urlscan.io logo urlscan.io
SecurityTrails logo

account.hellgate.dev Open in urlscan Pro
54.228.227.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.ubersicht.dev/
Effective URL: https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Submission: On September 04 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 54.228.227.152, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is account.hellgate.dev.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on August 1st 2024. Valid for: 3 months.
This is the only time account.hellgate.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 13.107.253.44 8075 (MICROSOFT...)
1 142.250.186.42 15169 (GOOGLE)
1 13.227.219.75 16509 (AMAZON-02)
1 3.124.202.82 16509 (AMAZON-02)
1 172.217.18.3 15169 (GOOGLE)
2 11 54.228.227.152 16509 (AMAZON-02)
1 18.157.248.127 16509 (AMAZON-02)
18 7
5    13.107.253.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
app.ubersicht.dev
app.hellgate.dev
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    13.227.219.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-75.ams54.r.cloudfront.net
eu.fw-cdn.com
1    3.124.202.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-202-82.eu-central-1.compute.amazonaws.com
starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
11    54.228.227.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
account.hellgate.dev
1    18.157.248.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-248-127.eu-central-1.compute.amazonaws.com
starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com
Apex Domain
Subdomains		 Transfer
15 hellgate.dev
app.hellgate.dev
account.hellgate.dev
2 MB
2 freshchat.com
starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com
22 KB
1 gstatic.com
fonts.gstatic.com
39 KB
1 fw-cdn.com
eu.fw-cdn.com — Cisco Umbrella Rank: 160986
86 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 ubersicht.dev
app.ubersicht.dev
149 B
18 6
Domain Requested by
11 account.hellgate.dev 2 redirects app.hellgate.dev
account.hellgate.dev
4 app.hellgate.dev app.hellgate.dev
2 starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com eu.fw-cdn.com
starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com
1 fonts.gstatic.com fonts.googleapis.com
1 eu.fw-cdn.com app.hellgate.dev
1 fonts.googleapis.com app.hellgate.dev
1 app.ubersicht.dev 1 redirects
18 7

This site contains no links.

Subject Issuer Validity Valid
app.hellgate.dev
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-10 -
2025-06-10		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.fw-cdn.com
Amazon RSA 2048 M02		 2023-12-24 -
2025-01-21		 a year crt.sh
*.freshchat.com
Amazon RSA 2048 M02		 2023-12-17 -
2025-01-14		 a year crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
account.hellgate.dev
ZeroSSL ECC Domain Secure Site CA		 2024-08-01 -
2024-10-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Frame ID: E5F14208EC9AE9A41EB3D21E73BE21F0
Requests: 16 HTTP requests in this frame

Frame: https://starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com/widget/config_iframe.html?host=https://starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com&token=f90da443-098f-4a52-a2c9-9a84de2707af&origin=https://app.hellgate.dev
Frame ID: F1A743AEC60E2095C1535145BAF8C453
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in | Hellgate

Page URL History Show full URLs

  1. https://app.ubersicht.dev/ HTTP 301
    https://app.hellgate.dev/ Page URL
  2. https://account.hellgate.dev/oauth2/auth?redirect_uri=https%3A%2F%2Fapp.hellgate.dev&client_id=8a3e3b9995... HTTP 302
    https://account.hellgate.dev/auth/cx/_:nav&m:start_authentication_pipeline&lid:a8ead4f9-e8ec-4088-845c-1e... HTTP 302
    https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

2505 kB
Transfer

6721 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.ubersicht.dev/ HTTP 301
    https://app.hellgate.dev/ Page URL
  2. https://account.hellgate.dev/oauth2/auth?redirect_uri=https%3A%2F%2Fapp.hellgate.dev&client_id=8a3e3b99957f4a71bbe0c9dd2665abef&response_type=code&scope=openid+profile+email+offline&code_challenge=ZX9ZF1MUDN0aD1RxPg8SaPVmOYa05HrvP6v5616RE-s&code_challenge_method=S256&state=d3218e4f5cd67af5fb2ed1bf5528d928bfb8033a4d4eebefc189cc8d HTTP 302
    https://account.hellgate.dev/auth/cx/_:nav&m:start_authentication_pipeline&lid:a8ead4f9-e8ec-4088-845c-1eb83e80bf3b HTTP 302
    https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://app.ubersicht.dev/ HTTP 301
  • https://app.hellgate.dev/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.hellgate.dev/
Redirect Chain
  • https://app.ubersicht.dev/
  • https://app.hellgate.dev/
833 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hellgate.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2805c8ad9f8f534cf0abf1ec6d99bb6f601420aece0e79fd12c9852618e44d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
833
content-type
text/html
date
Wed, 04 Sep 2024 12:26:08 GMT
etag
"0x8DCC8F7CC951AF1"
last-modified
Fri, 30 Aug 2024 13:29:39 GMT
x-azure-ref
20240904T122608Z-r15b8bc659bvzfjdz23cuwbbxs0000000ef000000000kc8r
x-cache
TCP_REVALIDATED_HIT
x-fd-int-roxy-purgeid
75288480
x-ms-request-id
acae7d0b-f01e-0045-64e8-fa91f5000000
x-ms-version
2018-03-28

Redirect headers

content-length
0
content-type
text/html
date
Wed, 04 Sep 2024 12:26:07 GMT
location
https://app.hellgate.dev/
x-azure-ref
20240904T122607Z-r15b8bc659brmbqxsepwv7p12n0000000eng000000004555
x-cache
CONFIG_NOCACHE
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;500;600;700;800&display=swap
Requested by
Host: app.hellgate.dev
URL: https://app.hellgate.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
ae8589fd0d8cbc9eee8e9503a37fe028ebbbcb346a87f40351c4d526fe3c0330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.hellgate.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Sep 2024 12:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Sep 2024 12:16:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Sep 2024 12:26:09 GMT
index-BNa-2nHq.js
app.hellgate.dev/assets/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hellgate.dev/assets/index-BNa-2nHq.js
Requested by
Host: app.hellgate.dev
URL: https://app.hellgate.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
586337be0e4219b657b316ab5541dda4ba6b7e9c0a46200c26128c7879f5a28f

Request headers

Referer
https://app.hellgate.dev/
Origin
https://app.hellgate.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:26:09 GMT
content-encoding
br
last-modified
Fri, 30 Aug 2024 13:29:52 GMT
etag
W/"0x8DCC8F7D42DA3E5"
vary
Accept-Encoding
x-azure-ref
20240904T122608Z-r15b8bc659bvzfjdz23cuwbbxs0000000ef000000000kc98
content-type
application/javascript
x-ms-request-id
f85996c2-f01e-00a1-50e8-fa9f6b000000
x-cache
TCP_REVALIDATED_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
75288480
index-w3QYFPJU.css
app.hellgate.dev/assets/ 		657 KB
178 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.hellgate.dev/assets/index-w3QYFPJU.css
Requested by
Host: app.hellgate.dev
URL: https://app.hellgate.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e6dd607374a6d653ee24926d08aa23aeb10a2c65228daf996dadd809cbbf0af

Request headers

Referer
https://app.hellgate.dev/
Origin
https://app.hellgate.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:26:09 GMT
content-encoding
br
last-modified
Fri, 30 Aug 2024 13:29:45 GMT
etag
W/"0x8DCC8F7D03C1614"
vary
Accept-Encoding
x-azure-ref
20240904T122608Z-r15b8bc659bvzfjdz23cuwbbxs0000000ef000000000kc97
content-type
text/css
x-ms-request-id
05870486-501e-0011-28e8-fadea2000000
x-cache
TCP_REVALIDATED_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
75288480
750751.js
eu.fw-cdn.com/12761667/ 		343 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.fw-cdn.com/12761667/750751.js
Requested by
Host: app.hellgate.dev
URL: https://app.hellgate.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-75.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
607679ad33a9001679578293bf52f5f51b47219552d0ab5e6fa0e7f83a5d0fc0

Request headers

Referer
https://app.hellgate.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:26:10 GMT
x-amz-version-id
DIQoRuFyhn3o2vNMWJ0dXzJJhoqUGtui
content-encoding
br
last-modified
Mon, 22 Apr 2024 15:33:52 GMT
server
AmazonS3
via
1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"6fd8dd7c199e06778a37aac2148bd2dd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=120
x-amz-cf-id
CK5xKlAO-d8yx5YR6Gvn3T1M0A0Zh1w1yaD2SwzWYKOaYIIYSn-kBQ==
widget.js
starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com/js/widget.js
Requested by
Host: eu.fw-cdn.com
URL: https://eu.fw-cdn.com/12761667/750751.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.202.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-202-82.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
0fd2de8ff930464650cff804d62b4893f041b5b9b011bd58e1b9d3ca8ca1af8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.hellgate.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-trace-id
00-5b8e998acdbb131e8caecaf4261bbcd9-7ba2d7ebfebc35ce-00
date
Wed, 04 Sep 2024 12:26:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Aug 2024 06:05:09 GMT
server
fwe
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
ctlxr
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
x-request-id
2892d3a8-96d6-49a5-a4b3-c6dfcc5b41ae
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.hellgate.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 22:14:45 GMT
x-content-type-options
nosniff
age
396687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39124
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 22:14:45 GMT
token
account.hellgate.dev/oauth2/ 		223 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/oauth2/token
Requested by
Host: app.hellgate.dev
URL: https://app.hellgate.dev/assets/index-BNa-2nHq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f31a226e418442ef53f5369540c08eb23c31ae65d67f07673279d1b4e74e1f0f

Request headers

Referer
https://app.hellgate.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
kinde-sdk
React/3.0.28
content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://app.hellgate.dev
date
Wed, 04 Sep 2024 12:26:12 GMT
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000
content-length
223
vary
Origin
content-type
text/plain; charset=utf-8
favicon.png
app.hellgate.dev/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.hellgate.dev/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b85ed726b633c6735550cb185ff960d9a960b301870657afbf382d4edd2af35

Request headers

Referer
https://app.hellgate.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:26:12 GMT
last-modified
Fri, 30 Aug 2024 13:29:54 GMT
etag
"0x8DCC8F7D597FB4E"
x-azure-ref
20240904T122612Z-r15b8bc659bvzfjdz23cuwbbxs0000000ef000000000kcfm
x-cache
TCP_REVALIDATED_HIT
content-type
image/png
x-ms-request-id
8b27dda8-501e-004c-54e8-fad426000000
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
75288480
accept-ranges
bytes
content-length
2093
token
account.hellgate.dev/oauth2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/oauth2/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
kinde-sdk
Access-Control-Request-Method
POST
Origin
https://app.hellgate.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*, Kinde-SDK
access-control-allow-methods
GET, POST
access-control-allow-origin
https://app.hellgate.dev
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 04 Sep 2024 12:26:12 GMT
vary
Origin
config_iframe.html
starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com/widget/ Frame F1A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com/widget/config_iframe.html?host=https://starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com&token=f90da443-098f-4a52-a2c9-9a84de2707af&origin=https://app.hellgate.dev
Requested by
Host: starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com
URL: https://starfishgmbhco-9bf7fa7b57dc22317138267.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.248.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-248-127.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.hellgate.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Wed, 04 Sep 2024 12:26:12 GMT
last-modified
Mon, 26 Aug 2024 06:05:09 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
9
x-fw-ratelimiting-managed
false
x-request-id
82b6879a-b667-9d36-8d3e-bee03fe3f263
x-server
sjs64
x-trace-id
00-561a61343490b7eb6a9dab70da53879b-8121e3e13a461187-01
x-xss-protection
1; mode=block
Primary Request _:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
account.hellgate.dev/auth/cx/
Redirect Chain
  • https://account.hellgate.dev/oauth2/auth?redirect_uri=https%3A%2F%2Fapp.hellgate.dev&client_id=8a3e3b99957f4a71bbe0c9dd2665abef&response_type=code&scope=openid+profile+email+offline&code_challenge=...
  • https://account.hellgate.dev/auth/cx/_:nav&m:start_authentication_pipeline&lid:a8ead4f9-e8ec-4088-845c-1eb83e80bf3b
  • https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Requested by
Host: app.hellgate.dev
URL: https://app.hellgate.dev/assets/index-BNa-2nHq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
63e9381c9317166a50d4488e1c81edeff6363a01fab868bfebc8cc20bc06c195
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src 'self'; connect-src 'self' https://api.stripe.com https://maps.googleapis.com ws: https://plausible.io; base-uri 'none'; font-src 'self'; frame-src https://js.stripe.com https://hooks.stripe.com; img-src 'self' https://gravatar.com https://www.gravatar.com https://wp.com data: https://js.stripe.com/v3/ https://lh3.googleusercontent.com https://avatars.githubusercontent.com; object-src 'none'; script-src 'self' 'nonce-nmYd2SKUXn'; style-src 'self' https://js.stripe.com https://maps.googleapis.com https://widgets.kinde.com 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.hellgate.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
must-revalidate, no-store, no-cache, private
content-encoding
gzip
content-security-policy
default-src 'none'; child-src 'self'; connect-src 'self' https://api.stripe.com https://maps.googleapis.com ws: https://plausible.io; base-uri 'none'; font-src 'self'; frame-src https://js.stripe.com https://hooks.stripe.com; img-src 'self' https://gravatar.com https://www.gravatar.com https://wp.com data: https://js.stripe.com/v3/ https://lh3.googleusercontent.com https://avatars.githubusercontent.com; object-src 'none'; script-src 'self' 'nonce-nmYd2SKUXn'; style-src 'self' https://js.stripe.com https://maps.googleapis.com https://widgets.kinde.com 'unsafe-inline'; frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 12:26:13 GMT
permissions-policy
geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=self, payment=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000
cache-control
must-revalidate, no-store, no-cache, private
content-length
0
content-security-policy
default-src 'none'; child-src 'self'; connect-src 'self' https://api.stripe.com https://maps.googleapis.com ws: https://plausible.io; base-uri 'none'; font-src 'self'; frame-src https://js.stripe.com https://hooks.stripe.com; img-src 'self' https://gravatar.com https://www.gravatar.com https://wp.com data: https://js.stripe.com/v3/ https://lh3.googleusercontent.com https://avatars.githubusercontent.com; object-src 'none'; script-src 'self' 'nonce-kTo6B6vAbm'; style-src 'self' https://js.stripe.com https://maps.googleapis.com https://widgets.kinde.com 'unsafe-inline'; frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 12:26:13 GMT
location
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
permissions-policy
geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=self, payment=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
authflow.css
account.hellgate.dev/dist/assets/css/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/dist/assets/css/authflow.css?v=fdc9edffbcd8ed06df1a3bce3241f617
Requested by
Host: account.hellgate.dev
URL: https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e681c31b01809b361b23e263546be4e1856f0e3624ad2ec549ebcd6c5c5bb88

Request headers

Referer
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:26:14 GMT
cache-control
public, max-age=86400
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000
etag
"5606cc4f0eebcd65c8d4c57368a653731113c145e169dfb8138fbe606111e5635bd783bfe8fee3361c32dc9cdae0a78c5a81e4e87e0f7083fcb11f58b2cb2a76"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
logo_dark
account.hellgate.dev/ 		45 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.hellgate.dev/logo_dark?p_org_code=&cache=6d94169339194de4909d3eb4ffc73763
Requested by
Host: account.hellgate.dev
URL: https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e0516fcc5ad1b448c01880479b4dc2484eccf50fbaaccb780b6cb77e4ced1417
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
date
Wed, 04 Sep 2024 12:26:14 GMT
x-content-type-options
nosniff
etag
"fe441f2099b17583977fac02674da0d9"
vary
Origin
x-dns-prefetch-control
off
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000
x-frame-options
deny
alt-svc
h3=":443"; ma=2592000
authflow.js
account.hellgate.dev/dist/assets/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/dist/assets/js/authflow.js?v=fdc9edffbcd8ed06df1a3bce3241f617
Requested by
Host: account.hellgate.dev
URL: https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2c2bbbe661b29b18f52573ce0e61e8bbc6b32435e4df3440cb9557670fcc1f17

Request headers

Referer
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:26:14 GMT
cache-control
public, max-age=86400
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000
etag
"34d65557095eba820d7e543066c6b6a610d82e90e6eda01c309e7dad7ecb0dc664d8e9cc76867d85c535607fb50db6f6b22028723fb559d35a1dc91a013fa9df"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
Inter-Medium.woff2
account.hellgate.dev/kui_assets/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/kui_assets/Inter-Medium.woff2
Requested by
Host: account.hellgate.dev
URL: https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fa0ae75c4ccfd3bcadafa34a9f89864c80d28c77d40bf7c8b8fbbcbb3cb95e7f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny

Request headers

Referer
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Origin
https://account.hellgate.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
date
Wed, 04 Sep 2024 12:26:14 GMT
etag
"7fe6c1865e2d8b19dd03b1a376d3dbd40ae7a327eda9ea3785d1e6e0d1749d27d195a50abf421ec19b4b3ec499ac7a778603e8e85c2e9dfa47760f4ec82f4dd1"
vary
Origin
x-frame-options
deny
content-type
font/woff2
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000
Inter-Regular.woff2
account.hellgate.dev/kui_assets/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/kui_assets/Inter-Regular.woff2
Requested by
Host: account.hellgate.dev
URL: https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8fccca9facfd368314d80528351c2d5aad13ed9000614a7d010907cac405b877
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny

Request headers

Referer
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
Origin
https://account.hellgate.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
date
Wed, 04 Sep 2024 12:26:14 GMT
etag
"74796f2b0e2d5d83441f42f74b7989c5da742bebb99d54e93a57854d5b3dfe8b1c01c157e9fe73a400870b3ae137f41e6cd7d2cd4f8ba2260a882506a599f636"
vary
Origin
x-frame-options
deny
content-type
font/woff2
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000
favicon.ico
account.hellgate.dev/ 		279 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.hellgate.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.227.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-227-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
534c3d8fef6feb14c5c86de85f33dafbbc8a436436eeaeadcf1dde9fa41685f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny

Request headers

Referer
https://account.hellgate.dev/auth/cx/_:nav&m:login&psid:0f15bf85c1c24b4186cb00d64971b07b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
date
Wed, 04 Sep 2024 12:26:14 GMT
etag
"9a392ee8f3d4034724274ff81a220879f303048785311bbaded82112d1a58dd866166780a2e6685317bd905f9269ccc5502a361a84b2eb4ae046670baa90342d"
vary
Origin
x-frame-options
deny
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| parcelRequirea794

3 Cookies

Domain/Path Name / Value
.hellgate.dev/ Name: _fw_crm_v
Value: 02ebcb72-bec5-4d67-bf9a-f53adb8a1d8c
app.hellgate.dev/ Name: first_session
Value: %7B%22visits%22%3A1%2C%22start%22%3A1725452769563%2C%22last_visit%22%3A1725452769563%2C%22url%22%3A%22https%3A%2F%2Fapp.hellgate.dev%2F%22%2C%22path%22%3A%22%2F%22%2C%22referrer%22%3A%22%22%2C%22referrer_info%22%3A%7B%22host%22%3A%22%22%2C%22path%22%3A%22blank%22%2C%22protocol%22%3A%22about%3A%22%2C%22port%22%3A80%2C%22search%22%3A%22%22%2C%22query%22%3A%7B%7D%7D%2C%22search%22%3A%7B%22engine%22%3Anull%2C%22query%22%3Anull%7D%2C%22version%22%3A0.4%7D
.account.hellgate.dev/ Name: kbtc
Value: ktt_e82377e8a41441c0b2d1193d7f8d9f1d

1 Console Messages

Source Level URL
Text
network error URL: https://account.hellgate.dev/oauth2/token
Message:
Failed to load resource: the server responded with a status of 400 ()