heylink.me Open in urlscan Pro
2606:4700:10::6816:ca6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heylink.me/kinsmanjackpotbingo
Effective URL:
https://heylink.me/kinsmanjackpotbingo/
Submission: On April 05 via manual (April 5th 2022, 12:31:39 am UTC) from CA — Scanned from CA

Summary HTTP 66 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 66 HTTP transactions. The main IP is 2606:4700:10::6816:ca6, located in United States and belongs to CLOUDFLARENET, US. The main domain is heylink.me. The Cisco Umbrella rank of the primary domain is 242630.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 23rd 2022. Valid for: a year.

This is the only time heylink.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	2606:4700:10:... 2606:4700:10::6816:ca6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
8	52.63.67.156 52.63.67.156	16509 (AMAZON-02) (AMAZON-02)
13	99.84.118.92 99.84.118.92	16509 (AMAZON-02) (AMAZON-02)
1	143.204.146.128 143.204.146.128	() ()
66	11

19 2606:4700:10::6816:ca6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-f.heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.63.67.156 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

wchat.au.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 99.84.118.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-118-92.ewr52.r.cloudfront.net

assetscdn-wchat.au.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.146.128 (None, )

ASN- ()

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	freshchat.com wchat.au.freshchat.com — Cisco Umbrella Rank: 155369 assetscdn-wchat.au.freshchat.com — Cisco Umbrella Rank: 229860	658 KB
19	heylink.me 2 redirects heylink.me — Cisco Umbrella Rank: 242630 cdn-f.heylink.me — Cisco Umbrella Rank: 409607	600 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	8 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2894	70 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	36 KB
2	gstatic.com fonts.gstatic.com	16 KB
1	freshworksapi.com rts-static-prod.freshworksapi.com	25 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 431	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1209	5 KB
0	amazonaws.com Failed fc-apse2-00-pics-bkt-00.s3.amazonaws.com Failed
66	10

	Domain	Requested by
14	cdn-f.heylink.me	heylink.me
13	assetscdn-wchat.au.freshchat.com	wchat.au.freshchat.com assetscdn-wchat.au.freshchat.com
13	fonts.googleapis.com	cdn-f.heylink.me heylink.me
8	wchat.au.freshchat.com	heylink.me wchat.au.freshchat.com assetscdn-wchat.au.freshchat.com
5	heylink.me	2 redirects heylink.me static.cloudflareinsights.com
4	mc.yandex.ru	1 redirects heylink.me
2	cdnjs.cloudflare.com	heylink.me
2	fonts.gstatic.com	fonts.googleapis.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.au.freshchat.com
1	cdn.jsdelivr.net	heylink.me
1	static.cloudflareinsights.com	heylink.me
0	fc-apse2-00-pics-bkt-00.s3.amazonaws.com Failed
66	12

This site contains links to these domains. Also see Links.

Domain
blog.heylink.me
app.heylink.me
www.instagram.com
www.facebook.com
www.linkedin.com
www.pinterest.com.au
www.tiktok.com
persollo.com

Subject Issuer	Validity	Valid
heylink.me Cloudflare Inc ECC CA-3	`2022-01-23` - `2023-01-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.freshchat.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
*.au.freshchat.com Amazon	`2021-09-11` - `2022-10-10`	a year	crt.sh
freshworksapi.com Amazon	`2022-01-03` - `2023-01-31`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://heylink.me/kinsmanjackpotbingo/
Frame ID: 97EA44D7A077679AB9B9C0A5FF1D0A70
Requests: 41 HTTP requests in this frame

Frame: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Frame ID: 7673978B3678CE889AF1EF25624CE27B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 | HeyLink.meic_logoic_logo

Page URL History Show full URLs

http://heylink.me/kinsmanjackpotbingo HTTP 301
https://heylink.me/kinsmanjackpotbingo HTTP 308
https://heylink.me/kinsmanjackpotbingo/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

66
Requests

91 %
HTTPS

70 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

1417 kB
Transfer

5274 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.heylink.me/
Title: Blog & Help

Search URL Search Domain Scan URL

URL: https://app.heylink.me/?lng=en
Title: Dashboard

Search URL Search Domain Scan URL

URL: https://app.heylink.me/signup/?lng=en
Title: Start for free

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heylinkme/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeyLinkme-106050394517952

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/heylink-me/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com.au/heylinkme/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heylink.me

Search URL Search Domain Scan URL

URL: https://app.heylink.me/login/?lng=en
Title: Log In

Search URL Search Domain Scan URL

URL: https://persollo.com/
Title: Persollo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heylink.me/kinsmanjackpotbingo HTTP 301
https://heylink.me/kinsmanjackpotbingo HTTP 308
https://heylink.me/kinsmanjackpotbingo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://mc.yandex.ru/watch/69416935?wmode=7&page-url=https%3A%2F%2Fheylink.me%2Fkinsmanjackpotbingo%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A154274199416%3Ahid%3A559982479%3Az%3A0%3Ai%3A20220405003136%3Aet%3A1649118696%3Ac%3A1%3Arn%3A476796018%3Arqn%3A1%3Au%3A16491186968235387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Antf%3A1%3Ans%3A1649118693415%3Ads%3A0%2C0%2C303%2C32%2C380%2C0%2C%2C253%2C0%2C1997%2C1997%2C0%2C1044%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649118697%3At%3A404%20%7C%20HeyLink.me&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/69416935/1?wmode=7&page-url=https%3A%2F%2Fheylink.me%2Fkinsmanjackpotbingo%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A154274199416%3Ahid%3A559982479%3Az%3A0%3Ai%3A20220405003136%3Aet%3A1649118696%3Ac%3A1%3Arn%3A476796018%3Arqn%3A1%3Au%3A16491186968235387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Antf%3A1%3Ans%3A1649118693415%3Ads%3A0%2C0%2C303%2C32%2C380%2C0%2C%2C253%2C0%2C1997%2C1997%2C0%2C1044%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649118697%3At%3A404%20%7C%20HeyLink.me&t=gdpr%2814%29aw%281%29ti%282%29

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
heylink.me/kinsmanjackpotbingo/
Redirect Chain

http://heylink.me/kinsmanjackpotbingo
https://heylink.me/kinsmanjackpotbingo
https://heylink.me/kinsmanjackpotbingo/

37 KB
8 KB

303ms
302ms

Document
text/html

2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heylink.me/kinsmanjackpotbingo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e4015d9a86de37a6663c8c6aa95e3a5d8cc29509f81158cdcd19981ff93fae4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f6e2e7c4a707145-YUL
content-encoding: br
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Tue, 05 Apr 2022 00:31:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f6e2e7a7fa67145-YUL
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Tue, 05 Apr 2022 00:31:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://heylink.me/kinsmanjackpotbingo/
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
cdn-f.heylink.me/static/dist/css/ 1 MB
72 KB 41ms
27ms Stylesheet
text/css 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65097d1cdcb2595b814a9fcfa875f2a00aaf041d5747b5ca1ae2f31c11b75d6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Apr 2022 10:04:02 GMT
server: cloudflare
age: 288
etag: W/"510a88daec8aebddf42743f30a5ce865"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 6f6e2e7e4d837145-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: X6TK88V10YRN1HZ2
x-amz-id-2: sgfn/X4zakhtztyqFiEFf4d09dQeNM6CSbQgPknnt3JALFW1X1vZ3jP5qvpYLKlOS1ZDdCNMszk=

GET
H3 200 rocket-loader.min.js Show response
heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 11:29:35 GMT
server: cloudflare
etag: W/"623c561f-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6f6e2e7e3918ecf2-YUL
vary: Accept-Encoding
expires: Thu, 07 Apr 2022 00:31:34 GMT

GET
H2 200 en.svg
cdn-f.heylink.me/static/img/lang-flags/ 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/en.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d6c6bb421f69635e000e9a52d3c5d653dbc894a35ac169675f664f04ed9e90

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:45 GMT
server: cloudflare
age: 7072
etag: W/"a9fdb39892436b78f519592c7113d519"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7e5d9f7145-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KZDAB8AAGEFH89VV
x-amz-id-2: 3j2ECZNUuVKYTVvQdYDhhQnSSpYVHPL9cyhEfexfzHGVUb5ZqPtofw2Vuoqj6J0bnHBAEDOglL0=

GET
H3 200 ar.svg
cdn-f.heylink.me/static/img/lang-flags/ 56 KB
22 KB 46ms
46ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/ar.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17d09db815001c7f047ca5d503c3cdb6259a286db8cfd73f89a0b6b48ff6963

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:45 GMT
server: cloudflare
age: 7072
etag: W/"8b523bd4233e6c69b2ece5808055c91c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7e9966ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KZDEDCYCAN4E6TMA
x-amz-id-2: YJl0vSvyEvNF4SivWENrz5oW2kIwFZYZaHBhxCIF6o1KCvWunkiKQhXvwJPMfltgRn25aC8yIY4=

GET
H3 200 de.svg
cdn-f.heylink.me/static/img/lang-flags/ 652 B
782 B 35ms
35ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/de.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b178769eaf10c540f4007a9e6569e9dc5c4a4b1a47fb2c0da116a9c652b29601

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:44 GMT
server: cloudflare
age: 7071
etag: W/"e027cbe90756f54f32e68d155857d097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7e996decf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8YF7CBCZAWGH63MZ
x-amz-id-2: nuxvo29Trv2fuW3AcktzBdZTUHlutUVjYLKbDmgzJq9Dymrx7RM0im3v/7jTcNENKZnhmXZX5yM=

GET
H3 200 es.svg
cdn-f.heylink.me/static/img/lang-flags/ 629 B
774 B 39ms
38ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/es.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebeeaeacdb2a6d24e8d816dfea2394fb80bd0325f88fdce0dcdf625d84668456

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:44 GMT
server: cloudflare
age: 7070
etag: W/"f87178b10244c81c99ad1aff4631bede"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7f4a48ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8YFFBN6BRAVV2B6W
x-amz-id-2: DSOwt/yz626DV+TId8y9tF+U60AnmM8ICGCztxbf2p0YR/sxIV7lMm0Zaf9q/OCeVOXyUeYn/ug=

GET
H3 200 fr.svg
cdn-f.heylink.me/static/img/lang-flags/ 551 B
736 B 24ms
24ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/fr.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe45517282780bbc448c2e00a7ea1770bf54855adf501c5c215e8c866949306

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:45 GMT
server: cloudflare
age: 7069
etag: W/"9108d744c2c48ad59ae8ab7995f1111b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7f5a5becf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8YFDVGRWGZ1S5VKA
x-amz-id-2: F3cnQgWxC6FzgLNltf+OtA2tXML2xLSXwimghVInn+llqOjyCjOYnFRZOHcunVluzXB8vSf2HMg=

GET
H3 200 id.svg
cdn-f.heylink.me/static/img/lang-flags/ 582 B
714 B 31ms
31ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/id.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b753c810a6650c10542f6590ae995f31aaf026ed2603901dbad3e769bc1c186

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:43 GMT
server: cloudflare
age: 7069
etag: W/"0c2676ebd6d41de8c55f915256459f3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7f9aa8ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8YFEMKBY8VM14KSZ
x-amz-id-2: lAOoAZ824C1FeYOF3sl97sYqDZ3ftqCEqy+VPkL8fatzu4yelI+O9LNULIE5xZtqgbZpD2fAVR4=

GET
H3 200 it.svg
cdn-f.heylink.me/static/img/lang-flags/ 559 B
736 B 32ms
31ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/it.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 666fae2107178818882d0661bc3d44aaf787c4d2eca8694c261dfdfa81afc316

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Apr 2022 10:06:12 GMT
server: cloudflare
age: 7069
etag: W/"2e7c0be7367cc1316da4d89489f42b4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7fcad7ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0CFQQ74WPYMVBQ7F
x-amz-id-2: 3IoTJATXDu7s1z11obsVWFFW3fN6BxXNFRhchpydYnmGnPKmPBY6tEycS0bvmR9TaoA7Bf/E5V0=

GET
H3 200 pt.svg
cdn-f.heylink.me/static/img/lang-flags/ 1 KB
1000 B 1026ms
1026ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/pt.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca06c9ca6609aab15f084ae040597a3f7f1a554a8aba92d5395504ec44bb813

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Apr 2022 10:06:11 GMT
server: cloudflare
x-amz-request-id: B3RCSPCNS4SN5XVG
etag: W/"b2470ebb01a6a6b2cb637b840cf3f6b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7fdaf7ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XuTVvv+jOF/S9DOv1N6etdu1hSPb64dxwajrqek6tgu1hkKpN5vzoO5jhN8kAxJrxHy92GKZSfk=

GET
H3 200 ru.svg
cdn-f.heylink.me/static/img/lang-flags/ 847 B
830 B 25ms
24ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/ru.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ec3b0bd53fd41bcb2cb2c5632c42e7681adedbe57d99181837b48176bc483fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:43 GMT
server: cloudflare
age: 7068
etag: W/"d75bd45400cf563670c0acb33fe2021f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7feafcecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8YF6SQA4BQC6XKAN
x-amz-id-2: HUlp6B/+EuC30Gmv+3cyvQ/lMhdJkaplzoW4GaROJJy2x6u1rt17NZ8LPSRUBjUVaBESqGO69vc=

GET
H3 200 tr.svg
cdn-f.heylink.me/static/img/lang-flags/ 1 KB
951 B 24ms
22ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/tr.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29547099bbaa44f05d65c9a5fb507097a951ee29097617de67c77ca3206f3b84

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:44 GMT
server: cloudflare
age: 7068
etag: W/"f2343de0268cc3f418d31401a5e1d547"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7feb00ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8YF0372K2B1CEG4Z
x-amz-id-2: 2k3OkH835DhdgGUbuscsQkXP9x1dxF/exrpHcIDY8xuoMcsdbhr9xc+m/w4ynzSklYLjXSGwpaA=

GET
H3 200 uk.svg
cdn-f.heylink.me/static/img/lang-flags/ 571 B
701 B 40ms
38ms Image
image/svg+xml 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/lang-flags/uk.svg
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7710c9f4239e95a0a99facf82a09892706a426e4021427c7d334c8101285772

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 09:30:44 GMT
server: cloudflare
age: 7068
etag: W/"9c75a8708ab56b6140193ce6ec6150ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f6e2e7feb01ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: V0R1SNSPG4NXC3AC
x-amz-id-2: riMIjlDYpuPIXB35c+n/Vy++Na2+qanE6DpsvCDeIIDs/5aVZIASY49UzfPH7o6RNXdJqMSaX5Y=

GET
H3 200 not-found%402x.png
cdn-f.heylink.me/static/img/ 478 KB
478 KB 985ms
984ms Image
image/png 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/not-found%402x.png
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d9cc11f8db73b9deb3d30cd6f9bfe39f4713b0bc68b8414f319d96508aaaf2e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 15 Mar 2022 09:29:22 GMT
server: cloudflare
x-amz-request-id: 86DXCPQVPSCD2587
etag: "20fe90c0f90a91926d13f12c76adf1d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6f6e2e7feb03ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 489183
x-amz-id-2: rOcbAzuomDEUkm+DoVn2uKOKIuhUt/b4wzFotBRt04TYEgw8O11dWf9ixXWW4opjF7VuYcyb7aA=

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 80ms
43ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://heylink.me/kinsmanjackpotbingo/
Origin: https://heylink.me
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e2e802fcf7157-YUL

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
972 B 86ms
33ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Philosopher&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77f5d957c3c598001aa4f21a66275c6ef96b0ddc84bc513584fee9ad0d2754d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:31:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
645 B 87ms
35ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fd6ebeaa6f18c8325d62a0f350c2ab53ebe263b5fe9d7c1c0befca50bfbd3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:04:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
655 B 86ms
34ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e3fc47e9ee322cbb2238da1e858910a1de5d79ba85010bdb673f6f533b0cefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 23:49:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
501 B 88ms
36ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alice&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff0a345febc89d78cbc81b6498b75e80bcca4e13171ecd31bcffd838a5c1a754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:31:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
608 B 87ms
36ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

558fb2e7db0c4ff763ba695743501ad4cf483584e33fe637115033d8f34af578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 22:43:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
628 B 102ms
51ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Comfortaa&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd13a6b616450397c5671a22eaf02685e05635757bd90830a0e012cd8691ff63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 23:12:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
559 B 105ms
54ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Yanone+Kaffeesatz&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2852e2c62d70d2e12719a60b76161b008e31a4b4b4667b4919e6386ea1fde706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:31:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
565 B 103ms
53ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arsenal&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11ba38cd479a07ffffd96e37565b7effdb449bc2202d7f20245796d6f0a9c6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:31:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
583 B 98ms
48ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Didact+Gothic&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adcea1ef9d513a2eed5ac83cf1769d79aaa0627f8600b6d9ac2706d042b440ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:20:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
585 B 112ms
62ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lobster&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8850ed4095ed0c7d918cecbfd03e11e9926199ee58d10f085a32e1706b002af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:30:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
592 B 103ms
54ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Pacifico&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37510753bb57a96a77967d96ae46e9447e5c843b671c9b139198650df1358a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 23:00:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
492 B 101ms
52ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Russo+One&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70bf3cef0011f15993329e8ee149814b45634af4b4433a8c17550c3e87530558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=daa222b2ea47dcafc8e853f2ff90b65c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:25:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
2 KB 80ms
24ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/kinsmanjackpotbingo/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11252
x-jsd-version: 1.16.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19127-FRA, cache-yyz4521-YYZ
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f6e2e7fbf5eca5f-YUL

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
551 B 62ms
34ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb1855cb518728a6136ba0a22d680c495abbd01f109269bd0b24aeebe4f320af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 00:11:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Apr 2022 00:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 00:31:34 GMT

GET
H3 200 scripts.min.js Show response
cdn-f.heylink.me/static/dist/js/ 27 KB
6 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/scripts.min.js?v=daa222b2ea47dcafc8e853f2ff90b65c
Requested by: Host: heylink.me
URL: https://heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d16d81c50fd910753b8a48b0136023ae5d38c68cb147eaf42d71e684b918bf5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Apr 2022 10:04:01 GMT
server: cloudflare
age: 288
etag: W/"4e7cc449dce4bd77dfe46177df0cad8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6f6e2e7ffb0fecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QBK5NDRRT7JSN2XY
x-amz-id-2: huKZm/PHE6ECdIjLH3gHxFAcimwcYT2PaDa+Uo6IYjEF6T9y8vdQXdt/mJpy21oepBcqIqpx3Xw=

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 67ms
19ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heylink.me
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:58:08 GMT
x-content-type-options: nosniff
age: 448406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 19:58:08 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 66ms
22ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heylink.me
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:20:11 GMT
x-content-type-options: nosniff
age: 349883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Mar 2023 23:20:11 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 70ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/kinsmanjackpotbingo/
Origin: https://heylink.me
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 973175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT6b397698iOchXK7X%2Bp9y0LLDxiwdfWTKO%2BSZ3OwVB%2FqyONVtxh58u9QvuAzz3Q3D%2FVgvoc0k5ZRQJ0Mszdtf6VopNLkcY%2BtmvjFB952BRwTzc3bK247NqFs3nkcWf9u56XexewhI5koUmvjxrbRAFI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f6e2e8698e1715a-YUL
expires: Sun, 26 Mar 2023 00:31:35 GMT

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
8 KB 42ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/kinsmanjackpotbingo/
Origin: https://heylink.me
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2271803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6970
timing-allow-origin: *
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed13e63-5f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FP919zUnhfB%2Bzffg3Yq%2FmXrQ8CSqfTk5LlgrMQOhzCATswyNTzRCSH9Vp%2BIY4W28DRkAGNnRZ2cP6dXA57iTmBgkABAo1sdy7Q48hHqqdi%2Fvd%2BiL%2FphQA6YmpvT4MNGkgqdkl2RBtIPhIND2B5ifVfhY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f6e2e86f86decf6-YUL
expires: Sun, 26 Mar 2023 00:31:35 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
69 KB 568ms
281ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c4ce821a6b36fd4c50dd004fd0a5f183f2a57109f0697d7cb45a41a426dcde68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:35 GMT
content-encoding: br
last-modified: Fri, 01 Apr 2022 11:13:49 GMT
etag: "6246b43d-110f1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69873
expires: Tue, 05 Apr 2022 01:31:35 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.au.freshchat.com/js/ 36 KB
12 KB 873ms
428ms Script
application/javascript 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/js/widget.js

Requested by

Host: heylink.me
URL: https://heylink.me/kinsmanjackpotbingo/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

c069c310915d3c73e6b08d3a9f6a9e52cbb2dcc21e238084bac55597ca164146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:31:36 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 6f7b4236-15b9-4604-8da3-81436d52aa1b
x-trace-id: 00-8329da299f403fc6c9965b9a9d29afdc-26b5bccb2588da53-00
served-by: 4127
last-modified: Wed, 23 Mar 2022 10:53:30 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 4127
Content-Type: application/javascript

POST
H3 200 rum Show response
heylink.me/cdn-cgi/ 0
163 B 15ms
14ms XHR
text/plain 2606:4700:10::6816:ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heylink.me/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://heylink.me/kinsmanjackpotbingo/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Apr 2022 00:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://heylink.me
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6f6e2e874ba2ecf2-YUL
vary: Origin

GET
H2

200

1 Show response
mc.yandex.ru/watch/69416935/
Redirect Chain

https://mc.yandex.ru/watch/69416935?wmode=7&page-url=https%3A%2F%2Fheylink.me%2Fkinsmanjackpotbingo%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A1005%3Afu%3A0%...
https://mc.yandex.ru/watch/69416935/1?wmode=7&page-url=https%3A%2F%2Fheylink.me%2Fkinsmanjackpotbingo%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A1005%3Afu%3A...

338 B
492 B

141ms
141ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/69416935/1?wmode=7&page-url=https%3A%2F%2Fheylink.me%2Fkinsmanjackpotbingo%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A154274199416%3Ahid%3A559982479%3Az%3A0%3Ai%3A20220405003136%3Aet%3A1649118696%3Ac%3A1%3Arn%3A476796018%3Arqn%3A1%3Au%3A16491186968235387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Antf%3A1%3Ans%3A1649118693415%3Ads%3A0%2C0%2C303%2C32%2C380%2C0%2C%2C253%2C0%2C1997%2C1997%2C0%2C1044%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649118697%3At%3A404%20%7C%20HeyLink.me&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

af0db89d59979914e9cdcf61148cf90bd8f562d4bebde306ae0212516feef7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:31:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 05-Apr-2022 00:31:37 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heylink.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 05-Apr-2022 00:31:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:31:36 GMT
last-modified: Tue, 05-Apr-2022 00:31:36 GMT
location: /watch/69416935/1?wmode=7&page-url=https%3A%2F%2Fheylink.me%2Fkinsmanjackpotbingo%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A154274199416%3Ahid%3A559982479%3Az%3A0%3Ai%3A20220405003136%3Aet%3A1649118696%3Ac%3A1%3Arn%3A476796018%3Arqn%3A1%3Au%3A16491186968235387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Antf%3A1%3Ans%3A1649118693415%3Ads%3A0%2C0%2C303%2C32%2C380%2C0%2C%2C253%2C0%2C1997%2C1997%2C0%2C1044%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649118697%3At%3A404%20%7C%20HeyLink.me&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://heylink.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 05-Apr-2022 00:31:36 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 141ms
141ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:31:36 GMT
last-modified: Fri, 01 Apr 2022 11:13:49 GMT
etag: "6246b43d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 05 Apr 2022 01:31:36 GMT

GET
H/1.1 200
OK / Show response
wchat.au.freshchat.com/widget/ Frame 7673 5 KB
3 KB 433ms
215ms Document
text/html 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l

Requested by

Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

06084f2e3a1f2f2697aaac2ceb3c45d00cd8539806f2333bf2e18652b12532ec

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Tue, 05 Apr 2022 00:31:37 GMT
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified: Wed, 23 Mar 2022 10:53:30 GMT
served-by: 7972
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 9b7dc638-ff1d-4e82-bef9-dab79ab09256
x-server: 7972
x-trace-id: 00-741e66ff023fe4908afc4bcb2ea34321-49fce877f1e71cfe-00
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK widget.css
wchat.au.freshchat.com/css/ 7 KB
2 KB 217ms
215ms Stylesheet
text/css 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/css/widget.css?t=1649118696938

Requested by

Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://heylink.me/kinsmanjackpotbingo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:31:37 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 243213a3-de48-4e7e-9749-fe4392de95fa
x-trace-id: 00-69e1543a901f6bee7f612ca71d2e6217-224c1749134eda35-00
served-by: 7972
last-modified: Wed, 23 Mar 2022 10:53:30 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 7972
Content-Type: text/css
expires: Wed, 05 Apr 2023 00:31:37 GMT

GET
H2 200 vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 5 KB
2 KB 127ms
74ms Stylesheet
text/css 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
Requested by: Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"bd52f7d59d8335c4e4bb75788cab9d68"
age: 9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:49 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:31:37 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: K3VcMifBLscaf4L34zqu-tHrHjffq2Z_blAxZ6xQluOCRwa_s-mg4w==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 0
427 B 127ms
74ms Stylesheet
text/css 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Wed, 23 Mar 2022 10:53:40 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:31:37 GMT
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
x-amz-cf-id: 0kE_CK1UMNLA6z_RX6nlFR1MzCuxAyBJIz4UDLC1mmlA8gqNx5lk5g==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 vendor.737793d18e08e0d57f70d7a5824529f1.js Show response
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 684 KB
181 KB 81ms
29ms Script
text/javascript 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/vendor.737793d18e08e0d57f70d7a5824529f1.js
Requested by: Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9009adfb639dbb96fa4580bae263380904a880e70b5643bbc76fdc6c71a19472

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
etag: W/"737793d18e08e0d57f70d7a5824529f1"
age: 241
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:49 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:27:54 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: XLxpWonnBXG17SD2X6o5RhRbNai3pkL4R-Y6UY5rC0apCQ0pIBCEcw==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 2118.js Show response
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 1 MB
245 KB 30ms
30ms Script
text/javascript 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/2118.js
Requested by: Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0965922de5f02627e2d30b515c2efb2a6e022b4b95e886cd7bbc320abe1fdb50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
etag: W/"3081e413d322f27f70a7b92839c04781"
age: 6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:32 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:31:37 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: 26nJhN0Vo9N2W5jWQv1keM5VCMxj3h-OEJxSWnP5g9LxXheI6Jy3vg==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 chunk.fa794c0a70f076f0d00f.css
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 216 KB
23 KB 23ms
23ms Stylesheet
text/css 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/chunk.fa794c0a70f076f0d00f.css
Requested by: Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a20cc13e7de815d826db9a919e55209b951075688f36ff431e50deb1bc9a6a88

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
etag: W/"d11e7f50f5a948862bc1e37e5bcb861c"
age: 165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:39 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:30:34 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: _VFE4XQf_Jrc94XHGmXo92rj42Yq4893IGdM6ZdCcWghr9UDEo2c0A==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 fd-messaging.955679a3905e4219ecfc.css
assetscdn-wchat.au.freshchat.com/static/ Frame 7673 216 KB
23 KB 28ms
28ms Stylesheet
text/css 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/fd-messaging.955679a3905e4219ecfc.css
Requested by: Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a20cc13e7de815d826db9a919e55209b951075688f36ff431e50deb1bc9a6a88

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
etag: W/"d11e7f50f5a948862bc1e37e5bcb861c"
age: 6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:49 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:31:37 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: E_oYZVnvzo0WOZSH-uI9KUSt7vMEDcP4o9dNwhzq-vEirby2hisi4A==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 fd-messaging.bbfa97618e7cb92f7670.js Show response
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 669 KB
119 KB 96ms
96ms Script
text/javascript 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/fd-messaging.bbfa97618e7cb92f7670.js
Requested by: Host: wchat.au.freshchat.com
URL: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efd525c877d1c3ebe0ebfc781de35bfcb1ff7b7a860d00e4966996e9e9ed14f7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
etag: W/"2be0acbc1b7aca40ac8af52cbb39720b"
age: 24
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:39 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:31:37 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: b8ccAlLSJQHIZ9gG3CbT27irMyAruyWt-uFMCQJliKjr4Gif5O793A==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/au/ Frame 7673 81 KB
25 KB 71ms
21ms Script
text/javascript 143.204.146.128

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/au/rts-min.js
Requested by: Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/fd-messaging.bbfa97618e7cb92f7670.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.128 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5dbb4ce6bfa26f569908d2bca1baf07cd73f5c2e1eba317c615e6a2c10a209

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 3FV788NvBaEvjg_kK5QILfU69bDiXVaM
content-encoding: gzip
etag: W/"84667f61de461fc4542685de60344251"
last-modified: Mon, 28 Mar 2022 08:10:07 GMT
server: AmazonS3
age: 1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 983a291908f1fa8f6ee8dc2761eb6b2c.cloudfront.net (CloudFront)
cache-control: no-cache
date: Tue, 05 Apr 2022 00:31:38 GMT
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: 1e0brh-wHpiHidyFMyhHuoyBQPnuJ4YroL_d4pF_O4hnw85WhPyTvw==

GET
H2 200 chunk.5060f74e9641d73d3f95.js Show response
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 3 KB
2 KB 21ms
20ms Script
text/javascript 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/chunk.5060f74e9641d73d3f95.js
Requested by: Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/fd-messaging.bbfa97618e7cb92f7670.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e10cbaf29484533d20f48d8ff71f909b8b1a3674d2fcfbcedfa17b89a373a1c1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"732d2ff2abc02f4aaf496d6968142fd1"
age: 240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:35 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:30:36 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: ikE6gmEn4FzshD2HjhNTyYGNrhFtiXCRvClf8lPt2AHt1xQmJnTc5A==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 200 chunk.66585627df7039b55cf9.js Show response
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 10 KB
4 KB 22ms
22ms Script
text/javascript 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/chunk.66585627df7039b55cf9.js
Requested by: Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/fd-messaging.bbfa97618e7cb92f7670.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8adc645ee4884555edd2d1f1f66d3c62182b4b3dc4c28f6b7a7addeb77d4cb6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"91be706b99b1f4d0f7ea02d504c55032"
age: 239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:35 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:28:03 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: IKK6QTyoDh-i9lIVnD4GGuE8EciBt0Hb5I_lpdDWyN8wPpZzfWzyCw==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H/1.1 200
OK config Show response
wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/ Frame 7673 1 KB
2 KB 231ms
231ms XHR
application/json 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/config?domain=aHR0cHM6Ly9oZXlsaW5rLm1l

Requested by

Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/vendor.737793d18e08e0d57f70d7a5824529f1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

fd81c4d298abc8a6593e25b779cc3a706d939f5a1c7ed20a7d1a4601b8c33ea5

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:31:38 GMT
content-encoding: gzip
x-ratelimit-total: 1000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 16
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: f7f887b7-37d7-9e54-8554-8c52a1da67d7
x-trace-id: 00-1e7762d05c92ddc0f99d57932d3d8c92-9ac4ffe88726a690-01
served-by: 7972
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 999
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 7972
x-ratelimit-limit: 1000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 fs-icons_db9017235f84eecfa2cafef72d487865.a50b22f71ea9f5d75e3dc4959c4f57a0.woff2
assetscdn-wchat.au.freshchat.com/static/fonts/ Frame 7673 5 KB
5 KB 56ms
20ms Font
binary/octet-stream 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/fonts/fs-icons_db9017235f84eecfa2cafef72d487865.a50b22f71ea9f5d75e3dc4959c4f57a0.woff2
Requested by: Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/chunk.fa794c0a70f076f0d00f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760

Request headers

Referer: https://assetscdn-wchat.au.freshchat.com/static/assets/chunk.fa794c0a70f076f0d00f.css
Origin: https://wchat.au.freshchat.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
etag: "1181e40b8546834a9805fdf81df2f865"
age: 289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
content-length: 4928
last-modified: Wed, 23 Mar 2022 10:53:49 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:26:56 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://wchat.au.freshchat.com
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
x-amz-cf-id: DxkkbKKMkFpDD_xvhx68PKa-bDFnyywFygmX_OVTJ7g50wOWUn3DJQ==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 4 KB
5 KB 24ms
23ms Media
audio/mpeg 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.au.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: null
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
etag: "a529450a7cfb4a60dea41ef294fa90dd"
age: 143
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Wed, 23 Mar 2022 10:53:47 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:30:40 GMT
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
x-amz-cf-id: -u869wrJunobWxRehpBwhK3HpKKVXG-TKf2rv9iKHbFBZcF_0oPo_g==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
H/1.1 200
OK user Show response
wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/ Frame 7673 63 B
1 KB 221ms
221ms XHR
application/json 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/user

Requested by

Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/vendor.737793d18e08e0d57f70d7a5824529f1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:31:38 GMT
content-encoding: gzip
x-ratelimit-total: 1000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 6
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 22539614-bf24-4585-9f97-fec8850e15c0
x-trace-id: 00-07ac4bd702cfd74571ed2ae452ae7534-5a9bf3f8b4f76793-00
served-by: 4127
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 998
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4127
x-ratelimit-limit: 1000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/ Frame 7673 7 KB
3 KB 250ms
249ms XHR
application/json 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/vendor.737793d18e08e0d57f70d7a5824529f1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

ad213e4a18293a4d5350f16ca13dfa4afc0f9cf664d4bdafcf90112ab6e6ee30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:31:38 GMT
content-encoding: gzip
x-ratelimit-total: 1000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 33
x-status: EXPIRED
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: a4d52d69-21d5-4e4e-8857-426ac2526f5e
x-trace-id: 00-0ee15852708aeeb7fe2c15ea4d61573d-cba830848ccda401-00
served-by: 4127
server: fwe
x-ratelimit-remaining: 997
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4127
x-ratelimit-limit: 1000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 chunk.4a6e70359ca70f529742.js Show response
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 53 KB
13 KB 44ms
44ms Script
text/javascript 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/chunk.4a6e70359ca70f529742.js
Requested by: Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/fd-messaging.bbfa97618e7cb92f7670.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f5fa92252ce5f8abe720e73cc3dec01ce788e26d69f274189a769b2b0ff0f7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
etag: W/"ee2345c5529fe60346983b4b5a58979f"
age: 4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Mar 2022 10:53:34 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:31:38 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: 3U5LNPNmCLUodzWRSMotb4ETJW8ZX4L86RsrKC-8gUG384Awgb61mA==
expires: Thu, 23 Mar 2023 10:53:30 GMT

PUT
H/1.1 200
OK activity Show response
wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/user/d9ca3d07-a3be-42c4-b04e-2f0f1520e483/ Frame 7673 17 B
1 KB 223ms
222ms XHR
application/json 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/user/d9ca3d07-a3be-42c4-b04e-2f0f1520e483/activity

Requested by

Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/2118.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:31:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-total: 1000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 7
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: 78708e27-870f-4caa-8a1d-504d576e785c
x-trace-id: 00-2eb094f0cdc82c669b1e0ab056b6e151-9af8ee4bb35e810e-00
served-by: 4127
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 996
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4127
x-ratelimit-limit: 1000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK category Show response
wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/faq/ Frame 7673 33 KB
9 KB 230ms
229ms XHR
application/json 52.63.67.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.au.freshchat.com/app/services/app/webchat/07dfdfa5-792a-4503-8041-da4bcebce886/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.au.freshchat.com
URL: https://assetscdn-wchat.au.freshchat.com/static/assets/vendor.737793d18e08e0d57f70d7a5824529f1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.67.156 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-67-156.ap-southeast-2.compute.amazonaws.com

Software

fwe /

Resource Hash

f96a018355fb28cf99ee4b2084bb66da301864f7150648bba709b1d5682d34a4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.au.freshchat.com/widget/?token=07dfdfa5-792a-4503-8041-da4bcebce886&referrer=aHR0cHM6Ly9oZXlsaW5rLm1l
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:31:39 GMT
content-encoding: gzip
x-ratelimit-total: 1000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 11
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 825e5c88-3171-452f-b9d3-1332871a0848
x-trace-id: 00-930e3ef2f9fb1707b6629329fc43ad87-9c3baa438d70d1df-00
served-by: 5941
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 995
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5941
x-ratelimit-limit: 1000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET img_1596556635291.jpeg
fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/ Frame 7673 0
0

GET
H2 200 freshdesk_logo.86f3d406e7c19daf1fcf7462a823d28c.svg
assetscdn-wchat.au.freshchat.com/static/assets/ Frame 7673 780 B
1 KB 32ms
31ms Image
image/svg+xml 99.84.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.au.freshchat.com/static/assets/freshdesk_logo.86f3d406e7c19daf1fcf7462a823d28c.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 686dafbfae5cb1ce1d2fa53a057ab5dd17277682ea06d68c9b7e23666adcae4b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wchat.au.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
etag: "700ca107b848b083e9b0659a98efb160"
age: 88
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 780
last-modified: Wed, 23 Mar 2022 10:53:40 GMT
server: AmazonS3
date: Tue, 05 Apr 2022 00:31:39 GMT
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
x-amz-cf-id: YkHx4L1r7z5B-lt8j1ER2zQjgNSU-DRJMzQipl4h47BjVXVUfDHMqw==
expires: Thu, 23 Mar 2023 10:53:30 GMT

GET
BLOB 200
OK a76b8733-29e7-463a-9e2d-22a60f50c00c
https://wchat.au.freshchat.com/ Frame 7673 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.au.freshchat.com/a76b8733-29e7-463a-9e2d-22a60f50c00c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 152

GET img_1597367601287.png
fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/ Frame 7673 0
0

GET img_1597367570574.png
fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/ Frame 7673 0
0

GET img_1597367583071.png
fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/ Frame 7673 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fc-apse2-00-pics-bkt-00.s3.amazonaws.com
URL: https://fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/img_1596556635291.jpeg

Domain: fc-apse2-00-pics-bkt-00.s3.amazonaws.com
URL: https://fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/img_1597367601287.png

Domain: fc-apse2-00-pics-bkt-00.s3.amazonaws.com
URL: https://fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/img_1597367570574.png

Domain: fc-apse2-00-pics-bkt-00.s3.amazonaws.com
URL: https://fc-apse2-00-pics-bkt-00.s3.amazonaws.com/dc6f740f46dd4a4c23e02dd7144d13a320bb45bf571c076441ceb0d5f7a1deb3/f_marketingpicFull/u_736cedd0367d973d7e1c947d531ded643282d7841263900a4efc4287bdcc5227/img_1597367583071.png

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
heylink.me/	1969-12-31 23:59:59	Name: session Value: eyJsYW5ndWFnZSI6ImVuIn0.YkuN5Q.86c6dodYY42xWU5Vf3bFKkBvkB0
.heylink.me/	1970-01-20 10:50:54	Name: _ym_uid Value: 16491186968235387
.heylink.me/	1970-01-20 10:50:54	Name: _ym_d Value: 1649118696
.heylink.me/	1970-01-20 10:50:54	Name: _fw_crm_v Value: 97cee969-3145-4f9d-b585-f84cb2f7716e
.yandex.ru/	1970-01-23 17:41:18	Name: yandexuid Value: 649386291649118696
.yandex.ru/	1970-01-23 17:41:18	Name: yuidss Value: 649386291649118696
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1001488111649118696
.yandex.ru/	1970-01-23 17:41:18	Name: i Value: ZXfXRmmBsCEVEvTJsXtSOCzAaPa/hceXKJnDCP1Xlb0wV5bm1B6kowh3WIBfXD7XIg+Qmqpe5hjR1GRc35GSv9FBgtg=
.yandex.ru/	1970-01-20 10:50:54	Name: ymex Value: 1964478696.yrts.1649118696#1964478696.yrtsi.1649118696
.heylink.me/	1970-01-20 02:06:30	Name: _ym_isad Value: 2

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://heylink.me/kinsmanjackpotbingo/ Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://heylink.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assetscdn-wchat.au.freshchat.com
cdn-f.heylink.me
cdn.jsdelivr.net
cdnjs.cloudflare.com
fc-apse2-00-pics-bkt-00.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
heylink.me
mc.yandex.ru
rts-static-prod.freshworksapi.com
static.cloudflareinsights.com
wchat.au.freshchat.com
fc-apse2-00-pics-bkt-00.s3.amazonaws.com
143.204.146.128
2606:4700:10::6816:ca6
2606:4700:440e::ac40:9c1a
2606:4700::6810:5614
2606:4700::6811:180e
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2003
2a02:6b8::1:119
52.63.67.156
99.84.118.92
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
06084f2e3a1f2f2697aaac2ceb3c45d00cd8539806f2333bf2e18652b12532ec
0965922de5f02627e2d30b515c2efb2a6e022b4b95e886cd7bbc320abe1fdb50
11ba38cd479a07ffffd96e37565b7effdb449bc2202d7f20245796d6f0a9c6d5
1b753c810a6650c10542f6590ae995f31aaf026ed2603901dbad3e769bc1c186
1d16d81c50fd910753b8a48b0136023ae5d38c68cb147eaf42d71e684b918bf5
2852e2c62d70d2e12719a60b76161b008e31a4b4b4667b4919e6386ea1fde706
29547099bbaa44f05d65c9a5fb507097a951ee29097617de67c77ca3206f3b84
2d9cc11f8db73b9deb3d30cd6f9bfe39f4713b0bc68b8414f319d96508aaaf2e
37510753bb57a96a77967d96ae46e9447e5c843b671c9b139198650df1358a51
3ec3b0bd53fd41bcb2cb2c5632c42e7681adedbe57d99181837b48176bc483fb
45d6c6bb421f69635e000e9a52d3c5d653dbc894a35ac169675f664f04ed9e90
4e3fc47e9ee322cbb2238da1e858910a1de5d79ba85010bdb673f6f533b0cefe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558fb2e7db0c4ff763ba695743501ad4cf483584e33fe637115033d8f34af578
6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760
666fae2107178818882d0661bc3d44aaf787c4d2eca8694c261dfdfa81afc316
686dafbfae5cb1ce1d2fa53a057ab5dd17277682ea06d68c9b7e23666adcae4b
6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3
6e4015d9a86de37a6663c8c6aa95e3a5d8cc29509f81158cdcd19981ff93fae4
6fd6ebeaa6f18c8325d62a0f350c2ab53ebe263b5fe9d7c1c0befca50bfbd3af
70bf3cef0011f15993329e8ee149814b45634af4b4433a8c17550c3e87530558
77f5d957c3c598001aa4f21a66275c6ef96b0ddc84bc513584fee9ad0d2754d0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8850ed4095ed0c7d918cecbfd03e11e9926199ee58d10f085a32e1706b002af0
89f5fa92252ce5f8abe720e73cc3dec01ce788e26d69f274189a769b2b0ff0f7
9009adfb639dbb96fa4580bae263380904a880e70b5643bbc76fdc6c71a19472
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
a20cc13e7de815d826db9a919e55209b951075688f36ff431e50deb1bc9a6a88
a8adc645ee4884555edd2d1f1f66d3c62182b4b3dc4c28f6b7a7addeb77d4cb6
ad213e4a18293a4d5350f16ca13dfa4afc0f9cf664d4bdafcf90112ab6e6ee30
adcea1ef9d513a2eed5ac83cf1769d79aaa0627f8600b6d9ac2706d042b440ef
af0db89d59979914e9cdcf61148cf90bd8f562d4bebde306ae0212516feef7cc
b178769eaf10c540f4007a9e6569e9dc5c4a4b1a47fb2c0da116a9c652b29601
b17d09db815001c7f047ca5d503c3cdb6259a286db8cfd73f89a0b6b48ff6963
bd5dbb4ce6bfa26f569908d2bca1baf07cd73f5c2e1eba317c615e6a2c10a209
c069c310915d3c73e6b08d3a9f6a9e52cbb2dcc21e238084bac55597ca164146
c4ce821a6b36fd4c50dd004fd0a5f183f2a57109f0697d7cb45a41a426dcde68
c65097d1cdcb2595b814a9fcfa875f2a00aaf041d5747b5ca1ae2f31c11b75d6
c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29
cca06c9ca6609aab15f084ae040597a3f7f1a554a8aba92d5395504ec44bb813
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd13a6b616450397c5671a22eaf02685e05635757bd90830a0e012cd8691ff63
d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c
dfe45517282780bbc448c2e00a7ea1770bf54855adf501c5c215e8c866949306
e10cbaf29484533d20f48d8ff71f909b8b1a3674d2fcfbcedfa17b89a373a1c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1855cb518728a6136ba0a22d680c495abbd01f109269bd0b24aeebe4f320af
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ebeeaeacdb2a6d24e8d816dfea2394fb80bd0325f88fdce0dcdf625d84668456
efd525c877d1c3ebe0ebfc781de35bfcb1ff7b7a860d00e4966996e9e9ed14f7
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f7710c9f4239e95a0a99facf82a09892706a426e4021427c7d334c8101285772
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
f96a018355fb28cf99ee4b2084bb66da301864f7150648bba709b1d5682d34a4
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd81c4d298abc8a6593e25b779cc3a706d939f5a1c7ed20a7d1a4601b8c33ea5
ff0a345febc89d78cbc81b6498b75e80bcca4e13171ecd31bcffd838a5c1a754

heylink.me Open in urlscan Pro 2606:4700:10::6816:ca6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

91 %HTTPS

70 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

1417 kBTransfer

5274 kBSize

10 Cookies

10 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heylink.me Open in urlscan Pro
2606:4700:10::6816:ca6 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

91 %
HTTPS

70 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

1417 kB
Transfer

5274 kB
Size

10
Cookies

66 HTTP transactions
0 data transactions