URL: https://heylink.me/pubgseason16/
Submission Tags: 6857696
Submission: On November 20 via api from NL

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3032::681f:50b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is heylink.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 30th 2020. Valid for: a year.
This is the only time heylink.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2600:9000:214... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.66.181.179 16509 (AMAZON-02)
12 6
Domain Requested by
3 wchat.au.freshchat.com heylink.me
wchat.au.freshchat.com
3 d3fo8cdvn06034.cloudfront.net heylink.me
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com heylink.me
1 fonts.googleapis.com heylink.me
1 heylink.me
12 6

This site contains links to these domains. Also see Links.

Domain
blog.heylink.me
www.instagram.com
www.facebook.com
www.linkedin.com
persollo.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-09-30 -
2021-09-30
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.freshchat.com
Amazon
2020-08-18 -
2021-09-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://heylink.me/pubgseason16/
Frame ID: D615133D64A68501581A7C8EF3B8E17A
Requests: 11 HTTP requests in this frame

Frame: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Frame ID: 19561D74328C1CC2E31FED1E1F3FBA94
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

12
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

744 kB
Transfer

873 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
heylink.me/pubgseason16/
19 KB
5 KB
Document
General
Full URL
https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:50b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6675adb39682b09b3beda6c308e215e11ec1c559b952ed0c588b445484b8068

Request headers

:method
GET
:authority
heylink.me
:scheme
https
:path
/pubgseason16/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 23:29:00 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d64de8ee111a9f481498ffbf5464c33041605914940; expires=Sun, 20-Dec-20 23:29:00 GMT; path=/; domain=.heylink.me; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0689966b450000dfad762a7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P6kt9MQlEkgRvRXRly%2BB4eFaGZnYv90Afms7lohW6JQH2iPnOz2c3P%2FTIcVJUHjAqhsP2oWzvRrPHFpkL6VJz6DyKpSWyNSMQ1j3NDQ5pcdJaVch3p66"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f55f35869f2dfad-FRA
content-encoding
br
style.min.css
d3fo8cdvn06034.cloudfront.net/static/dist/css/
183 KB
183 KB
Stylesheet
General
Full URL
https://d3fo8cdvn06034.cloudfront.net/static/dist/css/style.min.css?v=f353343ff9130e8a50b3355c8208773d
Requested by
Host: heylink.me
URL: https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d600:15:304c:7c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbaf3ccdc1cd7f4d488567cedd4c48cf2be209cab74de1d08e8a007e4aaa81bb

Request headers

Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 08:23:56 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 15:29:36 GMT
server
AmazonS3
age
54305
etag
"31129f41f62e7d9d55b9502e8d9c60a7"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
186893
x-amz-cf-id
lhGvfi1qsUtQTCwGBoufpzMK4z605lsgjh2nH5c5IaCpisR7r5x8kA==
css2
fonts.googleapis.com/
5 KB
656 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Requested by
Host: heylink.me
URL: https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ac08bbea44fe7aed2aa3de3bdf19086cac3b81a0269de591195ca85a495305c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Nov 2020 23:29:00 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Fri, 20 Nov 2020 23:29:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:29:00 GMT
not-found%402x.png
d3fo8cdvn06034.cloudfront.net/static/img/
478 KB
479 KB
Image
General
Full URL
https://d3fo8cdvn06034.cloudfront.net/static/img/not-found%402x.png
Requested by
Host: heylink.me
URL: https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d600:15:304c:7c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d9cc11f8db73b9deb3d30cd6f9bfe39f4713b0bc68b8414f319d96508aaaf2e

Request headers

Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 04:43:40 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 15:29:39 GMT
server
AmazonS3
age
67521
etag
"20fe90c0f90a91926d13f12c76adf1d5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
489183
x-amz-cf-id
I39wE4D3JPr9qy3cBB2WjB2wcmFvKvha028HDjsZ_PNR1xXyGUXFAg==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: heylink.me
URL: https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Origin
https://heylink.me
Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 23:29:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
45054
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
27958
cf-request-id
0689966c200000177a330a3000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
etag
"5eb09ed3-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8dBn%2BE3FXKet2PJAiorN6ArvBDGisLbMVFmMgeWu9BfkpZwPcBwwvVLOfg47aHKITO4hU4UZhE1yLMgYHEKVFaI579rPD55beGGXCEA50tpQHrarM65dXyJOgut37R0H2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f55f359ce9d177a-FRA
expires
Wed, 10 Nov 2021 23:29:00 GMT
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/
24 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js
Requested by
Host: heylink.me
URL: https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Origin
https://heylink.me
Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 23:29:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
45050
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
6970
cf-request-id
0689966c210000177a9537d000000001
timing-allow-origin
*
last-modified
Fri, 29 May 2020 16:54:59 GMT
server
cloudflare
etag
"5ed13e63-5f7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GCMNX6G5%2Fs9x%2B4K7WQfAo6PgjE%2FTE%2FJsFs2dxUk83QeaKYnT%2BYE%2B6PZ86YM99sljULBAZf9MJ16dlTjzxsShCMxQ1Vr7I3yKv7RtfuEbSF0MoaVfI3jKQ4nZ%2F4QcY8T%2FsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f55f359ce9e177a-FRA
expires
Wed, 10 Nov 2021 23:29:00 GMT
scripts.min.js
d3fo8cdvn06034.cloudfront.net/static/dist/js/
12 KB
12 KB
Script
General
Full URL
https://d3fo8cdvn06034.cloudfront.net/static/dist/js/scripts.min.js?v=f353343ff9130e8a50b3355c8208773d
Requested by
Host: heylink.me
URL: https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d600:15:304c:7c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45a77db1cd2ecf4a73066f9368591db4dacf1fdb96e99fa3d446b2148116bb08

Request headers

Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 19:04:24 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 15:29:36 GMT
server
AmazonS3
age
86585
etag
"6c97973cc2e308de53744d983f785489"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
11880
x-amz-cf-id
TwO3nk4xqsBIapQmG-F4-kCVSg07xKg84c20RKu8-snLuqZTFsdGqQ==
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://heylink.me
Referer
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 22:12:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
522974
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Sun, 14 Nov 2021 22:12:46 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://heylink.me
Referer
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 22:12:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
522974
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Sun, 14 Nov 2021 22:12:46 GMT
widget.js
wchat.au.freshchat.com/js/
43 KB
13 KB
Script
General
Full URL
https://wchat.au.freshchat.com/js/widget.js
Requested by
Host: heylink.me
URL: https://heylink.me/pubgseason16/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.181.179 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-181-179.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
83e20ca514050b073aabaa03dda3e39206fe6159120a84856b20b405179f6b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 23:29:01 GMT
served-by
hqervpby
last-modified
Fri, 20 Nov 2020 14:35:39 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server
hqervpby
content-encoding
gzip
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
wchat.au.freshchat.com/widget/ Frame 1956
0
0
Document
General
Full URL
https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Requested by
Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.181.179 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-181-179.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
wchat.au.freshchat.com
:scheme
https
:path
/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heylink.me/pubgseason16/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://heylink.me/pubgseason16/

Response headers

date
Fri, 20 Nov 2020 23:29:01 GMT
content-type
text/html
server
nginx
last-modified
Fri, 20 Nov 2020 14:35:39 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
served-by
mfjwvhma
x-server
mfjwvhma
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding
gzip
widget.css
wchat.au.freshchat.com/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://wchat.au.freshchat.com/css/widget.css?t=1605914941706
Requested by
Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.181.179 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-181-179.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
68de86e9cd4e23918bc0b670265741e54b1c4b969b3cfbd37ceca62dc0ef1fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heylink.me/pubgseason16/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 23:29:01 GMT
served-by
hqervpby
last-modified
Fri, 20 Nov 2020 14:35:39 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=31536000, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, public
x-server
hqervpby
content-encoding
gzip
x-xss-protection
1; mode=block
expires
Sat, 20 Nov 2021 23:29:01 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery number| someVariable number| fbAppId function| initFreshChat function| initialize function| initiateCall object| fcWidget

1 Cookies

Domain/Path Name / Value
.heylink.me/ Name: __cfduid
Value: d64de8ee111a9f481498ffbf5464c33041605914940

1 Console Messages

Source Level URL
Text
console-api log URL: https://d3fo8cdvn06034.cloudfront.net/static/dist/js/scripts.min.js?v=f353343ff9130e8a50b3355c8208773d(Line 1)
Message:
100500