heylink.me Open in urlscan Pro
2606:4700:10::ac43:798 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.otsu.ed.jp/kara-e/cgi-bin/navi/navi.cgi?site=25&url=https://heylink.me/ppvlsrvcs?=hNO5KAMv
Effective URL:
https://heylink.me/deactivated/
Submission: On July 02 via api (July 2nd 2021, 9:34:40 pm UTC) from BE

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 2606:4700:10::ac43:798, located in United States and belongs to CLOUDFLARENET, US. The main domain is heylink.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2021. Valid for: a year.

This is the only time heylink.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	210.236.184.75 210.236.184.75	9351 (ZLAN ZTV CO.) (ZLAN ZTV CO.)
3 7	2606:4700:10:... 2606:4700:10::ac43:798	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.212.209.68 34.212.209.68	16509 (AMAZON-02) (AMAZON-02)
21	8

1 210.236.184.75 (Tsu, Japan) 1 redirects

ASN9351 (ZLAN ZTV CO.,LTD, JP)
PTR: www.otsu.ed.jp

www.otsu.ed.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:798 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-f.heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.209.68 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-209-68.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	heylink.me 3 redirects heylink.me cdn-f.heylink.me	55 KB
5	googleapis.com fonts.googleapis.com	5 KB
4	stripe.com js.stripe.com m.stripe.com	58 KB
3	gstatic.com fonts.gstatic.com	23 KB
2	stripe.network m.stripe.network	19 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	33 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	otsu.ed.jp 1 redirects www.otsu.ed.jp	264 B
21	8

	Domain	Requested by
5	fonts.googleapis.com	heylink.me
5	heylink.me	3 redirects static.cloudflareinsights.com
3	fonts.gstatic.com	fonts.googleapis.com
3	js.stripe.com	ajax.cloudflare.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	cdn-f.heylink.me	heylink.me ajax.cloudflare.com
1	m.stripe.com	m.stripe.network
1	cdnjs.cloudflare.com	ajax.cloudflare.com
1	static.cloudflareinsights.com	heylink.me
1	ajax.cloudflare.com	heylink.me
1	www.otsu.ed.jp	1 redirects
21	11

This site contains links to these domains. Also see Links.

Domain
app.heylink.me

Subject Issuer	Validity	Valid
heylink.me Cloudflare Inc ECC CA-3	`2021-03-31` - `2022-03-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-04-14` - `2021-08-04`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-16` - `2021-08-04`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://heylink.me/deactivated/
Frame ID: D8F69F603F6F8598F974015F88A4583E
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Frame ID: 76CE8BF69EA6A3EAB719D0680BF40E9F
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DA83FF7966238C7FC859BBC7979B67DE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.otsu.ed.jp/kara-e/cgi-bin/navi/navi.cgi?site=25&url=https://heylink.me/ppvlsrvcs?=hNO5KAMv HTTP 302
https://heylink.me/ppvlsrvcs HTTP 308
https://heylink.me/ppvlsrvcs/ HTTP 302
https://heylink.me/deactivated HTTP 308
https://heylink.me/deactivated/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

11
Subdomains

8
IPs

3
Countries

198 kB
Transfer

1114 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.heylink.me/signup
Title: Start for free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.otsu.ed.jp/kara-e/cgi-bin/navi/navi.cgi?site=25&url=https://heylink.me/ppvlsrvcs?=hNO5KAMv HTTP 302
https://heylink.me/ppvlsrvcs HTTP 308
https://heylink.me/ppvlsrvcs/ HTTP 302
https://heylink.me/deactivated HTTP 308
https://heylink.me/deactivated/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3-29

404

Primary Request / Show response
heylink.me/deactivated/
Redirect Chain

http://www.otsu.ed.jp/kara-e/cgi-bin/navi/navi.cgi?site=25&url=https://heylink.me/ppvlsrvcs?=hNO5KAMv
https://heylink.me/ppvlsrvcs?
https://heylink.me/ppvlsrvcs/
https://heylink.me/deactivated
https://heylink.me/deactivated/

8 KB
3 KB

220ms
220ms

Document
text/html

2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heylink.me/deactivated/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a1616c0374c5be0f04a3ae09f8cd606d13d4aaec46055839347ae92d314a60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: heylink.me
:scheme: https
:path: /deactivated/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Cookie
set-cookie: session=eyJsYW5ndWFnZSI6bnVsbH0.YN-GXQ.opBZV2Pbs8-0TOIGTroiU3A50eY; HttpOnly; Path=/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 668aff689e5c1752-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Fri, 02 Jul 2021 21:34:21 GMT
content-type: text/html; charset=utf-8
location: https://heylink.me/deactivated/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 668aff672bc21752-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 style.min.css
cdn-f.heylink.me/static/dist/css/ 578 KB
44 KB 35ms
24ms Stylesheet
text/css 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=4e6d00c993818c0b5f1314112c8603cd
Requested by: Host: heylink.me
URL: https://heylink.me/deactivated/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ba4c87a30f04058ab8af9d87cb61a9838e1c9abb68478e1afaf9ab73105703

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 06:35:01 GMT
server: cloudflare
age: 16
etag: W/"ce7a30a6201837d8092932ee83baaf6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 668aff6a09e60629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: C9D6S68REJW51B3N
x-amz-id-2: CZuIIu1VvNaMa9KxnIOBaj2xCSVFoowuGGFnPQ4iBCown33nEi4YwPwALWLZatVyfZgB4MyqJqI=

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
646 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/deactivated/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11fd0a8e8538307bd300a009554f6021dae85d5ce8672289a9fca13115904fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:18:02 GMT
server: ESF
date: Fri, 02 Jul 2021 21:34:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:34:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 44 KB
3 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Acme&family=Averia+Sans+Libre&family=Cabin:wght@500&family=Dosis:wght@500&family=Fredoka+One&family=Kalam&family=Libre+Baskerville&family=Londrina+Solid&family=Merienda&family=Montserrat:wght@500&family=Nova+Round&family=Open+Sans&family=Oswald:wght@500&family=Playfair+Display:wght@500&family=Prosto+One&family=Quicksand:wght@500&family=Righteous&family=Rock+Salt&family=Rokkitt:wght@500&family=Special+Elite&family=Press+Start+2P&family=Anton&family=Architects+Daughter&family=Barrio&family=Berkshire+Swash&family=Fredericka+the+Great&family=Gochi+Hand&family=Lobster+Two&family=Monofett&family=Racing+Sans+One&family=Secular+One&family=Carter+One&family=Leckerli+One&family=Amaranth&family=Itim&family=Love+Ya+Like+A+Sister&family=Magra&family=Marcellus&family=Marmelad&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;800&family=Philosopher:wght@400;700&family=McLaren&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/deactivated/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa15630f2cab6a89fc2c0ef0832c1ede9c109aef408a3ddd5c2ab34ecca5d98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:16:01 GMT
server: ESF
date: Fri, 02 Jul 2021 21:34:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:34:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
550 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Balsamiq+Sans&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/deactivated/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a506b17884b21f9615f54e87ec7de4e7f038da50606f9abd6cd1ec930003d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:07:38 GMT
server: ESF
date: Fri, 02 Jul 2021 21:34:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:34:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 397 B
385 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Changa+One&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/deactivated/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2f7f4b6de31377d06ba72aba1118c84cdc20c33e3c48ef24ab22e59560715eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:21:25 GMT
server: ESF
date: Fri, 02 Jul 2021 21:34:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:34:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
510 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Paytone+One&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/deactivated/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bec84335e6987324d0d1e511b81f94d2b73d822a6c0a4925070d52fe4e44b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:34:21 GMT
server: ESF
date: Fri, 02 Jul 2021 21:34:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:34:21 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 31ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/deactivated/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b0abdf65400004e25f010a000000001
last-modified: Tue, 29 Jun 2021 09:14:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60dae47a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7ALEhlLZ1MCzq8VcharfCHqxPerLHyiTa047Ou%2FSE%2BdLokk3PZZnXqBCaZ0nUZ%2BgrT8CuJvwRURj9bod1uXl5Ft2VnF22jPFtI%2Fq%2F2HYyus%2Bzip5ea6mL23gVypDCGx%2FzvwvVJyoPfsvre62"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 668aff6a1a5b4e25-FRA
expires: Sun, 04 Jul 2021 21:34:21 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 33ms
15ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: heylink.me
URL: https://heylink.me/deactivated/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:21 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 668aff6a1c9cd6b5-FRA

GET
H3-29 200 scripts.min.js Show response
cdn-f.heylink.me/static/dist/js/ 28 KB
6 KB 31ms
31ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/scripts.min.js?v=4e6d00c993818c0b5f1314112c8603cd
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a3de52aca1fb680252574b899085edb5fe5acdf2734f7a172214649977e55f

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 06:35:00 GMT
server: cloudflare
age: 647
etag: W/"c5960b5a77c3f62e64d4b0d5ab02e79a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 668aff6a393a1752-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: C9D6DJMVABH58A0Z
x-amz-id-2: VA9YtNCYnMtvuZEcnPKwOdGAyUItGY0n3D7wUliLI6zYcBy+lhCu/LDpIPgrUQ1tixi9Gjdr1z8=

GET
H2 200 / Show response
js.stripe.com/v3/ 225 KB
56 KB 729ms
26ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f3fff0ffb2e6bafdfbaddb4036cc2d80c3f5fd1dd430a0fb22b1b049cbdb81a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:22 GMT
content-encoding: br
vary: Accept-Encoding
age: 271
via: 1.1 varnish
x-cache: HIT
content-length: 57185
x-amz-id-2: B7kcx6BnNR6bGvjVt9ZPkj/I8iMHW/Sk0szk2y3X67gEmD7SZ9Jwuvvd4wnaAC/zVh6u4qAoSrY=
x-served-by: cache-hhn4071-HHN
timing-allow-origin: *
last-modified: Fri, 02 Jul 2021 17:46:46 GMT
server: AmazonS3
etag: "de9dd87c5a17cc298ed49a178e0d690b"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: WCXT0DBEZ8ZKEA7Y
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 81

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://heylink.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 11:45:40 GMT
x-content-type-options: nosniff
age: 208121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 11:45:40 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://heylink.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:12:38 GMT
x-content-type-options: nosniff
age: 163303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 00:12:38 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://heylink.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 05:48:37 GMT
x-content-type-options: nosniff
age: 229544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7844
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 05:48:37 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 28ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://heylink.me
Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1394086
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27958
cf-request-id: 0ab7a5e86c0000978a3a234000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vso0hJikaOoF9RyoHaxwUIixmVBWEIYJdNBxLH9sBjjjnu5RDeOoHNq96F84YXCHMWTBSuQ6yBezrL8JR1HMwgHsrRaHwboOtZzN7V4VIfQGF11eHxvHSOnZ1e2ZBuyE%2F%2F2dojmPz6pr%2BCJnXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 668aff6f2af14abd-FRA
expires: Wed, 22 Jun 2022 21:34:22 GMT

GET
H2 200 m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Show response
js.stripe.com/v3/ Frame 76CE 215 B
512 B 28ms
27ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heylink.me/deactivated/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heylink.me/deactivated/

Response headers

x-amz-id-2: 3teI+NnzvNdIxkqn1Nk1XKEjJimN/PBF3ayteLwX9RXCw2iuPb7iyWEvNLFVx/TQsBVY/mhozU8=
x-amz-request-id: SYXQQ0D9JBD9ZZ0N
last-modified: Tue, 29 Jun 2021 17:25:38 GMT
etag: "5564a2ae650989ada0dc7f7250ae34e9"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Jul 2021 21:34:22 GMT
via: 1.1 varnish
age: 266
x-served-by: cache-hhn4071-HHN
x-cache: HIT
x-cache-hits: 436
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

POST
H3-29 200 rum Show response
heylink.me/cdn-cgi/ 0
163 B 17ms
17ms XHR
text/plain 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heylink.me/cdn-cgi/rum?req_id=668aff689e5c1752

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://heylink.me
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: session=eyJsYW5ndWFnZSI6bnVsbH0.YN-GXQ.opBZV2Pbs8-0TOIGTroiU3A50eY
content-length: 5861
:path: /cdn-cgi/rum?req_id=668aff689e5c1752
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: heylink.me
referer: https://heylink.me/deactivated/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://heylink.me/deactivated/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Fri, 02 Jul 2021 21:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://heylink.me
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 668aff6f6a701752-FRA
vary: Origin

GET
H2 200 m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 76CE 1 KB
820 B 24ms
24ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:34:22 GMT
content-encoding: br
vary: Accept-Encoding
age: 106
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: l+IZ8HlhZYRNgG0zSZX+S2cUP1SC01TyBbVRAEQ7NrhqQf04XeHvcdI1zK04UKjvi0iEZ55mbvg=
x-served-by: cache-hhn4071-HHN
timing-allow-origin: *
last-modified: Tue, 29 Jun 2021 17:25:39 GMT
server: AmazonS3
etag: "78581b5abad6c4e7b59c0f8ee45a8134"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: P9AZ6QQWQV9N61J5
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 181

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DA83 932 B
996 B 30ms
28ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Thu, 20 May 2021 17:57:41 GMT
etag: W/"60a6a315-3a4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Jul 2021 21:34:22 GMT
age: 67
x-served-by: cache-sea4439-SEA, cache-hhn4071-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 142
x-timer: S1625261663.694875,VS0,VE0
vary: Accept-Encoding
content-length: 537

GET
H2 200 out-4.5.35.js Show response
m.stripe.network/ Frame DA83 85 KB
18 KB 24ms
24ms Script
application/x-javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.35.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"60a6a315-153a9"
age: 55
x-cache: HIT, HIT
content-length: 18319
x-served-by: cache-sea4443-SEA, cache-hhn4071-HHN
last-modified: Thu, 20 May 2021 17:57:41 GMT
server: nginx
x-timer: S1625261663.726716,VS0,VE0
date: Fri, 02 Jul 2021 21:34:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 116

POST
H2 200 6 Show response
m.stripe.com/ Frame DA83 156 B
519 B 545ms
183ms XHR
text/plain 34.212.209.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.212.209.68 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-212-209-68.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a4ce4ebb3c403e943a4fdd5aa01b3f1d4761e28c1bb3b5929e3e1834b2436a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 21:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			heylink.me/	1969-12-31 23:59:59	Name: session Value: eyJsYW5ndWFnZSI6bnVsbH0.YN-GXQ.opBZV2Pbs8-0TOIGTroiU3A50eY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'innerHTML' of null TypeError: Cannot read property 'innerHTML' of null at HTMLDocument.<anonymous> (https://cdn-f.heylink.me/static/dist/js/scripts.min.js?v=4e6d00c993818c0b5f1314112c8603cd:47:407) at e (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js:2:30005) at t (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js:2:30307) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
cdn-f.heylink.me
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
heylink.me
js.stripe.com
m.stripe.com
m.stripe.network
static.cloudflareinsights.com
www.otsu.ed.jp
151.101.112.176
210.236.184.75
2606:4700:10::ac43:798
2606:4700::6810:125e
2606:4700::6810:5f41
2606:4700::6810:a823
2a00:1450:4001:802::200a
2a00:1450:4001:827::2003
34.212.209.68
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
11fd0a8e8538307bd300a009554f6021dae85d5ce8672289a9fca13115904fd7
2f3fff0ffb2e6bafdfbaddb4036cc2d80c3f5fd1dd430a0fb22b1b049cbdb81a
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
3a506b17884b21f9615f54e87ec7de4e7f038da50606f9abd6cd1ec930003d7f
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44a3de52aca1fb680252574b899085edb5fe5acdf2734f7a172214649977e55f
4bec84335e6987324d0d1e511b81f94d2b73d822a6c0a4925070d52fe4e44b81
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
a4ce4ebb3c403e943a4fdd5aa01b3f1d4761e28c1bb3b5929e3e1834b2436a93
aa15630f2cab6a89fc2c0ef0832c1ede9c109aef408a3ddd5c2ab34ecca5d98b
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b5a1616c0374c5be0f04a3ae09f8cd606d13d4aaec46055839347ae92d314a60
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2f7f4b6de31377d06ba72aba1118c84cdc20c33e3c48ef24ab22e59560715eb
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8ba4c87a30f04058ab8af9d87cb61a9838e1c9abb68478e1afaf9ab73105703

heylink.me Open in urlscan Pro 2606:4700:10::ac43:798 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

67 %IPv6

8 Domains

11 Subdomains

8 IPs

3 Countries

198 kBTransfer

1114 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

heylink.me Open in urlscan Pro
2606:4700:10::ac43:798 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

11
Subdomains

8
IPs

3
Countries

198 kB
Transfer

1114 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions