m.cashcabin.com Open in urlscan Pro
104.18.18.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/JkTF4lITDB
Effective URL:
https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
Submission: On March 29 via api (March 29th 2022, 8:16:57 am UTC) from BE — Scanned from DE

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 23 domains to perform 62 HTTP transactions. The main IP is 104.18.18.30, located in and belongs to CLOUDFLARENET, US. The main domain is m.cashcabin.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on August 21st 2020. Valid for: 2 years.

This is the only time m.cashcabin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 1	216.117.148.17 216.117.148.17	10843 (AITNET) (AITNET)
1 1	2001:41d0:302... 2001:41d0:302:2200::3e86	16276 (OVH) (OVH)
1 1	174.138.6.56 174.138.6.56	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	104.18.13.129 104.18.13.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	104.18.18.30 104.18.18.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223d:c600:e:786e:9000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	91.201.28.211 91.201.28.211	203480 (QUALITYUNIT) (QUALITYUNIT)
1	108.138.1.193 108.138.1.193	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
10	54.156.217.194 54.156.217.194	14618 (AMAZON-AES) (AMAZON-AES)
2	20.93.28.56 20.93.28.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700::68... 2606:4700::6812:1551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	52.222.214.30 52.222.214.30	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.98 108.157.4.98	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b900:4fef:61b7:bea7:a07e	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2600:9000:249... 2600:9000:2490:d600:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	108.138.7.111 108.138.7.111	16509 (AMAZON-02) (AMAZON-02)
62	22

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.117.148.17 (United States) 1 redirects

ASN10843 (AITNET, US)
PTR: mogador.narcose.uk.com

mogador.narcose.uk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:302:2200::3e86 (France) 1 redirects

ASN16276 (OVH, FR)

santos-mtb.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.138.6.56 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: click7.geni.link

sdjdghsdtywehgewn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.129 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bingocabin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.18.30 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.cashcabin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookies.cashcabin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.cashcabin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:c600:e:786e:9000:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.zuko.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.201.28.211 (Slovakia)

ASN203480 (QUALITYUNIT, SK)

www.gamingpartners.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.1.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-193.fra56.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.156.217.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-217-194.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.93.28.56 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.statsig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1551 (United States)

ASN13335 (CLOUDFLARENET, US)

gateway-ecp.multikube.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.222.214.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-30.fra56.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-98.dus51.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:4fef:61b7:bea7:a07e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

cdn.contentful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:d600:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net

29576747429889.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 12845 assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 17361 29576747429889.webpush.freshchat.com	728 KB
11	cashcabin.com 2 redirects www.cashcabin.com cookies.cashcabin.com m.cashcabin.com	407 KB
4	multikube.io gateway-ecp.multikube.io	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 98	20 KB
2	contentful.com cdn.contentful.com — Cisco Umbrella Rank: 10013	180 KB
2	statsig.com api.statsig.com — Cisco Umbrella Rank: 30218	802 B
2	gamingpartners.co.uk www.gamingpartners.co.uk	8 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4891	13 KB
1	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 4824	126 B
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 14546	25 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3714	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 20	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 163	441 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 4062	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 132	37 KB
1	zuko.io assets.zuko.io — Cisco Umbrella Rank: 426160	5 KB
1	bingocabin.com 1 redirects www.bingocabin.com	429 B
1	sdjdghsdtywehgewn.eu 1 redirects sdjdghsdtywehgewn.eu	239 B
1	santos-mtb.be 1 redirects santos-mtb.be	326 B
1	uk.com 1 redirects mogador.narcose.uk.com	385 B
1	t.co t.co — Cisco Umbrella Rank: 530	689 B
62	23

	Domain	Requested by
14	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
10	wchat.freshchat.com	m.cashcabin.com wchat.freshchat.com assetscdn-wchat.freshchat.com
5	m.cashcabin.com	t.co m.cashcabin.com
5	cookies.cashcabin.com	1 redirects www.datadoghq-browser-agent.com
4	gateway-ecp.multikube.io	www.datadoghq-browser-agent.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com m.cashcabin.com
2	29576747429889.webpush.freshchat.com	wchat.freshchat.com 29576747429889.webpush.freshchat.com
2	cdn.contentful.com	www.datadoghq-browser-agent.com
2	api.statsig.com	www.datadoghq-browser-agent.com
2	www.gamingpartners.co.uk	m.cashcabin.com www.gamingpartners.co.uk
1	fonts.gstatic.com	fonts.googleapis.com
1	images.ctfassets.net
1	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	fonts.googleapis.com	m.cashcabin.com
1	www.google.de	m.cashcabin.com
1	www.google.com	m.cashcabin.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.datadoghq-browser-agent.com	m.cashcabin.com
1	www.googletagmanager.com	m.cashcabin.com
1	assets.zuko.io	m.cashcabin.com
1	www.cashcabin.com	1 redirects
1	www.bingocabin.com	1 redirects
1	sdjdghsdtywehgewn.eu	1 redirects
1	santos-mtb.be	1 redirects
1	mogador.narcose.uk.com	1 redirects
1	t.co
62	27

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.cashcabin.com SSL.com RSA SSL subCA	`2020-08-21` - `2022-08-21`	2 years	crt.sh
zuko.io Amazon	`2021-08-12` - `2022-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.gamingpartners.co.uk Go Daddy Secure Certificate Authority - G2	`2021-07-06` - `2022-08-07`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
statsig.com R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-24` - `2022-05-23`	a year	crt.sh
freshchat.com Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
freshworksapi.com Amazon	`2022-01-03` - `2023-01-31`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
cdn.contentful.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.wchat.webpush.myfreshworks.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
Frame ID: 6AA408ED700AB0AE1F86396D8C5D3DFA
Requests: 31 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Frame ID: C2414B30D7FB5B48B3B9020A432FF9F0
Requests: 22 HTTP requests in this frame

Frame: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Frame ID: BB551A2A08BB5D04DD90CE332518F34C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CashCabin.com

Page URL History Show full URLs

https://t.co/JkTF4lITDB Page URL
http://mogador.narcose.uk.com/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTNFhWMFh... HTTP 302
http://santos-mtb.be/ol0nT75zh56lSo&s1=&s2=2&s3=A1XC-1XR2XM1XS4XV0XN10XO279XW0XP0XL0XU0XT1X&s4=-1... HTTP 302
https://sdjdghsdtywehgewn.eu/aff_c?offer_id=14111&aff_id=5405&aff_sub=2343&aff_sub2=GOVH2-4572294&aff_sub... HTTP 302
https://www.bingocabin.com/offer.aspx?cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&d... HTTP 301
https://www.cashcabin.com/offer.aspx?cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&d... HTTP 301
https://cookies.cashcabin.com/api/Tracker/GetLandingPage/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f... HTTP 302
https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-45... Page URL

Detected technologies

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

62
Requests

97 %
HTTPS

48 %
IPv6

23
Domains

27
Subdomains

22
IPs

8
Countries

1495 kB
Transfer

6362 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/JkTF4lITDB Page URL
http://mogador.narcose.uk.com/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTNFhWMFhOMTBYTzI3OVhXMFhQMFhMMFhVMFhUMVg= HTTP 302
http://santos-mtb.be/ol0nT75zh56lSo&s1=&s2=2&s3=A1XC-1XR2XM1XS4XV0XN10XO279XW0XP0XL0XU0XT1X&s4=-1&s5=0 HTTP 302
https://sdjdghsdtywehgewn.eu/aff_c?offer_id=14111&aff_id=5405&aff_sub=2343&aff_sub2=GOVH2-4572294&aff_sub3=24&aff_sub4=1&r__h=c9b67 HTTP 302
https://www.bingocabin.com/offer.aspx?cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343 HTTP 301
https://www.cashcabin.com/offer.aspx?cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343 HTTP 301
https://cookies.cashcabin.com/api/Tracker/GetLandingPage/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343 HTTP 302
https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 JkTF4lITDB
t.co/ 613 B
689 B 138ms
122ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/JkTF4lITDB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 29 Mar 2022 08:16:45 GMT
vary: Origin
server: tsa_o
expires: Tue, 29 Mar 2022 08:21:46 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 303
referrer-policy: unsafe-url
content-encoding: gzip
x-xss-protection: 0
content-security-policy: referrer always;
strict-transport-security: max-age=0
x-response-time: 115
x-connection-hash: adefd7447d5b163d3d9593560a34a07befc74e9a5a8c8312a5d5d87dec954c6e

GET
H2

200

Primary Request / Show response
m.cashcabin.com/register/
Redirect Chain

http://mogador.narcose.uk.com/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTNFhWMFhOMTBYTzI3OVhXMFhQMFhMMFhVMFhUMVg=
http://santos-mtb.be/ol0nT75zh56lSo&s1=&s2=2&s3=A1XC-1XR2XM1XS4XV0XN10XO279XW0XP0XL0XU0XT1X&s4=-1&s5=0
https://sdjdghsdtywehgewn.eu/aff_c?offer_id=14111&aff_id=5405&aff_sub=2343&aff_sub2=GOVH2-4572294&aff_sub3=24&aff_sub4=1&r__h=c9b67
https://www.bingocabin.com/offer.aspx?cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
https://www.cashcabin.com/offer.aspx?cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
https://cookies.cashcabin.com/api/Tracker/GetLandingPage/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

6 KB
2 KB

631ms
608ms

Document
text/html

104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Requested by

Host: t.co
URL: https://t.co/JkTF4lITDB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deafdc9f94d889c03d03640dda1998d48ef5ac6ceaec4e46e7363f48a482f408

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/JkTF4lITDB

Response headers

date: Tue, 29 Mar 2022 08:16:49 GMT
content-type: text/html
cache-control: max-age=360,stale-while-revalidate=420
last-modified: Wed, 23 Mar 2022 08:43:15 GMT
vary: Accept-Encoding
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-powered-by
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f372a63dfe99004-FRA
content-encoding: gzip

Redirect headers

date: Tue, 29 Mar 2022 08:16:49 GMT
content-length: 0
location: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f372a5fca749004-FRA

GET
H2 200 client.min.js Show response
assets.zuko.io/js/v2/ 13 KB
5 KB 37ms
7ms Script
application/javascript 2600:9000:223d:c600:e:786e:9000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zuko.io/js/v2/client.min.js
Requested by: Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c600:e:786e:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f1052b54111bbee89214ac149ab9b2cccf5b12b550d1e35f4672a009ca7d05d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:55:27 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:17:45 GMT
server: AmazonS3
age: 1283
etag: W/"8b14049d989c1b65994d17a86d26ebf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: -ZSv5gqtSWzM8Poe9nrHN2PVKxIPvVo_EyfmXQbwyoEtslA8SMdEcw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 145ms
53ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118703340-11

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0d196ef51b2ed5df83623551cc76902ee8af3d985de43098f39b96dde852d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37798
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Mar 2022 08:16:50 GMT

GET
H2 200 6e9ejyx6h Show response
www.gamingpartners.co.uk/scripts/ 31 KB
7 KB 171ms
26ms Script
application/javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamingpartners.co.uk/scripts/6e9ejyx6h

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

66f97a0d7be0e3638392e31e4dc62547e6151b4c15030373fe5034af50e4b5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-srv: 2
age: 117
content-length: 7215
last-modified: Mon, 14 Mar 2022 11:14:20 GMT
server: nginx
etag: "7cf4-5da2bc826fb00"
strict-transport-security: max-age=31536000
x-varnish: 827930155 826832671
via: 1.1 varnish (1.lb-app.pap.ws-eu)
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 29 Mar 2022 08:16:53 GMT

GET
H2 200 datadog-rum-us.js Show response
www.datadoghq-browser-agent.com/ 64 KB
21 KB 54ms
10ms Script
application/javascript 108.138.1.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Requested by: Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-193.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:36 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:21:10 GMT
server: AmazonS3
age: 15
etag: W/"20e006a0c5730657dae04bb52a46d540"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: KQ4E5Xk6ejwVUGZW2krgqdEp3rguaZ4Q9wdpDqtEtqNxUpZ17dOXKg==

GET
H2 200 main.321aee23.chunk.css
m.cashcabin.com/register/static/css/ 193 B
461 B 599ms
598ms Stylesheet
text/css 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.cashcabin.com/register/static/css/main.321aee23.chunk.css

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fcb742189e6659e05092056f6cd7b545968655aa252acac7d5224a29cec0e23

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
vary: Accept-Encoding
content-length: 275
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Mar 2022 15:30:00 GMT
server: cloudflare
etag: "08c6cb113ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 6f372a67fd499004-FRA
expires: Tue, 29 Mar 2022 12:16:50 GMT

GET
H2 200 2.76f783dc.chunk.js Show response
m.cashcabin.com/register/static/js/ 948 KB
373 KB 645ms
645ms Script
application/x-javascript 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.cashcabin.com/register/static/js/2.76f783dc.chunk.js

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ad96b6f0d8c41486858c797f129eff78efc2b73a8059967a87c24e8cccaa3f

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 08:43:15 GMT
server: cloudflare
etag: "a85f7d9923ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/x-javascript
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
cf-ray: 6f372a67fd4d9004-FRA
expires: Tue, 29 Mar 2022 12:16:50 GMT

GET
H2 200 main.584e2c1e.chunk.js Show response
m.cashcabin.com/register/static/js/ 61 KB
22 KB 613ms
613ms Script
application/x-javascript 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.cashcabin.com/register/static/js/main.584e2c1e.chunk.js

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1851631d989eaf4ba4c1396fca93e1b03876639988603afde6637c3b45e1683

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
vary: Accept-Encoding
content-length: 22115
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 08:43:15 GMT
server: cloudflare
etag: "189d8d9923ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/x-javascript
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 6f372a67fd4e9004-FRA
expires: Tue, 29 Mar 2022 12:16:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118703340-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 724
date: Tue, 29 Mar 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 29 Mar 2022 10:04:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 47ms
46ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=399546091&t=pageview&_s=1&dl=https%3A%2F%2Fm.cashcabin.com%2Fregister%2F%3Fsite%3DCA%26cid%3D8910%26a_aid%3D5facfb862fac4%26a_bid%3Db697f4f3%26data1%3DGOVH2-4572294%26data2%3D2343&dr=https%3A%2F%2Ft.co%2FJkTF4lITDB&ul=en-us&de=UTF-8&dt=CashCabin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1744157606&gjid=452367317&cid=1124288924.1648541810&tid=UA-118703340-11&_gid=558119915.1648541810&_r=1&gtm=2ou3n1&z=1351001874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.cashcabin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 08:16:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.cashcabin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 63ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-118703340-11&cid=1124288924.1648541810&jid=1744157606&gjid=452367317&_gid=558119915.1648541810&_u=YEBAAUAAAAAAAC~&z=44894975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.cashcabin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Mar 2022 08:16:50 GMT
content-type: text/plain
access-control-allow-origin: https://m.cashcabin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 252ms
48ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-118703340-11&cid=1124288924.1648541810&jid=1744157606&_u=YEBAAUAAAAAAAC~&z=186969895

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 08:16:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 254ms
51ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-118703340-11&cid=1124288924.1648541810&jid=1744157606&_u=YEBAAUAAAAAAAC~&z=186969895

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 08:16:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 155ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/static/css/main.321aee23.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 07:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 29 Mar 2022 08:16:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Mar 2022 08:16:50 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 36 KB
12 KB 301ms
100ms Script
application/javascript 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/static/js/2.76f783dc.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

2d2d3e88bf859c4965e609070bc8299e5fd0a9e987613aebc2785fd1c561e109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:51 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 8fe54a77-2a03-49f7-ac43-18a136e70373
x-trace-id: 00-6c7aa0c38a1d1fd6ee79a9bc81f1424c-25f63b18a3381be8-00
served-by: 2601
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601
Content-Type: application/javascript

GET
H2 200 6e9eryx6h Show response
www.gamingpartners.co.uk/scripts/ 66 B
537 B 26ms
25ms Script
application/x-javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gamingpartners.co.uk/scripts/6e9eryx6h?accountId=default1&userId=5facfb862fac4&url=S_m.cashcabin.com%2Fregister%2F&referrer=S_t.co%2FJkTF4lITDB&isInIframe=false&getParams=%3Fsite%3DCA%26cid%3D8910%26a_aid%3D5facfb862fac4%26a_bid%3Db697f4f3%26data1%3DGOVH2-4572294%26data2%3D2343&anchor=
Requested by: Host: www.gamingpartners.co.uk
URL: https://www.gamingpartners.co.uk/scripts/6e9ejyx6h
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash: e5fe98d521c6f852b5787ccd545e565c5fead9b276d84d0b3387ba5583af381e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:50 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-type: application/octet-stream, application/x-javascript
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
36ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=399546091&t=screenview&_s=2&cd=register%2F&dl=https%3A%2F%2Fm.cashcabin.com%2Fregister%2F%3Fsite%3DCA%26cid%3D8910%26a_aid%3D5facfb862fac4%26a_bid%3Db697f4f3%26data1%3DGOVH2-4572294%26data2%3D2343&dr=https%3A%2F%2Ft.co%2FJkTF4lITDB&ul=en-us&de=UTF-8&dt=CashCabin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=1124288924.1648541810&tid=UA-118703340-11&_gid=558119915.1648541810&gtm=2ou3n1&z=403285052

Requested by

Host: m.cashcabin.com
URL: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 13:14:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68543
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 initialize
api.statsig.com/v1/ Frame 0
0 106ms
41ms Preflight 20.93.28.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.statsig.com/v1/initialize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.93.28.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,statsig-api-key,statsig-client-time
Origin: https://m.cashcabin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type,statsig-api-key,statsig-client-time
access-control-max-age: 7200
content-length: 0
date: Tue, 29 Mar 2022 08:16:51 GMT
x-envoy-upstream-service-time: 13
server: istio-envoy
content-security-policy: frame-ancestors *.statsig.com
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff;
x-statsig-region: az-northeurope

POST
H2 200 initialize Show response
api.statsig.com/v1/ 2 KB
802 B 56ms
56ms Fetch
application/json 20.93.28.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.statsig.com/v1/initialize

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.93.28.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

2f8ec1883f9e6f7e826700a6d6aa87a2c3b6b7d6eedfe271b6b8728a8dbdf723

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

STATSIG-CLIENT-TIME: 1648541810287
Referer: https://m.cashcabin.com/
STATSIG-API-KEY: client-OgoKye7fJvC7kngAW8M8XC7O3htdvhGX0Gx5kZnt5I5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Tue, 29 Mar 2022 08:16:51 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
x-statsig-region: az-northeurope
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 27
content-security-policy: frame-ancestors *.statsig.com
x-content-type-options: nosniff;

OPTIONS
H2 204 InsertWebVisitor
cookies.cashcabin.com/api/Tracker/ Frame 0
0 634ms
598ms Preflight 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookies.cashcabin.com/api/Tracker/InsertWebVisitor?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-site-name
Origin: https://m.cashcabin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 29 Mar 2022 08:16:51 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-site-name
access-control-allow-methods: POST
access-control-allow-origin: https://m.cashcabin.com
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f372a6fee239b57-FRA

OPTIONS
H2 204 StartSession
gateway-ecp.multikube.io/session/api/session/ Frame 0
0 485ms
449ms Preflight 2606:4700::6812:1551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway-ecp.multikube.io/session/api/session/StartSession

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-site-name
Origin: https://m.cashcabin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 29 Mar 2022 08:16:51 GMT
access-control-allow-headers: x-site-name
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f372a6fe9f95b3e-FRA

OPTIONS
H2 204 GetPlayerCountryWithAllowedList
gateway-ecp.multikube.io/geo/api/LocationVerification/ Frame 0
0 522ms
487ms Preflight 2606:4700::6812:1551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway-ecp.multikube.io/geo/api/LocationVerification/GetPlayerCountryWithAllowedList

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-site-name
Origin: https://m.cashcabin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 29 Mar 2022 08:16:51 GMT
access-control-allow-headers: x-site-name
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f372a6fe9fc5b3e-FRA

POST
H2 200 InsertWebVisitor Show response
cookies.cashcabin.com/api/Tracker/ 0
377 B 621ms
620ms XHR
text/plain 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookies.cashcabin.com/api/Tracker/InsertWebVisitor?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
x-site-name: CashCabin
Referer: https://m.cashcabin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Mar 2022 08:16:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: https://m.cashcabin.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6f372a73aec69004-FRA
content-length: 0

GET
H2 200 StartSession Show response
gateway-ecp.multikube.io/session/api/session/ 24 B
127 B 501ms
499ms XHR
application/json 2606:4700::6812:1551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway-ecp.multikube.io/session/api/session/StartSession

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf7f903e66af5b080847f1ef49b5abae1bf375e733e04dea80b7b135a1df3eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
x-site-name: CashCabin
Referer: https://m.cashcabin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6f372a72bcfc5b3e-FRA
content-length: 24

GET
H2 200 GetPlayerCountryWithAllowedList Show response
gateway-ecp.multikube.io/geo/api/LocationVerification/ 9 KB
2 KB 465ms
464ms XHR
application/json 2606:4700::6812:1551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway-ecp.multikube.io/geo/api/LocationVerification/GetPlayerCountryWithAllowedList

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e875a011e8e03fc2a32f064315894f6a2d5064ebcd7a2193a702636b2e7e1ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
x-site-name: CashCabin
Referer: https://m.cashcabin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6f372a72fd3f5b3e-FRA

GET
H/1.1 200
OK / Show response
wchat.freshchat.com/widget/ Frame C241 5 KB
3 KB 201ms
99ms Document
text/html 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

1ec575ac78dcdab65a4ed71644d5a16d162f8a8ef39074b68b62d29501b84cfe

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/

Response headers

Date: Tue, 29 Mar 2022 08:16:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
served-by: 5323
x-server: 5323
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-29f8ea4548b9ee21ddf9e25014d0d353-fc198820704fc3cf-00
x-fw-ratelimiting-managed: false
x-request-id: 1f6a2414-b4c8-41ff-a402-145cf21b4aa0

GET
H/1.1 200
OK widget.css
wchat.freshchat.com/css/ 7 KB
2 KB 100ms
99ms Stylesheet
text/css 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/widget.css?t=1648541810665

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:51 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 5eb59275-89b9-4582-b068-e6da9be54100
x-trace-id: 00-3278442d1331ade6b7be317e08267559-bd736b87362454d7-00
served-by: 2601
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 2601
Content-Type: text/css
expires: Wed, 29 Mar 2023 08:16:51 GMT

GET
H2 200 vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 5 KB
2 KB 51ms
8ms Stylesheet
text/css 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:16:42 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:21 GMT
server: AmazonS3
age: 10
etag: W/"bd52f7d59d8335c4e4bb75788cab9d68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: KBWvOYLhCK-5ApdA9qFClmlyWHFRBC1XtPF8jVkh_r5owrHoxTto2w==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 0
409 B 50ms
7ms Stylesheet
text/css 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:13:14 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 09:32:16 GMT
server: AmazonS3
age: 218
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 0
x-amz-cf-id: WNcHZrz9SwrvV_3xmoTxTHCanGc1GL1wP_nTplUgxOFacCzlsXhoRA==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 vendor.3474f8e0dcdb6126f26894076afa40d6.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 684 KB
181 KB 51ms
9ms Script
text/javascript 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:16:23 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:21 GMT
server: AmazonS3
age: 29
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: isOJDQRE2GDfocDpIrMZ_AwG4aA-FCKLanl1eaOS6sxmiK3JvLKm-g==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 52.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 1 MB
246 KB 8ms
7ms Script
text/javascript 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/52.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a7467948f341704bae70175d1c5196db3ba24abf97121e40b7476b6c63a8534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:14:19 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:11 GMT
server: AmazonS3
age: 153
etag: W/"c71425815a980cfe995076fa03768309"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: qNbMHAfKzOHgByd_MaSH2ny-vuaQQT_OSQsMWwwVMuPcUOYEUzlQcg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 chunk.f09242bf1310580c4680.css
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 216 KB
27 KB 8ms
8ms Stylesheet
text/css 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f09242bf1310580c4680.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 723c00a4e7a2b3c96363ff1d6427db0c3d52bed656f17f177830c32344e49db1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:15:48 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:15 GMT
server: AmazonS3
age: 64
etag: W/"71b0531561e37190e7851ab8ecae2853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: UIPJuAXld6jaDmtWugPWHWJIarKHEhrc9aiM9u74CceVPeSee_DO-Q==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 fd-messaging.c63dbf5e939f99cde25f.css
assetscdn-wchat.freshchat.com/static/ Frame C241 216 KB
23 KB 7ms
7ms Stylesheet
text/css 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.c63dbf5e939f99cde25f.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 723c00a4e7a2b3c96363ff1d6427db0c3d52bed656f17f177830c32344e49db1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:15:24 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:22 GMT
server: AmazonS3
age: 90
etag: W/"71b0531561e37190e7851ab8ecae2853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: DB8ht3QkAgTcmd-lnCbajusNFaYXKJLGquEbXuLc-0ULTjM164Fs_A==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 fd-messaging.751037a3173b076b5418.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 668 KB
137 KB 8ms
7ms Script
text/javascript 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef940e7ec30fe98b541634a1aae517f1b8435b8bac0326b6adbec237fa1b86cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:14:56 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:16 GMT
server: AmazonS3
age: 116
etag: W/"c8985e1b207fb6b68eb1d989d049921b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: Op5EB-8svFIfxGrdIsKRMZvfo4uO2NPCic0PJOb-JAFKDI3k6GT5Ng==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame C241 81 KB
25 KB 40ms
11ms Script
text/javascript 108.157.4.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-98.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9af56fe345c9cc6f522f10d147ff90a1780795a183a1f67aeb17de3006326b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id: kMqSO4lpi4rqO3LsdFJMXVNXtq5mdMbZ
content-encoding: gzip
etag: W/"306a008a593da62395b1da5fb561ed06"
last-modified: Tue, 22 Mar 2022 05:51:02 GMT
server: AmazonS3
age: 4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
cache-control: no-cache
date: Tue, 29 Mar 2022 08:16:51 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: s1tr5JYb_UZiaiUu9L1Er5UbhCDaSPhHIUy3wRpeXYMJr1OeLbqUbw==

GET
H2 200 chunk.8eb84a2d6ca523b20b8e.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 3 KB
2 KB 7ms
7ms Script
text/javascript 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.8eb84a2d6ca523b20b8e.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e90df97ccd0158dbefe599a2116325b9f29387fc4edf18716d8145a8dc9d2a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:15:49 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:13 GMT
server: AmazonS3
age: 64
etag: W/"dcfe04e254d1a1ba364654bb70f84be6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 1DI7hMdj_LcYD77E_SreDjifTNtQzIgkvh2xLHB7zzO5kYXMPFFPaw==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 chunk.66585627df7039b55cf9.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 10 KB
4 KB 7ms
7ms Script
text/javascript 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.66585627df7039b55cf9.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8adc645ee4884555edd2d1f1f66d3c62182b4b3dc4c28f6b7a7addeb77d4cb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:15:11 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:13 GMT
server: AmazonS3
age: 102
etag: W/"91be706b99b1f4d0f7ea02d504c55032"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: CpDS8MUOpcmnVjqwZNTrpe0Im168IqeD_yBKIc-c4qFoMqNIN6S8Vw==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H/1.1 200
OK config Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/ Frame C241 1 KB
2 KB 113ms
113ms XHR
application/json 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/config?domain=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

7ddef2a27a827e6c615034db2ee509437c15c3255ddff844497b29871c8250f7

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 11
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 91311343-dd37-458c-b901-91245d3a0ad7
x-trace-id: 00-bb6e467bc503687663455e6e4908b64b-e85ea12039920c7b-00
served-by: 6714
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2999
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 6714
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 fs-icons_db9017235f84eecfa2cafef72d487865.a50b22f71ea9f5d75e3dc4959c4f57a0.woff2
assetscdn-wchat.freshchat.com/static/fonts/ Frame C241 5 KB
5 KB 22ms
7ms Font
binary/octet-stream 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fonts/fs-icons_db9017235f84eecfa2cafef72d487865.a50b22f71ea9f5d75e3dc4959c4f57a0.woff2
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f09242bf1310580c4680.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760

Request headers

Referer: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f09242bf1310580c4680.css
Origin: https://wchat.freshchat.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:12:59 GMT
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
age: 234
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
content-length: 4928
last-modified: Thu, 24 Mar 2022 09:32:22 GMT
server: AmazonS3
etag: "1181e40b8546834a9805fdf81df2f865"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://wchat.freshchat.com
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: 139UXMAHWvFFexD_G5hxBxvU43vcDGR-q_jZJs3ayWeZGV2ApzJbsQ==
expires: Fri, 24 Mar 2023 09:32:09 GMT

POST
H2 200 pub6078a1da669e77887dad18b58bc6aa08
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
126 B 475ms
227ms Ping
application/json 2600:1f18:24e6:b900:4fef:61b7:bea7:a07e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub6078a1da669e77887dad18b58bc6aa08?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cservice%3Afirefly-register%2Cversion%3A1.45.0&batch_time=1648541811499
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:4fef:61b7:bea7:a07e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://m.cashcabin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Mar 2022 08:16:52 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H/1.1 200
OK co-browsing.js Show response
wchat.freshchat.com/js/ 27 KB
9 KB 100ms
100ms Script
application/javascript 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

83d1e49bbae8fe48e40806eb457ae7686d21cb217f28671241bbc6462d4a6666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 6ca68545-2199-44a8-82b5-24dd1f11d82c
x-trace-id: 00-2a9c20f27bc29f5ef06fdba9b282f84e-e69bd4eedfd137b6-00
served-by: 6714
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 6714
Content-Type: application/javascript

GET
H2 200 entries Show response
cdn.contentful.com/spaces/dzysonrl624y/environments/master/ 2 MB
180 KB 9ms
8ms XHR
application/vnd.contentful.delivery.v1+json 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/dzysonrl624y/environments/master/entries?content_type=marketingCampaign&include=10

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

3c1b7571245e86c4fcfdd1e874387124afa75d9c11b8680a2825244686aa5ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://m.cashcabin.com/
Authorization: Bearer a727d714c13bd6451a40a911ec9d950e824535bda0c5238d7162dcc9d517a1c4
Accept-Language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/8.5.8; platform browser; os Linux;
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
contentful-cache: HIT
contentful-api: cda
age: 65737
cf-organization-id: 12WzmHmQ1zfsaneY14dgnE
cf-environment-uuid: 5f7524d3-8a00-4cb3-9f69-a27a3eb7c127
x-cache: HIT
cf-space-id: dzysonrl624y
access-control-max-age: 86400
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
content-length: 184183
x-served-by: cache-iad-kiad7000167-IAD, cache-hhn4046-HHN
x-contentful-request-id: 7feb1500-9e10-48db-bf83-83c78999641e
server: Contentful
x-timer: S1648541812.333497,VS0,VE1
etag: W/"12331908006280827221"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-origin: *
cf-environment-id: master
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 1, 1

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/dzysonrl624y/environments/master/ Frame 0
0 150ms
110ms Preflight 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/dzysonrl624y/environments/master/entries?content_type=marketingCampaign&include=10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Origin: https://m.cashcabin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-content-type-options: nosniff
server: Contentful
x-contentful-region: us-east-1
access-control-allow-origin: *
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
access-control-expose-headers: Etag
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Mar 2022 08:16:52 GMT
age: 0
x-served-by: cache-iad-kjyo7100129-IAD, cache-hhn4046-HHN
x-cache-hits: 0, 0
x-timer: S1648541812.220351,VS0,VE103
x-cache: MISS
x-contentful-request-id: a3444b62-3871-4842-80c7-6c9544e5daac

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 4 KB
5 KB 9ms
8ms Media
audio/mpeg 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 29 Mar 2022 08:13:53 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
age: 215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Thu, 24 Mar 2022 09:32:20 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: 0m9Lz_Pz_B0JBCaPgWtDZzrrzZdVWm6peWcwuaskMMsv2zazk3Z-Sg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H/1.1 200
OK user Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/ Frame C241 63 B
1 KB 107ms
106ms XHR
application/json 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 4
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 5df4cd7b-f76d-48fd-97cc-3aa451af5889
x-trace-id: 00-c4ed12b48f870da74f1693d4e8200336-ecd065c641a49aac-00
served-by: 4082
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2998
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK cb.css
wchat.freshchat.com/css/ 1 KB
1 KB 99ms
99ms Stylesheet
text/css 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/cb.css?t=1648541811618

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/co-browsing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: cfbe8966-2bbe-91f8-8c61-071fbb7f965b
x-trace-id: 00-d67688e45e7e6e02cd9a04dacca59f8a-95b9d772e5563270-01
served-by: 6714
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 6714
Content-Type: text/css
expires: Wed, 29 Mar 2023 08:16:52 GMT

OPTIONS
H2 204 InsertWebVisitor
cookies.cashcabin.com/api/Tracker/ Frame 0
0 630ms
630ms Preflight 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookies.cashcabin.com/api/Tracker/InsertWebVisitor?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-site-name
Origin: https://m.cashcabin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 29 Mar 2022 08:16:53 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-site-name
access-control-allow-methods: POST
access-control-allow-origin: https://m.cashcabin.com
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f372a77d9f99b57-FRA

POST
H2 200 InsertWebVisitor Show response
cookies.cashcabin.com/api/Tracker/ 0
392 B 834ms
832ms XHR
text/plain 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookies.cashcabin.com/api/Tracker/InsertWebVisitor?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
x-site-name: CashCabin
Referer: https://m.cashcabin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Mar 2022 08:16:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: https://m.cashcabin.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6f372a7bcdf59004-FRA
content-length: 0

GET
H2 200 registration-image2.png
images.ctfassets.net/dzysonrl624y/2AmNqaa87AbSeEj8wm0a6S/9970ee91a13218db72a38f86f08f146f/ 13 KB
13 KB 59ms
10ms Image
image/png 2600:9000:2490:d600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/dzysonrl624y/2AmNqaa87AbSeEj8wm0a6S/9970ee91a13218db72a38f86f08f146f/registration-image2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: fedf39c60cd4391f04e81c30cb89893631d8ea8771abd2aa288760a892fdc6f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:13:06 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jun 2021 07:24:26 GMT
server: Contentful Images API
age: 3827
etag: "4988517d415d77fcdaacaa32cd73a4a9"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-length: 12828
x-amz-cf-id: 0GI_wuRGmp_W0Zq3E1FzGaCZ5RSb5pRIpN9aCapdRwKMN0_D7-nhQg==

GET
H2 200 logo.5dfc6aa6.svg
m.cashcabin.com/register/static/media/ 14 KB
8 KB 613ms
613ms Image
image/svg+xml 104.18.18.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.cashcabin.com/register/static/media/logo.5dfc6aa6.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

377300a11f5933f5ebf00b1d0d1ed0a7ee5bf1e6904f5a111aa56aa098e783f9

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/register/?site=CA&cid=8910&a_aid=5facfb862fac4&a_bid=b697f4f3&data1=GOVH2-4572294&data2=2343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
vary: Accept-Encoding
content-length: 8134
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Mar 2022 15:25:46 GMT
server: cloudflare
etag: "03971a13ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 6f372a77fe529004-FRA
expires: Tue, 29 Mar 2022 12:16:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.cashcabin.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 552705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:45:07 GMT

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/ Frame C241 14 KB
3 KB 181ms
181ms XHR
application/json 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

64ca83e7954b8b9abb1eb02c8594a4bfe87603dac8e6daaf1f111fbe09aa6cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 78
x-status: EXPIRED
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 6465ec52-b888-474e-b777-903ffe1e2292
x-trace-id: 00-bad2f13090b075c21b8cbde90b2a9fb4-f5b1f17acc9debdd-00
served-by: 2601
server: fwe
x-ratelimit-remaining: 2997
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 2601
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 chunk.228a5fbdde6fba4c7eea.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 53 KB
13 KB 9ms
9ms Script
text/javascript 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.228a5fbdde6fba4c7eea.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c422aa690f54ae2c109ef8e0b4eb4f996be2dfee5b9961d673d3b5e2c522856

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:13:52 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:12 GMT
server: AmazonS3
age: 181
etag: W/"a690db1e8d31748e4a14bd961dc6795a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: mSoS3E_wm-LYJ4qDsiuoBP4g8ngQVpUI44QMInbh4wzupYisroc_bQ==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 chunk.c192c38501e1cf106875.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 201 KB
35 KB 11ms
10ms Script
text/javascript 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.c192c38501e1cf106875.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79a421ad1d0b3ada95b04d3f426a829ebe32fe1c2cfecd238d9191d130a8767e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:16:44 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:14 GMT
server: AmazonS3
age: 9
etag: W/"abb7d9d15eba65ab0104426266fae280"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: tvXlAU_f3JKMMYYhbypdcu5q5Dwz8iqYJqwQfJFCTUfywIsm8amDbg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

PUT
H/1.1 200
OK activity Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/user/720a26a6-cd9f-4bbe-8e39-dc293da91054/ Frame C241 17 B
1 KB 106ms
105ms XHR
application/json 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/user/720a26a6-cd9f-4bbe-8e39-dc293da91054/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/52.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 5
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: e36e4788-0cc5-44d6-8685-35a6b8df2a9d
x-trace-id: 00-b305dac1fa748c5f1df8f348d873c612-28a0ec7b10703ef8-00
served-by: 6714
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2996
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 6714
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 index.html Show response
29576747429889.webpush.freshchat.com/ Frame BB55 30 KB
7 KB 420ms
393ms Document
text/html 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.cashcabin.com/

Response headers

content-type: text/html
date: Tue, 29 Mar 2022 08:16:54 GMT
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: bJXGXUCNyC0naIJnwVy0Lfw2rcTKaKbEOwio6RJeoyuHHnGz9DpHpQ==

GET
H/1.1 200
OK categories Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/omni/faq/ Frame C241 81 B
1 KB 136ms
136ms XHR
application/json 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/omni/faq/categories?per_page=100&platform=web&locale=en-us&page=1

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 08:16:52 GMT
content-encoding: gzip
x-ratelimit-total: 3000
x-b3-traceid: 0b0673a0ef2aeb7a6cf579d1a9f6f08c
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 35
Connection: keep-alive
x-b3-spanid: 7c2c1c1aa8106c08
x-xss-protection: 1; mode=block
x-request-id: 57aeda69-a62b-4ac9-8fc1-6045ad2ba607
x-trace-id: 00-cb94e008a7a42d45b6d3304e3a9901e1-72341486898d9d19-00, 00-cb94e008a7a42d45b6d3304e3a9901e1-9ebbc553c41a5f22-00
served-by: 5323
x-fd-request-id: b79b4f62-6aa3-4491-a592-95caa4344a32
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2995
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5323
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame C241 663 B
1 KB 7ms
7ms Image
image/svg+xml 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Mar 2022 08:15:25 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 09:32:16 GMT
server: AmazonS3
age: 88
etag: "cd452acf4efb05843ef7575e5a9de756"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 663
x-amz-cf-id: LFXsg5ryHkBi3EnUYLAPdHj-tiTXgjjdYYT2UTGwIgV4crsgBCSS_g==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
BLOB 200
OK ee9767d1-1e8b-4f2a-9ff1-374addec18db
https://wchat.freshchat.com/ Frame C241 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/ee9767d1-1e8b-4f2a-9ff1-374addec18db
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Length: 152

GET
H2 200 fc_logo.png
29576747429889.webpush.freshchat.com/ Frame BB55 4 KB
4 KB 9ms
8ms Image
image/png 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29576747429889.webpush.freshchat.com/fc_logo.png
Requested by: Host: 29576747429889.webpush.freshchat.com
URL: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmNhc2hjYWJpbi5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 19:21:05 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
age: 46549
etag: "e87df9f10dcf497ae292dc234200465c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: QZz57GkrL3OHIiLSDYV_DYYZtbKfs8SV5SAhGLOQyHlCWEdqPZuPEg==

GET firebase-sw.js
29576747429889.webpush.freshchat.com/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 29576747429889.webpush.freshchat.com
URL: https://29576747429889.webpush.freshchat.com/firebase-sw.js

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 11:25:56	Name: muc Value: 9a896acc-4cac-4ed3-849d-de37df3e5272
.cashcabin.com/	1970-01-20 02:38:53	Name: CACID Value: 8910
.cashcabin.com/	1970-01-20 02:38:53	Name: CASPECIAL Value: 5facfb862fac4
.cashcabin.com/	1970-01-20 02:38:53	Name: CAREFHTTP Value: https%3A%2F%2Ft.co%2FJkTF4lITDB
.cashcabin.com/	1970-01-31 00:55:13	Name: web_visitor_id Value: 17398509
.cashcabin.com/	1970-01-20 10:41:17	Name: zukoVisitorId Value: XBnQRDKL9dDHnoOET59Rh8eOzR8rUBdb
.cashcabin.com/	1970-01-20 19:26:53	Name: _ga Value: GA1.2.1124288924.1648541810
.cashcabin.com/	1970-01-20 01:57:08	Name: _gid Value: GA1.2.558119915.1648541810
.cashcabin.com/	1970-01-20 01:55:41	Name: _gat_gtag_UA_118703340_11 Value: 1
m.cashcabin.com/	1970-01-20 01:55:42	Name: _dd_s Value: rum=1&id=2fc2fd45-e21d-4de3-bca4-607500a00ac4&created=1648541810268&expire=1648542710269
.gamingpartners.co.uk/	1970-01-20 01:55:42	Name: PAPAffiliateId Value: 5facfb862fac4
.gamingpartners.co.uk/	1970-01-20 10:41:38	Name: PAPVisitorId Value: 9jliWFfWaEte1Bh8ieAVGvdaZX8SNjCD
.cashcabin.com/	1970-01-20 10:41:17	Name: PAPVisitorId Value: 9jliWFfWaEte1Bh8ieAVGvdaZX8SNjCD
.m.cashcabin.com/	1970-01-20 10:41:17	Name: PAPVisitorId Value: 9jliWFfWaEte1Bh8ieAVGvdaZX8SNjCD
.m.cashcabin.com/	1970-01-20 10:41:17	Name: _fw_crm_v Value: fa9d6ded-f163-40ed-ecf8-fe0c76a6fb58

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/JkTF4lITDB Message: Unrecognized Content-Security-Policy directive 'referrer'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29576747429889.webpush.freshchat.com
api.statsig.com
assets.zuko.io
assetscdn-wchat.freshchat.com
cdn.contentful.com
cookies.cashcabin.com
fonts.googleapis.com
fonts.gstatic.com
gateway-ecp.multikube.io
images.ctfassets.net
m.cashcabin.com
mogador.narcose.uk.com
rts-static-prod.freshworksapi.com
rum-http-intake.logs.datadoghq.com
santos-mtb.be
sdjdghsdtywehgewn.eu
stats.g.doubleclick.net
t.co
wchat.freshchat.com
www.bingocabin.com
www.cashcabin.com
www.datadoghq-browser-agent.com
www.gamingpartners.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
29576747429889.webpush.freshchat.com
104.18.13.129
104.18.18.30
104.244.42.133
108.138.1.193
108.138.7.111
108.157.4.98
151.101.66.49
174.138.6.56
20.93.28.56
2001:41d0:302:2200::3e86
216.117.148.17
2600:1f18:24e6:b900:4fef:61b7:bea7:a07e
2600:9000:223d:c600:e:786e:9000:93a1
2600:9000:2490:d600:12:94b3:c380:93a1
2606:4700::6812:1551
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:803::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9b
52.222.214.30
54.156.217.194
91.201.28.211
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
0f1052b54111bbee89214ac149ab9b2cccf5b12b550d1e35f4672a009ca7d05d
1ec575ac78dcdab65a4ed71644d5a16d162f8a8ef39074b68b62d29501b84cfe
27ad96b6f0d8c41486858c797f129eff78efc2b73a8059967a87c24e8cccaa3f
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2d2d3e88bf859c4965e609070bc8299e5fd0a9e987613aebc2785fd1c561e109
2f8ec1883f9e6f7e826700a6d6aa87a2c3b6b7d6eedfe271b6b8728a8dbdf723
2fcb742189e6659e05092056f6cd7b545968655aa252acac7d5224a29cec0e23
377300a11f5933f5ebf00b1d0d1ed0a7ee5bf1e6904f5a111aa56aa098e783f9
39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c
3c1b7571245e86c4fcfdd1e874387124afa75d9c11b8680a2825244686aa5ba0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c422aa690f54ae2c109ef8e0b4eb4f996be2dfee5b9961d673d3b5e2c522856
4e90df97ccd0158dbefe599a2116325b9f29387fc4edf18716d8145a8dc9d2a8
64ca83e7954b8b9abb1eb02c8594a4bfe87603dac8e6daaf1f111fbe09aa6cde
6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760
66f97a0d7be0e3638392e31e4dc62547e6151b4c15030373fe5034af50e4b5c3
6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3
723c00a4e7a2b3c96363ff1d6427db0c3d52bed656f17f177830c32344e49db1
79a421ad1d0b3ada95b04d3f426a829ebe32fe1c2cfecd238d9191d130a8767e
7ddef2a27a827e6c615034db2ee509437c15c3255ddff844497b29871c8250f7
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d1e49bbae8fe48e40806eb457ae7686d21cb217f28671241bbc6462d4a6666
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a7467948f341704bae70175d1c5196db3ba24abf97121e40b7476b6c63a8534
9af56fe345c9cc6f522f10d147ff90a1780795a183a1f67aeb17de3006326b6c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
a8adc645ee4884555edd2d1f1f66d3c62182b4b3dc4c28f6b7a7addeb77d4cb6
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
b0d196ef51b2ed5df83623551cc76902ee8af3d985de43098f39b96dde852d75
bf7f903e66af5b080847f1ef49b5abae1bf375e733e04dea80b7b135a1df3eb5
c1851631d989eaf4ba4c1396fca93e1b03876639988603afde6637c3b45e1683
c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29
d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deafdc9f94d889c03d03640dda1998d48ef5ac6ceaec4e46e7363f48a482f408
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fe98d521c6f852b5787ccd545e565c5fead9b276d84d0b3387ba5583af381e
e875a011e8e03fc2a32f064315894f6a2d5064ebcd7a2193a702636b2e7e1ff4
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef940e7ec30fe98b541634a1aae517f1b8435b8bac0326b6adbec237fa1b86cc
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
fedf39c60cd4391f04e81c30cb89893631d8ea8771abd2aa288760a892fdc6f5

m.cashcabin.com Open in urlscan Pro 104.18.18.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

48 %IPv6

23 Domains

27 Subdomains

22 IPs

8 Countries

1495 kBTransfer

6362 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.cashcabin.com Open in urlscan Pro
104.18.18.30 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

48 %
IPv6

23
Domains

27
Subdomains

22
IPs

8
Countries

1495 kB
Transfer

6362 kB
Size

15
Cookies

62 HTTP transactions
0 data transactions