casualino-jsc.helpshift.com Open in urlscan Pro
2600:1f1c:c01:3100:c222:e7df:c007:47fe Public Scan

Go To Rescan
Add Verdict Report

URL:
https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
Submission: On January 13 via api (January 13th 2021, 11:45:35 am UTC) from BE

Summary HTTP 27 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2600:1f1c:c01:3100:c222:e7df:c007:47fe, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is casualino-jsc.helpshift.com.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on July 18th 2019. Valid for: 2 years.

This is the only time casualino-jsc.helpshift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12 19	2600:1f1c:c01... 2600:1f1c:c01:3100:c222:e7df:c007:47fe	16509 (AMAZON-02) (AMAZON-02)
12	143.204.214.103 143.204.214.103	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f1c:c01... 2600:1f1c:c01:3100:b02c:ad89:c114:4bf0	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
27	7

19 2600:1f1c:c01:3100:c222:e7df:c007:47fe (San Jose, United States) 12 redirects

ASN16509 (AMAZON-02, US)

casualino-jsc.helpshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.214.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-103.fra53.r.cloudfront.net

d2fs58k4ez69fv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f1c:c01:3100:b02c:ad89:c114:4bf0 (San Jose, United States)

ASN16509 (AMAZON-02, US)

s.helpshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	helpshift.com 12 redirects casualino-jsc.helpshift.com s.helpshift.com	300 KB
12	cloudfront.net d2fs58k4ez69fv.cloudfront.net	65 KB
2	googletagmanager.com www.googletagmanager.com	95 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	googleapis.com fonts.googleapis.com	505 B
27	5

	Domain	Requested by
19	casualino-jsc.helpshift.com	12 redirects casualino-jsc.helpshift.com s.helpshift.com
12	d2fs58k4ez69fv.cloudfront.net	casualino-jsc.helpshift.com
4	s.helpshift.com	casualino-jsc.helpshift.com s.helpshift.com
2	www.googletagmanager.com	casualino-jsc.helpshift.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	casualino-jsc.helpshift.com
27	6

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
windows.microsoft.com
www.helpshift.com
www.miibeian.gov.cn

Subject Issuer	Validity	Valid
*.helpshift.com Sectigo ECC Domain Validation Secure Server CA	`2019-07-18` - `2021-05-17`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
Frame ID: DC0CDD8497C6C4C7B90DDB45B0B707B2
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

27
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

469 kB
Transfer

936 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/intl/en_us/chrome/browser/
Title: Chrome

Search URL Search Domain Scan URL

URL: http://www.mozilla.org/en-US/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-us/internet-explorer/download-ie/
Title: IE10+

Search URL Search Domain Scan URL

URL: https://www.helpshift.com/powered-by-helpshift/
Title:

Search URL Search Domain Scan URL

URL: http://www.miibeian.gov.cn/
Title: ICP 2020026027-1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis5-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple115%2Fv4%2F68%2Fc2%2F5c%2F68c25cbb-dfbc-dc9b-ba7d-af117bf9853e%2Fsource%2F512x512bb.jpg&size=68x68&kot=cLzjE3w7QGgAqkhWBqfCsxrndj7Fx7GjxdkHWuGcn5g%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022

Request Chain 14

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis5-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple115%2Fv4%2F68%2Fc2%2F5c%2F68c25cbb-dfbc-dc9b-ba7d-af117bf9853e%2Fsource%2F512x512bb.jpg&size=68x68&kot=cLzjE3w7QGgAqkhWBqfCsxrndj7Fx7GjxdkHWuGcn5g%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022

Request Chain 16

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple125%2Fv4%2F83%2Ffe%2F31%2F83fe31a9-920d-2847-0838-e44d25133de6%2Fsource%2F512x512bb.jpg&size=68x68&kot=rlRnzjd2jZd1mohHebF%2FqGyBOZ74vsna6b%2Bi%2Fn%2BT9Fo%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/b4070c3c15c02c0d438b8620085a16f9be5f5d93179f4afa9fe5029a357ac6db

Request Chain 17

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis3-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple125%2Fv4%2F64%2F2a%2Fd3%2F642ad3c6-8a50-4f8b-a77d-60e6c337c87a%2Fsource%2F512x512bb.jpg&size=68x68&kot=U8VyqVBgvs7j6wM6cwXF1S%2Bjq78DYA7W2F3%2BlAcc16A%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/31e4d6f700f29d66307898880a5e7d3a910feffd1e35530b74d15700d6d10491

Request Chain 18

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple115%2Fv4%2Fef%2F93%2F14%2Fef931492-0d54-1f81-ad20-a27c34317c69%2Fsource%2F512x512bb.jpg&size=68x68&kot=zB4BLLvnTqRQeq4YYhhBuYkCTJqiYRwWc2fkbKM1fXY%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/bc231c639733ff1d6fd2ea1acaa4794c680080480eee0817eedd4d2da339a9f6

Request Chain 19

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple118%2Fv4%2F61%2F8f%2F15%2F618f1578-448f-fe12-8734-7e67ddfa2457%2Fsource%2F512x512bb.jpg&size=68x68&kot=3476A5UgtNLbg8g629L0uvytFRieA5H4TLjcYDf5W4Q%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/1262b0bf49b3a24bc10389e19ab5da9524ce2ac96737987d2e5615fd349f9122

Request Chain 20

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis2-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple128%2Fv4%2F5a%2F0a%2Fd3%2F5a0ad385-3eb0-827a-0751-7b8a8b5ee870%2Fsource%2F512x512bb.jpg&size=68x68&kot=hBULD%2BYkgSO74%2Fr%2Ft0lrmtdkNM5OPIkJtrFmNQStbpI%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/fcd3b40472825e3bbfe8add9a72ca431da053b943aa53fe8680b0e3c84ac39ce

Request Chain 21

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis2-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple113%2Fv4%2F69%2F14%2Fb6%2F6914b6b6-8445-1716-fef1-6be42bbf2c18%2Fsource%2F512x512bb.jpg&size=68x68&kot=4rmkG6M7R83xTEvLdKVt1r5Et1L0qjc%2B4epZTmDvDTA%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/7927cadc02d5811125bd2db7b41b6125cabbb699fc83634dd3a87a85116b1af7

Request Chain 22

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Flh3.googleusercontent.com%2FR2yjp3u0XbyZCcCzb-5_uaGggkAsnVLumKBsIi8pPJwegj7vYj2fcF5WuPDDCgC0hcx5%3Ds180-rw&size=68x68&kot=a9xfiaveZf1XR2XNuQeHIbfQfdqdXjkFEOwUSXGDhB8%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/4bb140a220fdef9925bd510de331f7960b5199f32cb214a4a5ecf80f982daa72

Request Chain 23

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Flh3.googleusercontent.com%2Ffa3hPN89ED3I0pDHpfmOpbkhSIQvK_XVteeWo9Ja2jWyCXEIVhxrWtzAxeRt0Qv7Ga0%3Ds180-rw&size=68x68&kot=svc5Td%2B6UUzOA8Qf%2BZPsfobArt20hxOIA8CPq0Dtfcc%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/5dd1866d59b529595e6c050c75959c157fc5739a0363714472fad3666ab59ddb

Request Chain 24

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple113%2Fv4%2Fc3%2F62%2Fa7%2Fc362a723-d77a-5887-68a3-c66b35d48403%2Fsource%2F512x512bb.jpg&size=68x68&kot=cm9pJk%2F1kbHmuBnP9Ek9HEXq1lBC%2BOzzKGHr9nsx3XQ%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/f4b493869602284d92ed89d3cadde264d0b04fd81990ebe34acb9d9633ae5323

Request Chain 26

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Flh3.googleusercontent.com%2FJUsm2ltOTYQhbr03HcFvS82A5bQ-OC4l4cgu2LfjTeS1fgLrLAgq6mAFMXsmSRqgBBti%3Ds180-rw&size=68x68&kot=PKzzDcdg36PluQMxK2rejuIbLNM0vUoMwUIVpedGL5E%3D HTTP 301
https://d2fs58k4ez69fv.cloudfront.net/d60806d005a53b5dbac63e8de605e7dbde1dcefc4440bb7439cab4f09cf7ef5c

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
casualino-jsc.helpshift.com/a/vip-baloot/ 28 KB
6 KB 528ms
172ms Document
text/html 2600:1f1c:c01:3100:c222:e7df:c007:47fe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:c222:e7df:c007:47fe San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ef1ed5c86d8cee66da7105a5be9f35a110cdebea67bc8333760ef2e1058b1d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: casualino-jsc.helpshift.com
:scheme: https
:path: /a/vip-baloot/?hpn=1&p=web&han=1&l=en
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 11:45:08 GMT
content-type: text/html;charset=utf-8
server: nginx
cache-control: no-store, no-cache, must-revalidate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-proxy-cache: MISS
content-encoding: gzip

GET
H2 200 user-facing.css
casualino-jsc.helpshift.com/static/css/ 35 KB
8 KB 160ms
159ms Stylesheet
text/css 2600:1f1c:c01:3100:c222:e7df:c007:47fe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://casualino-jsc.helpshift.com/static/css/user-facing.css?v=20160524

Requested by

Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:c222:e7df:c007:47fe San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

22418aa5fc47001b1bfe6a7f5d7616c223ff2db2c3c6a35e7ab4e00dc428ba08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 11:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 05:11:15 GMT
server: nginx
etag: "5ffe80f3-1d1c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css; charset=UTF-8
cache-control: max-age=604800, public, no-cache
content-length: 7452
x-xss-protection: 1; mode=block

GET
H2 200 /
casualino-jsc.helpshift.com/websupport/custom-css/ 392 KB
239 KB 317ms
317ms Stylesheet
text/css 2600:1f1c:c01:3100:c222:e7df:c007:47fe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://casualino-jsc.helpshift.com/websupport/custom-css/?v=1600344838979

Requested by

Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:c222:e7df:c007:47fe San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0c8ce6198db9440c023b3d03bec978d0435896b380c5ff90b245a29c2d38fc27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 11:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css; charset=UTF-8
x-xss-protection: 1; mode=block
x-proxy-cache: MISS

GET
H2

200

803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis5-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple115%2Fv4%2F68%2Fc2%2F5c%2F68c25cbb-dfbc-dc9b-ba7d-af117bf9853e%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022

5 KB
6 KB

1157ms
53ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022
Requested by: Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810cbb484d204e3a11e99640cf9fbd4a458cf69972aa6a1419ac8658c2671eb8

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:28:47 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 1073784
x-amz-meta-uploaded-at: Tue, 26 Jun 2018 13:25:48 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5505
x-amz-meta-upstream-url: https://is5-ssl.mzstatic.com/image/thumb/Purple115/v4/68/c2/5c/68c25cbb-dfbc-dc9b-ba7d-af117bf9853e/source/512x512bb.jpg
last-modified: Tue, 26 Jun 2018 13:25:49 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "7cfdfec9875b1a23b44f064cd0ac2cdc"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 5H9Gl9drTiR4k7v_yrRyZ9GRKHnxNv0rarnOeZ36cfykSlRg7XfoBw==
expires: Thu, 04 May 2028 13:25:48 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2 200 combo Show response
s.helpshift.com/ 59 KB
21 KB 482ms
162ms Script
application/javascript 2600:1f1c:c01:3100:b02c:ad89:c114:4bf0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.helpshift.com/combo?bundles/userFacing.js

Requested by

Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:b02c:ad89:c114:4bf0 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

db04da80eac3c1467a52402fefe2f11d6d9fa937832770c8311ed66fe6aaf802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-careers: Join us to hack on this server. jobs at helpshift.mobi
date: Wed, 13 Jan 2021 11:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: e7f64b3cc926cb18b9f3ae8237c319da144d50d6
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800, public, no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
36 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KHDTN3

Requested by

Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cd2f8f570eca3325b44456f82d354c598c823da1a9fd191dac5c292b9f8b8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 11:45:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36357
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Jan 2021 11:45:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
59 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPN2QB

Requested by

Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d05cd8f13e51913d7010cc9f220fd75fab8cfe0fdc462d9e5f00483eb0d8c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 11:45:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60355
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Jan 2021 11:45:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 971 B
505 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo

Requested by

Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/websupport/custom-css/?v=1600344838979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b059bc9b433c28829286376b1649924b6ad9f5214d73539de18cf1cc016ef745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://casualino-jsc.helpshift.com/websupport/custom-css/?v=1600344838979
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 11:38:44 GMT
server: ESF
date: Wed, 13 Jan 2021 11:45:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jan 2021 11:45:09 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85b1d17979a28f05774787c8b1fa4861bce923f4f0798cdc868fc92c707dfa25

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SLXGc1nY6HkvalIhTpumxdt0.woff2
fonts.gstatic.com/s/cairo/v9/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v9/SLXGc1nY6HkvalIhTpumxdt0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55632025f6c3687b30817e2536b22b697ba584ef31faca1d7c4ed1f13207c45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://casualino-jsc.helpshift.com
Referer: https://fonts.googleapis.com/css?family=Cairo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 15:25:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:54:22 GMT
server: sffe
age: 418795
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13392
x-xss-protection: 0
expires: Sat, 08 Jan 2022 15:25:14 GMT

GET
H2 200 shifticons-support-webfont.woff
casualino-jsc.helpshift.com/static/fonts/shifticons/ 5 KB
6 KB 159ms
158ms Font
application/x-font-woff 2600:1f1c:c01:3100:c222:e7df:c007:47fe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://casualino-jsc.helpshift.com/static/fonts/shifticons/shifticons-support-webfont.woff?v=201601171430
Requested by: Host: casualino-jsc.helpshift.com
URL: https://casualino-jsc.helpshift.com/static/css/user-facing.css?v=20160524
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:1f1c:c01:3100:c222:e7df:c007:47fe San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cbdeb3f26f392350060f27fbbee146d612961d71277ec166e8721753a83b911

Request headers

Origin: https://casualino-jsc.helpshift.com
Referer: https://casualino-jsc.helpshift.com/static/css/user-facing.css?v=20160524
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 11:45:09 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 05:11:14 GMT
server: nginx
etag: "5ffe80f2-158a"
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://casualino-jsc.helpshift.com
content-length: 5514

GET
H2 200 combo Show response
s.helpshift.com/ 5 KB
2 KB 160ms
160ms Script
application/javascript 2600:1f1c:c01:3100:b02c:ad89:c114:4bf0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.helpshift.com/combo?build/extras/sessionHelpers.js&build/gunpowder/utils/array.js&build/gunpowder/utils/format.js

Requested by

Host: s.helpshift.com
URL: https://s.helpshift.com/combo?bundles/userFacing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:b02c:ad89:c114:4bf0 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

12de0921c3f911c8cf8042c7ab8eddc172107449e849ae27a2f535afeb08424c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-careers: Join us to hack on this server. jobs at helpshift.mobi
date: Wed, 13 Jan 2021 11:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: 5111f78136f4752bdbf6b8384132c616c2371d60
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800, public, no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 1947
x-xss-protection: 1; mode=block

GET
H2 200 combo Show response
s.helpshift.com/ 1 KB
984 B 159ms
159ms Script
application/javascript 2600:1f1c:c01:3100:b02c:ad89:c114:4bf0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.helpshift.com/combo?build/gunpowder/utils/localStorage.js

Requested by

Host: s.helpshift.com
URL: https://s.helpshift.com/combo?bundles/userFacing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:b02c:ad89:c114:4bf0 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

34111e4da97e64b3a860b13c738ca61020ede0800da5c22c14f8999b9b4bfcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-careers: Join us to hack on this server. jobs at helpshift.mobi
date: Wed, 13 Jan 2021 11:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: 57a34d7dd4abe890ce401236c3cfb4aeb0a33a3b
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800, public, no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 634
x-xss-protection: 1; mode=block

GET
H2 200 combo Show response
s.helpshift.com/ 1 KB
1 KB 160ms
159ms Script
application/javascript 2600:1f1c:c01:3100:b02c:ad89:c114:4bf0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.helpshift.com/combo?build/gunpowder/utils/object.js

Requested by

Host: s.helpshift.com
URL: https://s.helpshift.com/combo?bundles/userFacing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:b02c:ad89:c114:4bf0 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3f2164cfc86e94534319cfd1ad8e72809261d576e6d6d84eb09435e3ad3bed3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-careers: Join us to hack on this server. jobs at helpshift.mobi
date: Wed, 13 Jan 2021 11:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: 68676b05717dc370219d5848b4229b1d8e070cdb
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800, public, no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 731
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
casualino-jsc.helpshift.com/xhr/support/view/public-app/ 35 KB
6 KB 184ms
180ms XHR
application/json 2600:1f1c:c01:3100:c222:e7df:c007:47fe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://casualino-jsc.helpshift.com/xhr/support/view/public-app/?hpn=1&p=web&han=1&l=en&slug=vip-baloot&get_tmpl=1

Requested by

Host: s.helpshift.com
URL: https://s.helpshift.com/combo?bundles/userFacing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:c222:e7df:c007:47fe San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1f1ba60a04d3ca73bf2ea7eb40724ff1c6e0c3b776a3ac08f33e096f73306f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 13 Jan 2021 11:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json;charset=utf-8
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
x-proxy-cache: MISS

GET
H2

200

803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis5-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple115%2Fv4%2F68%2Fc2%2F5c%2F68c25cbb-dfbc-dc9b-ba7d-af117bf9853e%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022

5 KB
6 KB

62ms
59ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810cbb484d204e3a11e99640cf9fbd4a458cf69972aa6a1419ac8658c2671eb8

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 01:28:47 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 1073784
x-amz-meta-uploaded-at: Tue, 26 Jun 2018 13:25:48 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5505
x-amz-meta-upstream-url: https://is5-ssl.mzstatic.com/image/thumb/Purple115/v4/68/c2/5c/68c25cbb-dfbc-dc9b-ba7d-af117bf9853e/source/512x512bb.jpg
last-modified: Tue, 26 Jun 2018 13:25:49 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "7cfdfec9875b1a23b44f064cd0ac2cdc"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: lomMOcfX_2kzp_mNZviJ87q-SqFK6tX1AuxK0sLrkP95UCFZCBUa7g==
expires: Thu, 04 May 2028 13:25:48 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/803e7ecf809f6a9115991763efaeb0350148cfdea48c931b2db74f5e5ef18022
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
casualino-jsc.helpshift.com/xhr/support/csrf/ 63 B
468 B 165ms
161ms XHR
application/json 2600:1f1c:c01:3100:c222:e7df:c007:47fe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://casualino-jsc.helpshift.com/xhr/support/csrf/

Requested by

Host: s.helpshift.com
URL: https://s.helpshift.com/combo?bundles/userFacing.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1f1c:c01:3100:c222:e7df:c007:47fe San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

41e2003adc39944d02f8b9ef5f09128d4d8ffc8663a5d76f2ba8ffa407f26ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json;charset=utf-8
cache-control: no-store, no-cache, must-revalidate
content-length: 63
x-xss-protection: 1; mode=block

GET
H2

200

b4070c3c15c02c0d438b8620085a16f9be5f5d93179f4afa9fe5029a357ac6db
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple125%2Fv4%2F83%2Ffe%2F31%2F83fe31a9-920d-2847-0838-e44d25133de6%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/b4070c3c15c02c0d438b8620085a16f9be5f5d93179f4afa9fe5029a357ac6db

5 KB
5 KB

60ms
57ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/b4070c3c15c02c0d438b8620085a16f9be5f5d93179f4afa9fe5029a357ac6db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 380e86e7e0ce85cecfa3073ab58c5598c5c6baa88dc66f9e53532e19cf477308

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 04:43:23 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 2271708
x-amz-meta-uploaded-at: Mon, 18 Jun 2018 12:43:15 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4615
x-amz-meta-upstream-url: https://is1-ssl.mzstatic.com/image/thumb/Purple125/v4/83/fe/31/83fe31a9-920d-2847-0838-e44d25133de6/source/512x512bb.jpg
last-modified: Mon, 18 Jun 2018 12:43:16 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "c0525b5c33003aac18d940b7143df98c"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 6ToH0fdXXiDOfX-QbBRVf-UMhzdbMeOZaEWleQXrSyzNkn66PK3CLg==
expires: Wed, 26 Apr 2028 12:43:15 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/b4070c3c15c02c0d438b8620085a16f9be5f5d93179f4afa9fe5029a357ac6db
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

31e4d6f700f29d66307898880a5e7d3a910feffd1e35530b74d15700d6d10491
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis3-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple125%2Fv4%2F64%2F2a%2Fd3%2F642ad3c6-8a50-4f8b-a77d-60e6c337c87a%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/31e4d6f700f29d66307898880a5e7d3a910feffd1e35530b74d15700d6d10491

5 KB
5 KB

82ms
80ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/31e4d6f700f29d66307898880a5e7d3a910feffd1e35530b74d15700d6d10491
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfbc7760a055dc30955bc760534ed66c1616893f3fd0878e1ce90f61c9353c4b

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 12:59:34 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 1982737
x-amz-meta-uploaded-at: Thu, 28 Jun 2018 09:31:01 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4960
x-amz-meta-upstream-url: https://is3-ssl.mzstatic.com/image/thumb/Purple125/v4/64/2a/d3/642ad3c6-8a50-4f8b-a77d-60e6c337c87a/source/512x512bb.jpg
last-modified: Thu, 28 Jun 2018 09:31:02 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "527e96fa06c652d7fdd5d09427cd1c03"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: Vg7I8EAvTChxdW481SQzTcRl5Wg5ye3LEm3cwMQW7-6LKmIKCqiIyg==
expires: Sat, 06 May 2028 09:31:01 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/31e4d6f700f29d66307898880a5e7d3a910feffd1e35530b74d15700d6d10491
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

bc231c639733ff1d6fd2ea1acaa4794c680080480eee0817eedd4d2da339a9f6
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple115%2Fv4%2Fef%2F93%2F14%2Fef931492-0d54-1f81-ad20-a27c34317c69%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/bc231c639733ff1d6fd2ea1acaa4794c680080480eee0817eedd4d2da339a9f6

5 KB
6 KB

87ms
86ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/bc231c639733ff1d6fd2ea1acaa4794c680080480eee0817eedd4d2da339a9f6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 394cfcaf8d895e7598844521851b3fbdd802035d5d739c887071dc088bdf7e2e

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 10:08:49 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 2511382
x-amz-meta-uploaded-at: Thu, 28 Jun 2018 09:33:53 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5141
x-amz-meta-upstream-url: https://is1-ssl.mzstatic.com/image/thumb/Purple115/v4/ef/93/14/ef931492-0d54-1f81-ad20-a27c34317c69/source/512x512bb.jpg
last-modified: Thu, 28 Jun 2018 09:33:54 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "a08ee96b431f47d825e20e1b329a6999"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: KiAobV03XbxB9gbwM04RHhnsGHyicRykhppujOBLqQ0PDKcyucTjFg==
expires: Sat, 06 May 2028 09:33:53 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/bc231c639733ff1d6fd2ea1acaa4794c680080480eee0817eedd4d2da339a9f6
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

1262b0bf49b3a24bc10389e19ab5da9524ce2ac96737987d2e5615fd349f9122
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple118%2Fv4%2F61%2F8f%2F15%2F618f1578-448f-fe12-8734-7e67ddfa2457%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/1262b0bf49b3a24bc10389e19ab5da9524ce2ac96737987d2e5615fd349f9122

4 KB
5 KB

57ms
53ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/1262b0bf49b3a24bc10389e19ab5da9524ce2ac96737987d2e5615fd349f9122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73d1708f3736304e7cdf0987613146c92841c3390f53eb9ac1e4284b5f8367a4

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 05:20:37 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 2615074
x-amz-meta-uploaded-at: Thu, 28 Jun 2018 09:37:22 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4382
x-amz-meta-upstream-url: https://is1-ssl.mzstatic.com/image/thumb/Purple118/v4/61/8f/15/618f1578-448f-fe12-8734-7e67ddfa2457/source/512x512bb.jpg
last-modified: Thu, 28 Jun 2018 09:37:23 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "daa4d489f303d42412f2df91c76c99e7"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: YLhRyFwakgRHRQorHGe0Xbjvn0WlRpxkSrPM94X5pPHtHtvgsFaMkA==
expires: Sat, 06 May 2028 09:37:22 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/1262b0bf49b3a24bc10389e19ab5da9524ce2ac96737987d2e5615fd349f9122
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

fcd3b40472825e3bbfe8add9a72ca431da053b943aa53fe8680b0e3c84ac39ce
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis2-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple128%2Fv4%2F5a%2F0a%2Fd3%2F5a0ad385-3eb0-827a-0751-7b8a8b5ee870%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/fcd3b40472825e3bbfe8add9a72ca431da053b943aa53fe8680b0e3c84ac39ce

4 KB
5 KB

73ms
71ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/fcd3b40472825e3bbfe8add9a72ca431da053b943aa53fe8680b0e3c84ac39ce
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26356c88ab7486f75538d46309ad22d84bb4737d3a58aed74697db87c0844b94

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Dec 2020 12:17:43 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 2158048
x-amz-meta-uploaded-at: Thu, 28 Jun 2018 09:40:15 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4294
x-amz-meta-upstream-url: https://is2-ssl.mzstatic.com/image/thumb/Purple128/v4/5a/0a/d3/5a0ad385-3eb0-827a-0751-7b8a8b5ee870/source/512x512bb.jpg
last-modified: Thu, 28 Jun 2018 09:40:16 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "9198ed505e657704443891eea6260924"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: kF-dkmqg6F7g0DGjiO3aZkha4uWYHsgKKE-JBHGNdJ1HBX4NFT03IQ==
expires: Sat, 06 May 2028 09:40:15 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/fcd3b40472825e3bbfe8add9a72ca431da053b943aa53fe8680b0e3c84ac39ce
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

7927cadc02d5811125bd2db7b41b6125cabbb699fc83634dd3a87a85116b1af7
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis2-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple113%2Fv4%2F69%2F14%2Fb6%2F6914b6b6-8445-1716-fef1-6be42bbf2c18%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/7927cadc02d5811125bd2db7b41b6125cabbb699fc83634dd3a87a85116b1af7

5 KB
5 KB

75ms
73ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/7927cadc02d5811125bd2db7b41b6125cabbb699fc83634dd3a87a85116b1af7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcb0839f102cfdcf50653a4e2907630162172768e65abd804cd7885d7f1eb29e

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 12:59:34 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 1982737
x-amz-meta-uploaded-at: Mon, 07 Oct 2019 13:35:35 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4659
x-amz-meta-upstream-url: https://is2-ssl.mzstatic.com/image/thumb/Purple113/v4/69/14/b6/6914b6b6-8445-1716-fef1-6be42bbf2c18/source/512x512bb.jpg
last-modified: Mon, 07 Oct 2019 13:35:36 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "e443c2a72fa1c07fb99da66489cc81ca"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: xKfFh1JqTzrvOl7isQRNpBf29Pe-qTqnKt94b-wjkELI4_gVgXLlXw==
expires: Wed, 15 Aug 2029 13:35:35 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/7927cadc02d5811125bd2db7b41b6125cabbb699fc83634dd3a87a85116b1af7
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

4bb140a220fdef9925bd510de331f7960b5199f32cb214a4a5ecf80f982daa72
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Flh3.googleusercontent.com%2FR2yjp3u0XbyZCcCzb-5_uaGggkAsnVLumKBsIi8pPJwegj7vYj2fcF5WuPDDCgC0hcx5%3Ds180-rw&size=68x68&kot=a9xfiaveZf1XR...
https://d2fs58k4ez69fv.cloudfront.net/4bb140a220fdef9925bd510de331f7960b5199f32cb214a4a5ecf80f982daa72

4 KB
5 KB

62ms
60ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/4bb140a220fdef9925bd510de331f7960b5199f32cb214a4a5ecf80f982daa72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1fb2f4712ff5113f7b285ef30f24320891db2b5d96773b715fad2f3cbeef189

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:17 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 241434
x-amz-meta-uploaded-at: Thu, 28 Jun 2018 09:43:05 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4552
x-amz-meta-upstream-url: https://lh3.googleusercontent.com/R2yjp3u0XbyZCcCzb-5_uaGggkAsnVLumKBsIi8pPJwegj7vYj2fcF5WuPDDCgC0hcx5=s180-rw
last-modified: Thu, 28 Jun 2018 09:43:06 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "189c13ba4dc2a60858d6e29598b6c9b6"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: ZX0u-UpzB8uINZxsbV-pFVI7EK01qV_YLO_TsmH05hqGnJWNtF-rug==
expires: Sat, 06 May 2028 09:43:05 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/4bb140a220fdef9925bd510de331f7960b5199f32cb214a4a5ecf80f982daa72
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

5dd1866d59b529595e6c050c75959c157fc5739a0363714472fad3666ab59ddb
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Flh3.googleusercontent.com%2Ffa3hPN89ED3I0pDHpfmOpbkhSIQvK_XVteeWo9Ja2jWyCXEIVhxrWtzAxeRt0Qv7Ga0%3Ds180-rw&size=68x68&kot=svc5Td%2B6UUzO...
https://d2fs58k4ez69fv.cloudfront.net/5dd1866d59b529595e6c050c75959c157fc5739a0363714472fad3666ab59ddb

5 KB
6 KB

65ms
62ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/5dd1866d59b529595e6c050c75959c157fc5739a0363714472fad3666ab59ddb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd8f0f97378def3f8016e281547e6334c644974b3ab68a338dbe40dd3fa3b148

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:36:45 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 1613305
x-amz-meta-uploaded-at: Thu, 30 Aug 2018 14:56:36 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5591
x-amz-meta-upstream-url: https://lh3.googleusercontent.com/fa3hPN89ED3I0pDHpfmOpbkhSIQvK_XVteeWo9Ja2jWyCXEIVhxrWtzAxeRt0Qv7Ga0=s180-rw
last-modified: Thu, 30 Aug 2018 14:56:37 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "214f08a125f1703abcf2904dc659a7f8"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: H-gCiFlLwfAHPBBdJ1DFcBqQUfITeJ-ILHFDAhbmLl1woUCdXjXD7A==
expires: Sat, 08 Jul 2028 14:56:36 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/5dd1866d59b529595e6c050c75959c157fc5739a0363714472fad3666ab59ddb
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2

200

f4b493869602284d92ed89d3cadde264d0b04fd81990ebe34acb9d9633ae5323
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Fis1-ssl.mzstatic.com%2Fimage%2Fthumb%2FPurple113%2Fv4%2Fc3%2F62%2Fa7%2Fc362a723-d77a-5887-68a3-c66b35d48403%2Fsource%2F512x512bb.jpg&si...
https://d2fs58k4ez69fv.cloudfront.net/f4b493869602284d92ed89d3cadde264d0b04fd81990ebe34acb9d9633ae5323

5 KB
5 KB

84ms
82ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/f4b493869602284d92ed89d3cadde264d0b04fd81990ebe34acb9d9633ae5323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d9236154cc9c648466e6a9e5458c614c8364864d24e67adefaa9c13492796a0

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:18 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 241433
x-amz-meta-uploaded-at: Tue, 16 Jun 2020 07:05:42 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4706
x-amz-meta-upstream-url: https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/c3/62/a7/c362a723-d77a-5887-68a3-c66b35d48403/source/512x512bb.jpg
last-modified: Tue, 16 Jun 2020 07:05:43 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "6bfda40e6ffcff1a78073afefaeffce8"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: qNXrM2PFFcsz56PFkVLrXD9YO-kXv0L6Rvbhf5NuHs58Q0x13Ive-w==
expires: Thu, 25 Apr 2030 07:05:42 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/f4b493869602284d92ed89d3cadde264d0b04fd81990ebe34acb9d9633ae5323
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

GET
H2 200 default-app-icon.png
casualino-jsc.helpshift.com/static/images/avatars/ 6 KB
6 KB 161ms
159ms Image
image/png 2600:1f1c:c01:3100:c222:e7df:c007:47fe
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casualino-jsc.helpshift.com/static/images/avatars/default-app-icon.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:1f1c:c01:3100:c222:e7df:c007:47fe San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a34e0fcc3217782b6eeb15adba97cd4c5cd841ce2046cc09b10b790549234e93

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 11:45:10 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 05:11:14 GMT
server: nginx
etag: "5ffe80f2-1739"
access-control-allow-methods: GET
content-type: image/png
content-length: 5945

GET
H2

200

d60806d005a53b5dbac63e8de605e7dbde1dcefc4440bb7439cab4f09cf7ef5c
d2fs58k4ez69fv.cloudfront.net/
Redirect Chain

https://casualino-jsc.helpshift.com/improxy?url=https%3A%2F%2Flh3.googleusercontent.com%2FJUsm2ltOTYQhbr03HcFvS82A5bQ-OC4l4cgu2LfjTeS1fgLrLAgq6mAFMXsmSRqgBBti%3Ds180-rw&size=68x68&kot=PKzzDcdg36Plu...
https://d2fs58k4ez69fv.cloudfront.net/d60806d005a53b5dbac63e8de605e7dbde1dcefc4440bb7439cab4f09cf7ef5c

5 KB
5 KB

67ms
64ms

Image
image/jpeg

143.204.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fs58k4ez69fv.cloudfront.net/d60806d005a53b5dbac63e8de605e7dbde1dcefc4440bb7439cab4f09cf7ef5c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9381e99a0ea9aa30d1077bc329a5430bd282893744bb13993257697d8990d6cb

Request headers

Referer: https://casualino-jsc.helpshift.com/a/vip-baloot/?hpn=1&p=web&han=1&l=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 12:56:43 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-meta-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
age: 1378108
x-amz-meta-uploaded-at: Wed, 16 Sep 2020 10:05:44 UTC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4774
x-amz-meta-upstream-url: https://lh3.googleusercontent.com/JUsm2ltOTYQhbr03HcFvS82A5bQ-OC4l4cgu2LfjTeS1fgLrLAgq6mAFMXsmSRqgBBti=s180-rw
last-modified: Wed, 16 Sep 2020 10:05:45 GMT
server: AmazonS3
x-amz-meta-scaled-size: 68x68
etag: "5096554cbb1ba61f005ea5423b9f2197"
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: yt1W_ad5RDOvxvYtUQa0JkSq4g-5TvXDuPqMbnGrdKNe6zCH5ObXWg==
expires: Fri, 26 Jul 2030 10:05:44 UTC

Redirect headers

x-careers: Cool enough to work with us at Helpshift? Email: jobs@helpshift.com
date: Wed, 13 Jan 2021 11:45:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-go: Helpshift â¥ Go.
location: https://d2fs58k4ez69fv.cloudfront.net/d60806d005a53b5dbac63e8de605e7dbde1dcefc4440bb7439cab4f09cf7ef5c
content-type: text/html; charset=utf-8
content-length: 137
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

casualino-jsc.helpshift.com
d2fs58k4ez69fv.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
s.helpshift.com
www.googletagmanager.com
143.204.214.103
2600:1f1c:c01:3100:b02c:ad89:c114:4bf0
2600:1f1c:c01:3100:c222:e7df:c007:47fe
2a00:1450:4001:802::200a
2a00:1450:4001:806::2008
2a00:1450:4001:824::2003
0c8ce6198db9440c023b3d03bec978d0435896b380c5ff90b245a29c2d38fc27
12de0921c3f911c8cf8042c7ab8eddc172107449e849ae27a2f535afeb08424c
1d05cd8f13e51913d7010cc9f220fd75fab8cfe0fdc462d9e5f00483eb0d8c51
1f1ba60a04d3ca73bf2ea7eb40724ff1c6e0c3b776a3ac08f33e096f73306f59
22418aa5fc47001b1bfe6a7f5d7616c223ff2db2c3c6a35e7ab4e00dc428ba08
26356c88ab7486f75538d46309ad22d84bb4737d3a58aed74697db87c0844b94
2d9236154cc9c648466e6a9e5458c614c8364864d24e67adefaa9c13492796a0
34111e4da97e64b3a860b13c738ca61020ede0800da5c22c14f8999b9b4bfcbe
380e86e7e0ce85cecfa3073ab58c5598c5c6baa88dc66f9e53532e19cf477308
394cfcaf8d895e7598844521851b3fbdd802035d5d739c887071dc088bdf7e2e
3f2164cfc86e94534319cfd1ad8e72809261d576e6d6d84eb09435e3ad3bed3d
41e2003adc39944d02f8b9ef5f09128d4d8ffc8663a5d76f2ba8ffa407f26ec1
4cbdeb3f26f392350060f27fbbee146d612961d71277ec166e8721753a83b911
55632025f6c3687b30817e2536b22b697ba584ef31faca1d7c4ed1f13207c45e
6cd2f8f570eca3325b44456f82d354c598c823da1a9fd191dac5c292b9f8b8f4
73d1708f3736304e7cdf0987613146c92841c3390f53eb9ac1e4284b5f8367a4
810cbb484d204e3a11e99640cf9fbd4a458cf69972aa6a1419ac8658c2671eb8
85b1d17979a28f05774787c8b1fa4861bce923f4f0798cdc868fc92c707dfa25
9381e99a0ea9aa30d1077bc329a5430bd282893744bb13993257697d8990d6cb
a34e0fcc3217782b6eeb15adba97cd4c5cd841ce2046cc09b10b790549234e93
b059bc9b433c28829286376b1649924b6ad9f5214d73539de18cf1cc016ef745
bfbc7760a055dc30955bc760534ed66c1616893f3fd0878e1ce90f61c9353c4b
cd8f0f97378def3f8016e281547e6334c644974b3ab68a338dbe40dd3fa3b148
db04da80eac3c1467a52402fefe2f11d6d9fa937832770c8311ed66fe6aaf802
dcb0839f102cfdcf50653a4e2907630162172768e65abd804cd7885d7f1eb29e
e1fb2f4712ff5113f7b285ef30f24320891db2b5d96773b715fad2f3cbeef189
ef1ed5c86d8cee66da7105a5be9f35a110cdebea67bc8333760ef2e1058b1d9d

casualino-jsc.helpshift.com Open in urlscan Pro 2600:1f1c:c01:3100:c222:e7df:c007:47fe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

83 %IPv6

5 Domains

6 Subdomains

7 IPs

2 Countries

469 kBTransfer

936 kBSize

0 Cookies

5 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

casualino-jsc.helpshift.com Open in urlscan Pro
2600:1f1c:c01:3100:c222:e7df:c007:47fe Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

469 kB
Transfer

936 kB
Size

0
Cookies

27 HTTP transactions
1 data transactions