urlscan.io logo urlscan.io
SecurityTrails logo

mail.cruiseescapes.com Open in urlscan Pro
130.250.4.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mail.cruiseescapes.com/
Effective URL: http://mail.cruiseescapes.com/webmail/src/login.php
Submission: On July 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 30 HTTP transactions. The main IP is 130.250.4.244, located in United States and belongs to AUS-ENT-DC-TX01, US. The main domain is mail.cruiseescapes.com.
This is the only time mail.cruiseescapes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 130.250.4.244 394901 (AUS-ENT-D...)
4 130.250.4.191 394901 (AUS-ENT-D...)
23 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
30 4
Apex Domain
Subdomains		 Transfer
23 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 9275
va.tawk.to — Cisco Umbrella Rank: 8728
203 KB
4 onlineagency.com
affiliates.onlineagency.com
6 KB
3 cruiseescapes.com
mail.cruiseescapes.com
4 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 372
39 KB
30 4
Domain Requested by
18 embed.tawk.to mail.cruiseescapes.com
embed.tawk.to
5 va.tawk.to embed.tawk.to
4 affiliates.onlineagency.com mail.cruiseescapes.com
3 mail.cruiseescapes.com 1 redirects
1 cdn.jsdelivr.net embed.tawk.to
30 5

This site contains links to these domains. Also see Links.

Domain
webmail.onlineagency.com
affiliates.onlineagency.com
Subject Issuer Validity Valid
affiliates.onlineagency.com
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh

This page contains 4 frames:

Primary Page: http://mail.cruiseescapes.com/webmail/src/login.php
Frame ID: 950C641E55DCC9D6B40210205CEBC56B
Requests: 25 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64b107164a7/css/message-preview.css
Frame ID: A66A65CDEEB6371A0DCBF333B21C4123
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64b107164a7/css/min-widget.css
Frame ID: DFAB389F27D3EB207492D357015E5C8E
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64b107164a7/css/max-widget.css
Frame ID: CFD5C116202763302863250B693F488A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Levelfield - Login

Page URL History Show full URLs

  1. http://mail.cruiseescapes.com/ Page URL
  2. http://mail.cruiseescapes.com/webmail/ HTTP 302
    http://mail.cruiseescapes.com/webmail/src/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

30
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

252 kB
Transfer

1103 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mail.cruiseescapes.com/ Page URL
  2. http://mail.cruiseescapes.com/webmail/ HTTP 302
    http://mail.cruiseescapes.com/webmail/src/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mail.cruiseescapes.com/ 		148 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mail.cruiseescapes.com/
Protocol
HTTP/1.1
Server
130.250.4.244 , United States, ASN394901 (AUS-ENT-DC-TX01, US),
Reverse DNS
Software
Apache/2.2.3 (CentOS) /
Resource Hash
ef75f3f6b7df21c5f17dc68ec1057a01f2e022cdd6f2cc2e9dda58f2218866e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Length
148
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jul 2023 18:16:28 GMT
ETag
"1277ca-94-9e085640"
Last-Modified
Tue, 13 Oct 2009 07:01:37 GMT
Server
Apache/2.2.3 (CentOS)
Primary Request login.php
mail.cruiseescapes.com/webmail/src/
Redirect Chain
  • http://mail.cruiseescapes.com/webmail/
  • http://mail.cruiseescapes.com/webmail/src/login.php
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mail.cruiseescapes.com/webmail/src/login.php
Protocol
HTTP/1.1
Server
130.250.4.244 , United States, ASN394901 (AUS-ENT-DC-TX01, US),
Reverse DNS
Software
Apache/2.2.3 (CentOS) / PHP/5.1.6
Resource Hash
5971e1d1ff2edc61e7f8be019bcd4a3647ef26e8ab614d5b7a7caf1703f12e71

Request headers

Referer
http://mail.cruiseescapes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
3029
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 31 Jul 2023 18:16:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.2.3 (CentOS)
X-Powered-By
PHP/5.1.6

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jul 2023 18:16:28 GMT
Location
src/login.php
Server
Apache/2.2.3 (CentOS)
X-Powered-By
PHP/5.1.6
styles.css
affiliates.onlineagency.com/sites/63/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affiliates.onlineagency.com/sites/63/styles.css
Requested by
Host: mail.cruiseescapes.com
URL: http://mail.cruiseescapes.com/webmail/src/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.250.4.191 , United States, ASN394901 (AUS-ENT-DC-TX01, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
c6d7e52f7c1ff23111102eb047735cd5f5f0e9f8b7a371ee58cedfc9943cc30f
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 18:16:57 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:50:14 GMT
Server
nginx
ETag
W/"42cdc9aabb6d61:20296"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
s_4637802_63.js
affiliates.onlineagency.com/i/0/63/s/ 		172 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://affiliates.onlineagency.com/i/0/63/s/s_4637802_63.js
Requested by
Host: mail.cruiseescapes.com
URL: http://mail.cruiseescapes.com/webmail/src/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.250.4.191 , United States, ASN394901 (AUS-ENT-DC-TX01, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
04dc19ed0716c50049bb94c430e77a314842d03cb5b09463a083b6066e18ed12
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 18:16:57 GMT
Strict-Transport-Security
max-age=0;
Last-Modified
Wed, 16 Nov 2022 19:13:28 GMT
Server
nginx
ETag
"5c756f82eff9d81:20296"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
172
header_logo.gif
affiliates.onlineagency.com/sites/17997/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affiliates.onlineagency.com/sites/17997/images/header_logo.gif
Requested by
Host: mail.cruiseescapes.com
URL: http://mail.cruiseescapes.com/webmail/src/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.250.4.191 , United States, ASN394901 (AUS-ENT-DC-TX01, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
7bce5f6a99be4b8c9a6ba79c6da75e38c51830dc8799db95b333cdc2107b8f9d
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 18:16:57 GMT
Strict-Transport-Security
max-age=0;
Last-Modified
Thu, 15 May 2008 10:23:04 GMT
Server
nginx
ETag
"0b4d4a875b6c81:20296"
X-Powered-By
ASP.NET
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2857
s_3660861_63.js
affiliates.onlineagency.com/i/0/63/s/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affiliates.onlineagency.com/i/0/63/s/s_3660861_63.js
Requested by
Host: mail.cruiseescapes.com
URL: http://mail.cruiseescapes.com/webmail/src/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.250.4.191 , United States, ASN394901 (AUS-ENT-DC-TX01, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
274b1d404f7ccb91b20f906068aa984a2d96456b74d2c584b4f697799734e840
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 18:16:57 GMT
Strict-Transport-Security
max-age=0;
Last-Modified
Thu, 21 Jun 2018 21:56:16 GMT
Server
nginx
ETag
"9cc1ecadaa9d41:20296"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1456
default
embed.tawk.to/55de880472faddc565fca13b/ 		2 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/55de880472faddc565fca13b/default
Requested by
Host: mail.cruiseescapes.com
URL: http://mail.cruiseescapes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a189a9ed12b61448bc0ed1b922c7a8b66119e61d5d0ee282b1b8d3e00cf099
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
Origin
http://mail.cruiseescapes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
server
cloudflare
etag
W/"stable-v4-64b107164a7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
7ef7d5e1da04bbf7-FRA
alt-svc
h3=":443"; ma=86400
twk-main.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		121 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/55de880472faddc565fca13b/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
Origin
http://mail.cruiseescapes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
content-encoding
br
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e2bb99bbf7-FRA
alt-svc
h3=":443"; ma=86400
twk-vendor.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/55de880472faddc565fca13b/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
Origin
http://mail.cruiseescapes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
content-encoding
br
etag
W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e2bb9cbbf7-FRA
alt-svc
h3=":443"; ma=86400
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		210 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/55de880472faddc565fca13b/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd1dfad69837f3153331943da5b18de828f08d7193cdeeb6a94b0d899a7f73e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
Origin
http://mail.cruiseescapes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
content-encoding
br
etag
W/"0b0bd650d17faba58f62029a59ed2deb"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e2bb9dbbf7-FRA
alt-svc
h3=":443"; ma=86400
twk-chunk-common.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		205 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/55de880472faddc565fca13b/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b0cb1bb49a0b0796b9378cbbd617cf46b86cf064f13a1d1bcd67feb43d28f7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
Origin
http://mail.cruiseescapes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
content-encoding
br
etag
W/"82feaab8b11ab0722c45ff1553c54f92"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e2bb9fbbf7-FRA
alt-svc
h3=":443"; ma=86400
twk-runtime.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/55de880472faddc565fca13b/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5bec255ba157d235fe098c42b52ae345e637b99e81abe08e949fcc1f08081e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
Origin
http://mail.cruiseescapes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
content-encoding
br
etag
W/"acbfa7b47234f726c788e8d8635ff406"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e2bba1bbf7-FRA
alt-svc
h3=":443"; ma=86400
twk-app.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		151 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/55de880472faddc565fca13b/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
Origin
http://mail.cruiseescapes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
content-encoding
br
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e2bba4bbf7-FRA
alt-svc
h3=":443"; ma=86400
widget-settings
va.tawk.to/v1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=55de880472faddc565fca13b&widgetId=default&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4964ae0560c9cd3604e246bd608cf4ef9be2b0cf289a89baf8789f6d95187f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-t2d8
server
cloudflare
etag
W/"2-6-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
7ef7d5e54f95bbf7-FRA
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ 		1002 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ce90f030ab61d7b955c94c870f9cb675c9af77f7c0b26ed8934d1c337c6dda
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
http://mail.cruiseescapes.com
access-control-allow-credentials
true
cf-ray
7ef7d5e62d4a9c0a-FRA
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-0s4g
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://mail.cruiseescapes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://mail.cruiseescapes.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ef7d5e54f91bbf7-FRA
date
Mon, 31 Jul 2023 18:16:58 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-p72r
en.js
embed.tawk.to/_s/v4/app/64b107164a7/languages/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:58 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503487
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:56 GMT
server
cloudflare
etag
W/"585ba00b2c167b90c210161454f843b5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e83fc79c0a-FRA
twk-chunk-2c78ba82.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-2c78ba82.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda3a940b53dd58a8fd2b219dada689959db76a483ed394cc2843f60559866c3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503490
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"940b50b62d332ac06770a9c45b1e60b0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e9691b9c0a-FRA
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-696bc286.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7016260337ad9ca40160540975a88f7d8a22056d52191bcd478cfd45b7bf9b84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503490
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"13952fa39bcbcef4de2f4d44534788c1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e9691d9c0a-FRA
twk-chunk-2d0b383d.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		689 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-2d0b383d.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503489
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"a6432972b93f7d0476635e7ac224d718"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e9691f9c0a-FRA
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c1dd51a0afd047de7dce63776e80feb471049b59343243b106c51747e47644
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503489
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"418edec9f72e1d7cebe378badde2edec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e969229c0a-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		906 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503489
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e969239c0a-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		535 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503489
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"c506281367048d4a134c9affbc68c8c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e969249c0a-FRA
twk-chunk-07cad36d.js
embed.tawk.to/_s/v4/app/64b107164a7/js/ 		93 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-07cad36d.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91088b46822254d26e9498f85f1d3ba8c53a251f999ef60e6a9976640209281c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503489
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"017117bf021c3b6f9af712f3c0f3bce8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e969279c0a-FRA
message-preview.css
embed.tawk.to/_s/v4/app/64b107164a7/css/ Frame A66A 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788855d7239de368ab83b2a1d743be8504c68659912d8f9aaf67a5a6aac463ed
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503488
cf-polished
origSize=38369
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"4ad3afbed0c84d07cd50f865330d4a82"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e999799c0a-FRA
min-widget.css
embed.tawk.to/_s/v4/app/64b107164a7/css/ Frame DFAB 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e73fb66e2b18f262f86ba2880f9369b6a66d7411a3c8daa1146aaafc2690e6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503489
cf-polished
origSize=24840
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"3d22e9f29d90d6fd0e66aebbeadc0ca2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e9a98b9c0a-FRA
max-widget.css
embed.tawk.to/_s/v4/app/64b107164a7/css/ Frame CFD5 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64b107164a7/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d12219cf7f2c298e6c53ebbe1bc272447f05f3279f25bc34cc1159b875b59b5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1503488
cf-polished
origSize=74711
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 14 Jul 2023 08:29:55 GMT
server
cloudflare
etag
W/"ce68b23219c377b42f0d03f849946e21"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7ef7d5e9c9b59c0a-FRA
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mail.cruiseescapes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13772602
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230136-FRA, cache-yyz4541-YYZ
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjoPU9h9e8P%2BhLe8NhLMVT4bqsIGKElpMifV7dvOq5SWDdfaNBwgzspWwHA6WsFxndgRdneqwbEL%2FIqa1LyJGTlr1chPltlw0T1XlSQV5HJT%2Bvy8p9MWZHUF3%2FAGjEhJCnlGxgUnu%2F1g2gxSIpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7ef7d5ea0a1b1c34-FRA
v3
va.tawk.to/log-performance/ 		5 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64b107164a7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mail.cruiseescapes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 31 Jul 2023 18:16:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://mail.cruiseescapes.com
access-control-allow-credentials
true
cf-ray
7ef7d5ed9d672bf0-FRA
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-p72r
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://mail.cruiseescapes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://mail.cruiseescapes.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ef7d5ecac422bf0-FRA
date
Mon, 31 Jul 2023 18:16:59 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-hnqj

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| alreadyFocused function| squirrelmail_loginpage_onload object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

4 Cookies

Domain/Path Name / Value
mail.cruiseescapes.com/webmail/ Name: SQMSESSID
Value: 8p91qsb0h6knh0eidsbj4pslg2
mail.cruiseescapes.com/ Name: twk_idm_key
Value: uyzhqE6lFNudvD43GOoS9
mail.cruiseescapes.com/ Name: TawkConnectionTime
Value: 0
.cruiseescapes.com/ Name: twk_uuid_55de880472faddc565fca13b
Value: %7B%22uuid%22%3A%221.92NV6oVIp9WDDQ1e4x3XlwxpEBrzeQP9xHsS6T4wpfEaJjVTilDceXsDouVoCmuNQIPj4E5eJdpVVNmQGop36hVZGn2ZNuMpgBl9lrBZ0QXTvATjLOj9rR2I1UEi%22%2C%22version%22%3A3%2C%22domain%22%3A%22cruiseescapes.com%22%2C%22ts%22%3A1690827419084%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliates.onlineagency.com
cdn.jsdelivr.net
embed.tawk.to
mail.cruiseescapes.com
va.tawk.to
130.250.4.191
130.250.4.244
2606:4700:10::6816:1883
2606:4700::6810:5814
04dc19ed0716c50049bb94c430e77a314842d03cb5b09463a083b6066e18ed12
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1d12219cf7f2c298e6c53ebbe1bc272447f05f3279f25bc34cc1159b875b59b5
274b1d404f7ccb91b20f906068aa984a2d96456b74d2c584b4f697799734e840
31a189a9ed12b61448bc0ed1b922c7a8b66119e61d5d0ee282b1b8d3e00cf099
51e73fb66e2b18f262f86ba2880f9369b6a66d7411a3c8daa1146aaafc2690e6
5971e1d1ff2edc61e7f8be019bcd4a3647ef26e8ab614d5b7a7caf1703f12e71
60b0cb1bb49a0b0796b9378cbbd617cf46b86cf064f13a1d1bcd67feb43d28f7
7016260337ad9ca40160540975a88f7d8a22056d52191bcd478cfd45b7bf9b84
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09
788855d7239de368ab83b2a1d743be8504c68659912d8f9aaf67a5a6aac463ed
7bce5f6a99be4b8c9a6ba79c6da75e38c51830dc8799db95b333cdc2107b8f9d
7dd1dfad69837f3153331943da5b18de828f08d7193cdeeb6a94b0d899a7f73e
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
91088b46822254d26e9498f85f1d3ba8c53a251f999ef60e6a9976640209281c
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
ab4964ae0560c9cd3604e246bd608cf4ef9be2b0cf289a89baf8789f6d95187f
b2ce90f030ab61d7b955c94c870f9cb675c9af77f7c0b26ed8934d1c337c6dda
c6d7e52f7c1ff23111102eb047735cd5f5f0e9f8b7a371ee58cedfc9943cc30f
cda3a940b53dd58a8fd2b219dada689959db76a483ed394cc2843f60559866c3
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ee5bec255ba157d235fe098c42b52ae345e637b99e81abe08e949fcc1f08081e
ef75f3f6b7df21c5f17dc68ec1057a01f2e022cdd6f2cc2e9dda58f2218866e2
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f5c1dd51a0afd047de7dce63776e80feb471049b59343243b106c51747e47644
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84