgDk1tnoaAdTqn40AONjEN%2FQ7xkhueUFbygfw2EE8smcG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 849912826bbf3c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 alert.svg
dr.cash/assets/images/global/form/ 256 B
424 B 43ms
43ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dr.cash/assets/images/global/form/alert.svg
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee40e49a73fde665353fcf011d597f73f165e9f33be054f4cddf726ef32044fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/sign-up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 374
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FxfSP2LrjhW4zMgBtO0MfzQ1PW1rMt3Lpe%2Bf5zbdTiKIwIebfRgwFz3eQsw7qb%2BOBgoZAsueZzdUdMBrBTaljdESo7oEiDShAzeCN4KRgCmV5J4RARtJjvSLImfgqty5ekTaMOF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 84991282ac253c87-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ld_qZMUAAAAAE0mLqU8OdTvyvnkTfwDMuYvw0vW&update=1

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df59e1041b90b9e9ebe68d9767377a213e8ae08337bc1d4f8e26421de53c1d70

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 22 Jan 2024 16:11:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
77 KB 85ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3WXP5J

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f73676b992e11f26261973fd00a79018d214b4cfb5ed18f9ad361cd071f8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78008
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jan 2024 16:11:21 GMT

GET
H3 200 arrow-select--black.svg
dr.cash/assets/images/global/svg/ 232 B
611 B 68ms
68ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dr.cash/assets/images/global/svg/arrow-select--black.svg
Requested by: Host: dr.cash
URL: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93c7e714af59e162f3fce56c3a6c30bd5c77d64c992e055f02867e6329afcb74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxQwU9ZUTRXgrfrafi1FFdX9V4uW1pINCsrZVdOx%2F6My3tSmAVaD%2BcIQ9IwL5u9IyDxmcTfzm2WTq340nKD2DFS1lp9zTM5Y%2FKh71mudlW%2F0DyfSX5XsBRHP0zDq9VsGVOVtEZ7A"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 84991282efabb7d3-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 Gilroy-Regular.woff
dr.cash/assets/fonts/gilroy/ 36 KB
37 KB 29ms
29ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/fonts/gilroy/Gilroy-Regular.woff
Requested by: Host: dr.cash
URL: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65aaefc70732f81621ea791f680fecf68db87077435b1c47b5c4f191e26ba4c6

Request headers

Referer: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Origin: https://dr.cash
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 789
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TA%2BHTH%2F6%2F%2FRhpwMxSdTWo7xBFm%2B5p007ZICp2WS0oA8%2F4%2F1WUGe9dJ1wsGmf5ttzfFZNDiatC6ZbESydyBXPmAElJupJGMI0vC10UMD4rjgCw8cdKS9tRrtDsGOXp1tlYttRiTCk"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cf-ray: 84991282efacb7d3-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 Gilroy-Light.woff
dr.cash/assets/fonts/gilroy/ 37 KB
37 KB 69ms
69ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/fonts/gilroy/Gilroy-Light.woff
Requested by: Host: dr.cash
URL: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2521625c2186309829069d7a531c2c9524d4ae77990a0c4df9b9081b7415c845

Request headers

Referer: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Origin: https://dr.cash
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 785
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0lUcCWobdg%2FEEBOgFkvm0Xe6ol7cBa2KcapgxRZRjZXOUO5iS3yHLF%2FvuU1QW2pcMY4emHm1jL3FoqMSmwxX%2FeOtM32t%2F%2BOPYqd5S0W4H7ejFY116DomyZKBoj89JMt80%2B2Kxg2"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cf-ray: 84991282efaeb7d3-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 Gilroy-Bold.woff
dr.cash/assets/fonts/gilroy/ 37 KB
38 KB 70ms
70ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.cash/assets/fonts/gilroy/Gilroy-Bold.woff
Requested by: Host: dr.cash
URL: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27594f8838badd583c36992695ab5d4d0ffdbab450792f719a8cb3a921989ab

Request headers

Referer: https://dr.cash/assets/css/app.styles.7db79e716c4a03e11161.css
Origin: https://dr.cash
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 15:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 789
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woTiJGfB7s%2BNMKlBMRsgEcH0IfeDucZs0PDWsjGkxsghLkNVM2A6%2FYV7nM6e1q%2Fu4nI8YFvgS8agj4JUIU4ReoQ9ofVjgm1TytJmswyypW8qriZzDsFnWPuKBvY0Jos0%2BoPn0vNn"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cf-ray: 84991282efafb7d3-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 505 KB
203 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld_qZMUAAAAAE0mLqU8OdTvyvnkTfwDMuYvw0vW&update=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9238b80c2136d2ea6bdd9fadc5a0f80dc61f11104a40d17084d4f4cc3dc13447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr.cash/
Origin: https://dr.cash
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207120
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:25:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JHFMLTL199&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXP5J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ea8fde1d63f90e70191254e3512dfa5753930ab31fa68ee617b614b85d8426f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92490
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 16:11:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXP5J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jan 2024 17:48:09 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 167ms
113ms Script
application/javascript 2.19.96.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSLB2S0QH7P7CAP6MET0
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.137 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fd1507466b8081f9030b8f5f1763cbcb6b6691fe7f95dc304cfcadbdbc113e1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 26533181.2bc6997f
date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240122161121CC4C43713396E93C2749-2C42FC2D913EFC43-00
x-cache: TCP_MISS from a2-19-96-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 91,2.19.96.133
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=6, inner; dur=4
content-length: 1896
pragma: no-cache
server: nginx
x-tt-logid: 20240122161121CC4C43713396E93C2749
x-cache-remote: TCP_MISS from a184-28-17-241.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,184.28.17.241
x-tt-trace-host: 010fc9c5f43c3b42c6e3d5c79e7a3211718558fb5bac5b2b691d85c8fd3f0e4d2f284046be06288a9e14b82d6362a4d27aa32f6a4b6f26f66e97fc019dc1dfcf1ae185d3eae9db8adb6ad71d221c193bd04d7ec25c876e4514130f343356903ef107e626ae67078b687963982ae902c75c
expires: Mon, 22 Jan 2024 16:11:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 61ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 16:11:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57023
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +0ObsPaKzGPI5ymrhIQxa40t6luRpE2HWSmKSkZNJjtH8Z3DvrdRtMjlI4uIQwi94hfkQPmgWqmih9j6Oo3q0g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 230ms
116ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 22 Jan 2024 14:13:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65ae77f0-11838"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71736
expires: Mon, 22 Jan 2024 17:11:21 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 78 KB
25 KB 67ms
14ms Script
text/javascript 2600:9000:2104:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXP5J
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9495a3be04ee2efba3a2848a90fb8b9266b95df0e7bc44cc48c771f0587da65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Amz-Version-Id: GSFNLGMNzH7EFl0TL78LK6mY7UEwByMn
Content-Encoding: gzip
Via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
Date: Mon, 22 Jan 2024 15:50:18 GMT
Age: 1269
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Jan 2024 19:43:14 GMT
Server: AmazonS3
Etag: W/"7ee68392a851df8f1a7e24264d297436"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: hdspPyiRzoPyjbwwWNJiHIc9jfQN8kRU4ZM8beYg4ca87UgSTc3uCQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
239 B 46ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JHFMLTL199&gtm=45je41h0v873059870z8831522012&_p=1705939881398&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=811972536.1705939882&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705939881&sct=1&seg=0&dl=https%3A%2F%2Fdr.cash%2Fsign-up&dt=Sign%20Up%20%E2%80%94%20dr.cash&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=504
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JHFMLTL199&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dr.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
239 B 64ms
22ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JHFMLTL199&cid=811972536.1705939882&gtm=45je41h0v873059870z8831522012&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JHFMLTL199&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dr.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 91ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JHFMLTL199&cid=811972536.1705939882&gtm=45je41h0v873059870z8831522012&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=836648435

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C57D 44 KB
28 KB 42ms
42ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_qZMUAAAAAE0mLqU8OdTvyvnkTfwDMuYvw0vW&co=aHR0cHM6Ly9kci5jYXNoOjQ0Mw..&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=45bo3gxyl516

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb6cafa2f747842934705931eb6170542c2559ad373ac7adca73c635c0163e9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LuPSzXmqQtjZnGBXWhw7hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dr.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LuPSzXmqQtjZnGBXWhw7hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 16:11:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

26ms
15ms

Script
application/javascript

2600:9000:2104:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: HTTP/1.1
Server: 2600:9000:2104:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Sun, 21 Jan 2024 19:48:33 GMT
Via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
Age: 75223
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NWKnDCwSAC1y9Yljwcnx0QZqziKf4FiYWIxwnAbKGr9lUMLzPC9pbg==

Redirect headers

Date: Sun, 21 Jan 2024 18:41:26 GMT
Via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
Age: 77394
X-Amz-Cf-Pop: AMS1-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pL1Mh0I67l_j1dIQ-UyGz36R73lnSeGHBu8HdY0O0HPBLp5_wAycFQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/ 0
808 B 30ms
15ms Script
text/javascript 2600:9000:2104:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Amz-Version-Id: ig6udV_IinFqVal3I_bZSm6CvwmJfqpW
Date: Mon, 22 Jan 2024 15:26:26 GMT
Via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
Age: 3347
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 20 Jan 2024 12:28:34 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: EczTk_3jZ6HICPkgC_hRg3rxYS9W2tQ-3gcqrOBtlus_HzwHViUVPQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1227304468&t=pageview&_s=1&dl=https%3A%2F%2Fdr.cash%2Fsign-up&ul=en-us&de=UTF-8&dt=Sign%20Up%20%E2%80%94%20dr.cash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1529380154&gjid=567157095&cid=811972536.1705939882&tid=UA-139208348-1&_gid=122676203.1705939882&_r=1&_slc=1&gtm=45He41h0n81M3WXP5Jv831522012&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=811972536.1705939882&z=1982691199

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dr.cash/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dr.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 704104720452383 Show response
connect.facebook.net/signals/config/ 143 KB
37 KB 166ms
165ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/704104720452383?v=2.9.141&r=stable&domain=dr.cash

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bbed1f2a7c6bed5136f03697e3ec560292dad04ba40aeefdcf859de6f2effd4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 16:11:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: a+HRPNtmQTAofXUftN2DN3WvjmNAvP4jc7rIjWttKPUqISa4A1C/rKEA6jAxxRdCc4gF9Ot6pzv/TZEEcMk8Vw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-139208348-1&cid=811972536.1705939882&jid=1529380154&gjid=567157095&_gid=122676203.1705939882&_u=YADAAEAAAAAAACAEK~&z=1294620015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dr.cash/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 Jan 2024 16:11:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dr.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame C57D 55 KB
24 KB 60ms
20ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_qZMUAAAAAE0mLqU8OdTvyvnkTfwDMuYvw0vW&co=aHR0cHM6Ly9kci5jYXNoOjQ0Mw..&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=45bo3gxyl516

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:07:46 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame C57D 505 KB
202 KB 70ms
30ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9238b80c2136d2ea6bdd9fadc5a0f80dc61f11104a40d17084d4f4cc3dc13447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207120
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:25:32 GMT

GET
H2 200 main.MTc3MGUxMzJiMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 377 KB
101 KB 20ms
20ms Script
application/javascript 2.19.96.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSLB2S0QH7P7CAP6MET0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.137 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6a8a3a2eea52dace732bf19f82a8bb928b8bad4cd800bca5094f5fa501330d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 2bc699dd
date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240112163558E9AF2F1912D1615D94C6
x-tt-trace-id: 00-240112163558E9AF2F1912D1615D94C6-239E0E21967BA2D4-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-19-96-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012ace6df3b4c99139ec9aeba53936627e8c7a7b344fdfb970507d70211a11a77d553dc73ee17ef6d85ac8cb43fdb9c782edb75433af228ecd8d3deb2dfb16fb95d410aa1aced98df4cd80b7c083628a77a4dc8ccb323ea6b8a7e71fc682c21ce1
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=4
content-length: 103193

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 44ms
44ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-139208348-1&cid=811972536.1705939882&jid=1529380154&_u=YADAAEAAAAAAACAEK~&z=673561993

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-139208348-1&cid=811972536.1705939882&jid=1529380154&_u=YADAAEAAAAAAACAEK~&z=673561993

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 21ms
21ms Script
application/javascript 2.19.96.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.137 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 2bc69a28
date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240104153740A6ECF4B4A90E4B233E85
x-tt-trace-id: 00-240104153740A6ECF4B4A90E4B233E85-6B957938343F7B90-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-96-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014d2e38e37fb5969bb1bf9629a99451973683b46553665ae9e8c25f4019c2b6ae4b4c3187b5d85518e9a88c2511d5dd52b406c0e4fcce7f193776f63616de9c0be4b71e76cdd7f3543403361b550e41c025cba41b363c2ff00b540caea1506b78
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=1
content-length: 36821

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 170ms
169ms Ping
text/plain 2.19.96.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.137 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dr.cash/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2bc69a3c
date: Mon, 22 Jan 2024 16:11:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401221611212D8507E372B634396046-08D083CE07705F43-00
x-cache: TCP_MISS from a2-19-96-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=45, cdn-cache; desc=MISS, edge; dur=7, origin; dur=134
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401221611212D8507E372B634396046
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 136,2.19.96.133
x-tt-trace-host: 010fc9c5f43c3b42c6e3d5c79e7a32117144ea5382a499a17be68d6ef0e744e223de52ff426e3ffd7b0ea74a28f8d43345f77ea2bb6703cc1505eb2dbf4936784bde85d1a6f1dbc1897855e863addecda0574c484d4c150eba3a284d7710b41a4e
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jan 2024 16:11:21 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 170ms
170ms Ping
text/plain 2.19.96.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.137 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dr.cash/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3327c4fe.2bc69a3d
date: Mon, 22 Jan 2024 16:11:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240122161121A331BC92A1E9253E9C20-569B1977886C3915-00
x-cache: TCP_MISS from a2-19-96-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 130,2.19.96.133
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=47, inner; dur=45
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240122161121A331BC92A1E9253E9C20
x-cache-remote: TCP_MISS from a23-220-106-136.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 47,23.220.106.136
x-tt-trace-host: 010fc9c5f43c3b42c6e3d5c79e7a321171729a184423ba621461a3f1e6219ffc361b3efe577acbb0b25c023e315984eeecf49b3e420a333ea4b3db53c25ff5243e9b970b97ff31d2e3e94ebe53c200dc902df877c966028163c54deab6dde0366b91418c9bb8fc7307d6d7da87e2e424be
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jan 2024 16:11:21 GMT

GET
H2 200 GQMRZ5GEE5G4DGLB6SNKNW Show response
d.adroll.com/consent/check/ 498 B
1 KB 111ms
32ms Script
application/javascript 2a05:d018:cc3:fe05:d174:90d8:a61a:34b2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/GQMRZ5GEE5G4DGLB6SNKNW?pv=66099201894.04439&arrfrr=https%3A%2F%2Fdr.cash%2Fsign-up&_s=a383c85c48a358813382f903dd82aeb7&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:d174:90d8:a61a:34b2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e8344789bd68e7c1eb2a585b02e757d5f3ddea1fe39cd10023e8ff4fbf544d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Mon, 22 Jan 2024 16:11:21 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 498
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10256.R2rYtu8sfiKse1ZpMUU4HteMiK5GvRph1Rt6ndh4N14cfaZW1WHLeSuT4BQ-RbQ2.4a5zsK4dncZqN1pN-Qj1figMbTw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10256.wK-scg2UbAy72OWiqnuSGHDzfcG3DLWfCq0-xL852ByVqru17KvQ4s1gvbVqk_xqa7T-8ijJ4REZp9NPcftGB93JlJ0Yicz2MjXUXjJE3i-IniZByrFvajqxV8O3urmwxfT0_bLzK-...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10256.sqaRwbztEA_HCdrDXzDjL8gtZxxtC5_Sj9xHerY3q9nNmVzEqTQUkOPwDQbskC5I2Xon66ObcAB2jLTYf64xDO7O3YjxyxsUJsKEmHVtmiqWG...

43 B
581 B

60ms
60ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10256.sqaRwbztEA_HCdrDXzDjL8gtZxxtC5_Sj9xHerY3q9nNmVzEqTQUkOPwDQbskC5I2Xon66ObcAB2jLTYf64xDO7O3YjxyxsUJsKEmHVtmiqWGRYgT0UFP_086H9Scu36h9q_iNhgl09DWocqj_bJgoHZX_69XWG4hDOpSzKpqMT5JtEKgE2j8kEe4b_GPNLqWzGjVKZecCaDfy4AVjHeIg%2C%2C.mycfDZVaUPnBl-BLZ7WvM1wg8dU%2C

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:22 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10256.sqaRwbztEA_HCdrDXzDjL8gtZxxtC5_Sj9xHerY3q9nNmVzEqTQUkOPwDQbskC5I2Xon66ObcAB2jLTYf64xDO7O3YjxyxsUJsKEmHVtmiqWGRYgT0UFP_086H9Scu36h9q_iNhgl09DWocqj_bJgoHZX_69XWG4hDOpSzKpqMT5JtEKgE2j8kEe4b_GPNLqWzGjVKZecCaDfy4AVjHeIg%2C%2C.mycfDZVaUPnBl-BLZ7WvM1wg8dU%2C
date: Mon, 22 Jan 2024 16:11:22 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
496 B 59ms
59ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: dr.cash
URL: https://dr.cash/sign-up

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jan 2024 16:14:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65a94e6e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 22 Jan 2024 17:11:21 GMT

GET
H3 200 0Cqmw64vVDdXjGZEoSN2NjFc6s-AADeaJ1f3yoXUl2A.js Show response
www.google.com/js/bg/ Frame C57D 17 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/0Cqmw64vVDdXjGZEoSN2NjFc6s-AADeaJ1f3yoXUl2A.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02aa6c3ae2f5437578c6644a1237636315ceacf8000379a2757f7ca85d49760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_qZMUAAAAAE0mLqU8OdTvyvnkTfwDMuYvw0vW&co=aHR0cHM6Ly9kci5jYXNoOjQ0Mw..&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=45bo3gxyl516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 21:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 21:08:12 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C57D 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:45:59 GMT
x-content-type-options: nosniff
age: 498322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 23 Jan 2024 21:45:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C57D 15 KB
16 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 319465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C57D 15 KB
15 KB 72ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:08 GMT
x-content-type-options: nosniff
age: 21793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 10:08:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C57D 102 B
135 B 28ms
28ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3743ab7552a5dd616a0d6210a47b76b887fc2bae4a60ad7db878cb538c0b133

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_qZMUAAAAAE0mLqU8OdTvyvnkTfwDMuYvw0vW&co=aHR0cHM6Ly9kci5jYXNoOjQ0Mw..&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=45bo3gxyl516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 16:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 22 Jan 2024 16:11:21 GMT

GET
H/1.1

200
OK

G5XDMYNXE5H3NH6F2MIYYU.js Show response
s.adroll.com/pixel/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/
Redirect Chain

https://d.adroll.com/pixel/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT?adroll_fpc=2c7ce335a04a12924090eca2343ec92f-1705939881920&pv=66099201894.04439&arrfrr=https%3A%2F%2Fdr.cash%2Fsign-up&cookie...
https://s.adroll.com/pixel/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/G5XDMYNXE5H3NH6F2MIYYU.js

2 KB
2 KB

15ms
15ms

Script
text/javascript

2600:9000:2104:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/G5XDMYNXE5H3NH6F2MIYYU.js
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: HTTP/1.1
Server: 2600:9000:2104:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6110305d7208b0bcc618875ee59c625b3237946cfd39ff093050359f66ca06ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Amz-Version-Id: M7oAjrsXOJWIXo5mhWlUNWgIOkGU68wK
Content-Encoding: gzip
Via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
Date: Mon, 22 Jan 2024 15:30:42 GMT
Age: 2440
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 07 Dec 2023 12:34:06 GMT
Server: AmazonS3
Etag: W/"c3a43c7d483e46b572e1d4c01d6da5a6"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: yH0n2GwUwEBj4Kbh8pZ4cs8frdMVYycX-xeF8X2awcPPo6B6YV77NQ==

Redirect headers

date: Mon, 22 Jan 2024 16:11:21 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *
x-segment-eid: G5XDMYNXE5H3NH6F2MIYYU
location: https://s.adroll.com/pixel/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT/G5XDMYNXE5H3NH6F2MIYYU.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: XNYKGVAERZAJHAC2PJKLFT
x-segment-name: *
x-advertisable-eid: GQMRZ5GEE5G4DGLB6SNKNW
x-conversion-currency: EUR

GET
H2 200 XNYKGVAERZAJHAC2PJKLFT
ipv4.d.adroll.com/px4/GQMRZ5GEE5G4DGLB6SNKNW/ 42 B
176 B 119ms
30ms Image
image/gif 34.241.154.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/GQMRZ5GEE5G4DGLB6SNKNW/XNYKGVAERZAJHAC2PJKLFT?adroll_fpc=2c7ce335a04a12924090eca2343ec92f-1705939881920&pv=66099201894.04439&arrfrr=https%3A%2F%2Fdr.cash%2Fsign-up&cookie=&adroll_s_ref=&keyw=&p0=337
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.154.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-154-2.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:22 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 42
content-type: image/gif

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
701 B 151ms
151ms Ping
text/plain 2.19.96.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.137 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dr.cash/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2bc69ad1
date: Mon, 22 Jan 2024 16:11:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240122161122EB4DF41659D07E8829D8-086795CDAB96F0E9-00
x-cache: TCP_MISS from a2-19-96-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=25, cdn-cache; desc=MISS, edge; dur=6, origin; dur=121
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240122161122EB4DF41659D07E8829D8
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 121,2.19.96.133
x-tt-trace-host: 010fc9c5f43c3b42c6e3d5c79e7a32117144ea5382a499a17be68d6ef0e744e22359d81fac6bf2d41cc49a9d1b9a09938a9abbc2278d8738dfbbcbb882c4f8524def48569c67daf1ce7aa392b523d7ea4df424a0743d51e31e85c40d703e37cfbb
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jan 2024 16:11:22 GMT

GET
H2 200 gpy16vow Show response
widget.intercom.io/widget/ 7 KB
3 KB 75ms
39ms Script
application/javascript 18.239.36.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/gpy16vow
Requested by: Host: dr.cash
URL: https://dr.cash/sign-up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-23.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0475d546b344aeed3ed6b8b77b8481af6945ec5cd5169a4ea10459de21e0443

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qrFu8jEGRte99X7bGPV1d.TqDw.EI7cN
content-encoding: gzip
via: 1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
date: Mon, 22 Jan 2024 16:06:50 GMT
x-amz-cf-pop: AMS58-P2
age: 273
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2706
last-modified: Mon, 22 Jan 2024 13:51:56 GMT
server: AmazonS3
etag: "e5b53d1074a8aa90afc91edfc3d7a8bd"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: Zhtp5IJ8pRC_1uloBdpKlaGraoxUUuAyn0Ma54V9qpIiFtgialAoXQ==

GET
H2

200

1 Show response
mc.yandex.com/watch/84420421/
Redirect Chain

https://mc.yandex.com/watch/84420421?wmode=7&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/84420421/1?wmode=7&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

447 B
539 B

58ms
58ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/84420421/1?wmode=7&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1480373801007%3Ahid%3A633336183%3Az%3A60%3Ai%3A20240122171121%3Aet%3A1705939882%3Ac%3A1%3Arn%3A448983935%3Arqn%3A1%3Au%3A1705939882832449947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C54%2C74%2C1%2C0%2C0%2C%2C131%2C1%2C%2C%2C%2C344%3Aco%3A0%3Acpf%3A1%3Ans%3A1705939881113%3Agi%3AR0ExLjIuODExOTcyNTM2LjE3MDU5Mzk4ODI%3D%3Afp%3A309%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705939882%3At%3ASign%20Up%20%E2%80%94%20dr.cash&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a3805494c7aa7000a9c95c40a620400881fc518641ff0c2055c4b86421c667a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 22-Jan-2024 16:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dr.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Mon, 22-Jan-2024 16:11:22 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:22 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 22-Jan-2024 16:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/84420421/1?wmode=7&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1480373801007%3Ahid%3A633336183%3Az%3A60%3Ai%3A20240122171121%3Aet%3A1705939882%3Ac%3A1%3Arn%3A448983935%3Arqn%3A1%3Au%3A1705939882832449947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C54%2C74%2C1%2C0%2C0%2C%2C131%2C1%2C%2C%2C%2C344%3Aco%3A0%3Acpf%3A1%3Ans%3A1705939881113%3Agi%3AR0ExLjIuODExOTcyNTM2LjE3MDU5Mzk4ODI%3D%3Afp%3A309%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705939882%3At%3ASign%20Up%20%E2%80%94%20dr.cash&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://dr.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 22-Jan-2024 16:11:22 GMT

GET
H2 200 frame-modern.ed6720b2.js Show response
js.intercomcdn.com/ Frame 933D 878 KB
250 KB 116ms
35ms Script
application/javascript 13.224.103.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.ed6720b2.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gpy16vow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-7.zrh50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7eea90be825d547b30a7a614745bbdf17d0bea1022ebdb6d6c82e8a5ca0de938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: M0w6kgxovt1dMIcvTZs7Z7VHxhTSw9Aa
content-encoding: gzip
via: 1.1 a70d280cd058ea89c08954ea0ad67198.cloudfront.net (CloudFront)
date: Mon, 22 Jan 2024 15:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ZRH50-C1
age: 1162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 255181
last-modified: Mon, 22 Jan 2024 13:49:19 GMT
server: AmazonS3
etag: "2a7de4962877a610c7092295d4ea739e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: oQR2x9HAlnJtBSFVeDdqBIfoq6XF7jbGJJOBNGDz6aJX8wZKSTy6BQ==

GET
H2 200 vendor-modern.4798fff6.js Show response
js.intercomcdn.com/ Frame 933D 426 KB
131 KB 200ms
120ms Script
application/javascript 13.224.103.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.4798fff6.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gpy16vow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-7.zrh50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

659646e379eb3281e62c3b079f1f714f8cf487eceee43055c5bdb4d5aaabdb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: V_n7PhBH3AnvGdJw.E9bHfI0rkJtQ1gz
content-encoding: gzip
via: 1.1 a70d280cd058ea89c08954ea0ad67198.cloudfront.net (CloudFront)
date: Mon, 22 Jan 2024 14:44:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ZRH50-C1
age: 5202
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133882
last-modified: Fri, 19 Jan 2024 13:52:55 GMT
server: AmazonS3
etag: "5661811dd3a4c069600081813b6a5bf1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: wiq5Ic9Ji_c03AaPZ2_fSGMHl2mdyYVWg-6N0TiCimLhlSKDdYJ7FA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 61ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=704104720452383&ev=PageView&dl=https%3A%2F%2Fdr.cash%2Fsign-up&rl=&if=false&ts=1705939882213&cd[content_name]=landing_page&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705939882014.2054224697&cs_est=true&ler=empty&it=1705939881678&coo=false&cdl=&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 16:11:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 933D 10 KB
3 KB 800ms
595ms XHR
application/json 3.93.29.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ed6720b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.29.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-29-232.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8687e2c63e90ae15db4a93c4f4706943c6d4f6a2603936be2a8fb2cdf25b328e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Jan 2024 16:11:23 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0cd843040a8ad7593
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00019rjglbpjcigg7v0g
x-runtime: 0.437710
server: nginx
etag: W/"8687e2c63e90ae15db4a93c4f4706943"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dr.cash
x-intercom-version: f1fef85a00de03018dbff8d1737a6e07e50b48a6
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2 200 84420421
mc.yandex.com/webvisor/ 43 B
0 173ms
173ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/84420421?wv-part=1&wv-type=7&wmode=0&wv-hit=633336183&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&rn=549996466&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1705939885%3Aw%3A1600x1200%3Av%3A1211%3Az%3A60%3Ai%3A20240122171124%3Au%3A1705939882832449947%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1705939885&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dr.cash/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:24 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 22-Jan-2024 16:11:24 GMT
content-type: image/gif
access-control-allow-origin: https://dr.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Jan-2024 16:11:24 GMT

POST
H2 200 84420421
mc.yandex.com/webvisor/ 43 B
0 63ms
63ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/84420421?wv-part=1&wv-type=7&wmode=0&wv-hit=633336183&page-url=https%3A%2F%2Fdr.cash%2Fsign-up&rn=871426591&browser-info=we%3A1%3Aet%3A1705939885%3Aw%3A1600x1200%3Av%3A1211%3Az%3A60%3Ai%3A20240122171124%3Au%3A1705939882832449947%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1705939885&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dr.cash/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:24 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 22-Jan-2024 16:11:24 GMT
content-type: image/gif
access-control-allow-origin: https://dr.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 22-Jan-2024 16:11:24 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JHFMLTL199&gtm=45je41h0v873059870&_p=1705939881398&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=811972536.1705939882&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705939881&sct=1&seg=0&dl=https%3A%2F%2Fdr.cash%2Fsign-up&dt=Sign%20Up%20%E2%80%94%20dr.cash&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5509
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JHFMLTL199&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dr.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 16:11:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dr.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dr.cash/	1969-12-31 23:59:59	Name: reg_step1 Value: 1
.dr.cash/	1970-01-21 03:28:19	Name: _ga_JHFMLTL199 Value: GS1.1.1705939881.1.0.1705939881.60.0.0
.dr.cash/	1970-01-21 03:28:19	Name: _ga Value: GA1.2.811972536.1705939882
.dr.cash/	1970-01-20 17:53:46	Name: _gid Value: GA1.2.122676203.1705939882
.dr.cash/	1970-01-20 17:52:19	Name: _gat_UA-139208348-1 Value: 1
.tiktok.com/	1970-01-21 03:13:55	Name: _ttp Value: 2bJj45Hh7RANijEWskbH3MhcknU
.dr.cash/	1970-01-21 03:13:55	Name: _tt_enable_cookie Value: 1
.dr.cash/	1970-01-21 03:13:55	Name: _ttp Value: YU4bi9AHNSSpSB4Fip82ZmHm0-1
.dr.cash/	1970-01-21 02:37:55	Name: _ym_uid Value: 1705939882832449947
.dr.cash/	1970-01-21 02:37:55	Name: _ym_d Value: 1705939882
.d.adroll.com/	1970-01-21 03:21:07	Name: __adroll Value: c9a55a450adea124814516b9e9bf24e8-a_1705939881
.d.adroll.com/	1970-01-21 03:21:07	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 03:21:07	Name: __adroll_shared Value: c9a55a450adea124814516b9e9bf24e8-a_1705939881
.mc.yandex.com/	1970-01-20 17:52:20	Name: sync_cookie_csrf Value: 4239722587fake
.dr.cash/	1970-01-21 02:38:17	Name: __adroll_fpc Value: 2c7ce335a04a12924090eca2343ec92f-1705939881920
.yandex.com/	1970-01-21 03:28:19	Name: i Value: 6EaU3TP3DLk/LCuSfoFfbh0TagzfIKSP3z+KnWRhnpIbW8texpB3K5oyUJG0WqGd45cuKjPvxuYDOxyjiR0hepPnKUk=
.yandex.com/	1970-01-21 02:37:55	Name: yandexuid Value: 911517331705939881
.dr.cash/	1970-01-20 17:53:31	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:52:20	Name: sync_cookie_csrf Value: 3577371388fake
.dr.cash/	1970-01-21 02:37:55	Name: __ar_v4 Value: %7CGQMRZ5GEE5G4DGLB6SNKNW%3A20240121%3A1%7CXNYKGVAERZAJHAC2PJKLFT%3A20240121%3A1%7CG5XDMYNXE5H3NH6F2MIYYU%3A20240121%3A1
.dr.cash/	1970-01-20 20:01:55	Name: _fbp Value: fb.1.1705939882014.2054224697
.mc.yandex.com/	1970-01-20 17:53:46	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 03:28:19	Name: yandexuid Value: 911517331705939881
.yandex.ru/	1970-01-21 03:28:19	Name: yuidss Value: 911517331705939881
.yandex.ru/	1970-01-21 03:28:19	Name: i Value: 6EaU3TP3DLk/LCuSfoFfbh0TagzfIKSP3z+KnWRhnpIbW8texpB3K5oyUJG0WqGd45cuKjPvxuYDOxyjiR0hepPnKUk=
.yandex.ru/	1970-01-21 03:28:19	Name: yp Value: 1706026282.yu.5731788231705939881
.yandex.ru/	1970-01-21 02:37:55	Name: ymex Value: 1708531882.oyu.5731788231705939881
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 499681261705939882
.yandex.com/	1970-01-21 02:37:55	Name: yuidss Value: 911517331705939881
.yandex.com/	1970-01-21 02:37:55	Name: ymex Value: 1737475882.yrts.1705939882
.yandex.com/	1970-01-21 02:37:55	Name: bh Value: KgI/MA==
.dr.cash/	1970-01-20 17:52:21	Name: _ym_visorc Value: w
.dr.cash/	1970-01-21 00:21:09	Name: intercom-id-gpy16vow Value: fe29593d-24eb-4c45-88cd-c35e949f56ad
.dr.cash/	1970-01-20 18:02:24	Name: intercom-session-gpy16vow Value:
.dr.cash/	1970-01-21 00:21:09	Name: intercom-device-id-gpy16vow Value: 9a4231cf-b46f-4293-820e-96ddf77002c9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-iam.intercom.io
connect.facebook.net
d.adroll.com
dr.cash
fonts.gstatic.com
ipv4.d.adroll.com
js.intercomcdn.com
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
s.adroll.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
13.224.103.7
18.239.36.23
2.19.96.137
2001:4860:4802:34::36
2600:9000:2104:f800:6:9280:1080:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:810::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9b
2a02:6b8::1:119
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe05:d174:90d8:a61a:34b2
2a06:98c1:3121::3
3.93.29.232
34.241.154.2
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cd3a245be576029c45538c737e2f7f113e1e0e4ba144630a8fc820883801c90
2521625c2186309829069d7a531c2c9524d4ae77990a0c4df9b9081b7415c845
2f73676b992e11f26261973fd00a79018d214b4cfb5ed18f9ad361cd071f8343
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea8fde1d63f90e70191254e3512dfa5753930ab31fa68ee617b614b85d8426f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6110305d7208b0bcc618875ee59c625b3237946cfd39ff093050359f66ca06ff
659646e379eb3281e62c3b079f1f714f8cf487eceee43055c5bdb4d5aaabdb19
65aaefc70732f81621ea791f680fecf68db87077435b1c47b5c4f191e26ba4c6
696cd525a61f739700b2d9e4f05631ffe3195e82669e6f3ba653bed1817275c9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
7eea90be825d547b30a7a614745bbdf17d0bea1022ebdb6d6c82e8a5ca0de938
8687e2c63e90ae15db4a93c4f4706943c6d4f6a2603936be2a8fb2cdf25b328e
8b76565ece51143457d8bcdc8720aa52703787262345b7e703334b671a489939
9238b80c2136d2ea6bdd9fadc5a0f80dc61f11104a40d17084d4f4cc3dc13447
93c7e714af59e162f3fce56c3a6c30bd5c77d64c992e055f02867e6329afcb74
9c07bd93f658daba37c39d0e8f0e9ae5fd90b0d86d4316863189046b0d8dd449
a21a4d16a66fe5c14c3fa5e1114bf740491a3952e890bf6c7957aa4a8bc81064
a3805494c7aa7000a9c95c40a620400881fc518641ff0c2055c4b86421c667a2
a6a8a3a2eea52dace732bf19f82a8bb928b8bad4cd800bca5094f5fa501330d0
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
ac5112cd24118ddbb3acc9bb307a025d694ff0e3b24aed3664abe37cc7d105dc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b9495a3be04ee2efba3a2848a90fb8b9266b95df0e7bc44cc48c771f0587da65
bbed1f2a7c6bed5136f03697e3ec560292dad04ba40aeefdcf859de6f2effd4a
cb6cafa2f747842934705931eb6170542c2559ad373ac7adca73c635c0163e9d
d02aa6c3ae2f5437578c6644a1237636315ceacf8000379a2757f7ca85d49760
d27594f8838badd583c36992695ab5d4d0ffdbab450792f719a8cb3a921989ab
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df59e1041b90b9e9ebe68d9767377a213e8ae08337bc1d4f8e26421de53c1d70
e0475d546b344aeed3ed6b8b77b8481af6945ec5cd5169a4ea10459de21e0443
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8344789bd68e7c1eb2a585b02e757d5f3ddea1fe39cd10023e8ff4fbf544d48
ee40e49a73fde665353fcf011d597f73f165e9f33be054f4cddf726ef32044fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3743ab7552a5dd616a0d6210a47b76b887fc2bae4a60ad7db878cb538c0b133
f44d050771c1830b26e2df9777a4261ee29c8fd5e0673774507c7d6ff2c4b24e
f4e24b6304680594eddb280823c120a2a8df4c39d42a76b759d772a32dbc03ef
fd1507466b8081f9030b8f5f1763cbcb6b6691fe7f95dc304cfcadbdbc113e1e

dr.cash Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

93 %HTTPS

72 %IPv6

15 Domains

20 Subdomains

18 IPs

5 Countries

1563 kBTransfer

4519 kBSize

35 Cookies

0 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

dr.cash Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

93 %
HTTPS

72 %
IPv6

15
Domains

20
Subdomains

18
IPs

5
Countries

1563 kB
Transfer

4519 kB
Size

35
Cookies

59 HTTP transactions
0 data transactions