heylink.me Open in urlscan Pro
2606:4700:10::ac43:798 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sub0day.com/2014/10/black-energy-ii-ii/
Effective URL:
https://heylink.me/Eventbonusdepo/
Submission: On August 23 via api (August 23rd 2022, 10:05:36 pm UTC) from IT — Scanned from IT

Summary HTTP 67 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 15 domains to perform 67 HTTP transactions. The main IP is 2606:4700:10::ac43:798, located in United States and belongs to CLOUDFLARENET, US. The main domain is heylink.me. The Cisco Umbrella rank of the primary domain is 131796.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2022. Valid for: a year.

This is the only time heylink.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	154.23.182.4 154.23.182.4	140227 (HKCICL-AS...) (HKCICL-AS-AP Hong Kong Communications International Co.)
1 1	52.21.33.16 52.21.33.16	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700:10:... 2606:4700:10::ac43:798	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:10:... 2606:4700:10::6816:da6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
67	15

1 154.23.182.4 (United States)

ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK)

sub0day.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.33.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io

k9gambar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::ac43:798 (United States)

ASN13335 (CLOUDFLARENET, US)

heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-f.heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::6816:da6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-f.heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heylink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	heylink.me heylink.me — Cisco Umbrella Rank: 131796 cdn-f.heylink.me — Cisco Umbrella Rank: 201652	752 KB
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	615 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	42 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 426	110 KB
4	gstatic.com fonts.gstatic.com	36 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	114 KB
1	google.it www.google.it — Cisco Umbrella Rank: 21679	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 9	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108	439 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 706	458 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	2 KB
1	k9gambar.com 1 redirects k9gambar.com	336 B
1	sub0day.com sub0day.com	603 B
67	15

	Domain	Requested by
14	fonts.googleapis.com	heylink.me cdn-f.heylink.me
13	heylink.me	sub0day.com heylink.me static.cloudflareinsights.com
12	cdn-f.heylink.me	heylink.me cdn-f.heylink.me
6	cdnjs.cloudflare.com	heylink.me
6	cdn.cookielaw.org	heylink.me cdn.cookielaw.org
4	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	heylink.me www.googletagmanager.com
1	www.google.it	heylink.me
1	www.google.com	heylink.me
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.cloudflareinsights.com	heylink.me
1	cdn.jsdelivr.net	heylink.me
1	k9gambar.com	1 redirects
1	sub0day.com
67	17

This site contains links to these domains. Also see Links.

Domain
magic.ly
loginfafa.com
k9push.com
coin365hit.com
grupfafa.com
linkfafa.com
fafa117cuan.com
visitfafa.com
accounts.google.com
www.facebook.com
app.heylink.me

Subject Issuer	Validity	Valid
heylink.me Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://heylink.me/Eventbonusdepo/
Frame ID: 02B30C2A0B8E3602AFF5A9F7E6D17C87
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HeyLink.me | FREECHIPS 50K & BONUS NEW MEMBER 100% + 50K hingga 1-5jt (turnover rendah dibawah x10)

Page URL History Show full URLs

http://sub0day.com/2014/10/black-energy-ii-ii/ Page URL
https://k9gambar.com/GCE HTTP 302
https://heylink.me/Eventbonusdepo/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

67
Requests

99 %
HTTPS

88 %
IPv6

15
Domains

17
Subdomains

15
IPs

4
Countries

1698 kB
Transfer

5785 kB
Size

6
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://magic.ly/slot-anti-nawala?utm_medium=social&utm_source=heylink.me
Title: LINK RTP ANTINAWALA ( SLOT GACOR 2022 )

Search URL Search Domain Scan URL

URL: https://loginfafa.com/1X2seohey2?utm_medium=social&utm_source=heylink.me
Title: FAFA1X2 ( WELCOME BONUS 150%) DEPOSIT 5K + 75K TO X10

Search URL Search Domain Scan URL

URL: https://k9push.com/JNN?utm_medium=social&utm_source=heylink.me
Title: K9WIN ( WELCOME BONUS 100% ) TO X10

Search URL Search Domain Scan URL

URL: https://coin365hit.com/JMR?utm_medium=social&utm_source=heylink.me
Title: COIN365BET ( WELCOME BONUS 100% ) TO X10

Search URL Search Domain Scan URL

URL: https://grupfafa.com/191gil?utm_medium=social&utm_source=heylink.me
Title: FAFA191 ( WELCOME BONUS ) DEPOSIT 15K GRATIS 25K TO X3

Search URL Search Domain Scan URL

URL: https://linkfafa.com/855iko?utm_medium=social&utm_source=heylink.me
Title: FAFA855 ( WELCOME BONUS ) DEPOSIT 30K GRATIS 36K TO X3

Search URL Search Domain Scan URL

URL: https://fafa117cuan.com/117iki?utm_medium=social&utm_source=heylink.me
Title: FAFA117 ( WELCOME BONUS ) DEPOSIT 50K GRATIS 60K TO X3

Search URL Search Domain Scan URL

URL: https://linkfafa.com/212LNL?utm_medium=social&utm_source=heylink.me
Title: FAFA212 ( WELCOME BONUS ) DEPOSIT 100K GRATIS 120K TO X3

Search URL Search Domain Scan URL

URL: https://visitfafa.com/118seohey2?utm_medium=social&utm_source=heylink.me
Title: FAFA118 ( WELCOME BONUS ) DEPOSIT 40K GRATIS 50K TO X5

Search URL Search Domain Scan URL

URL: https://visitfafa.com/777seohey2?utm_medium=social&utm_source=heylink.me
Title: FAFA777 ( WELCOME BONUS ) DEPOSIT 40K GRATIS 50K TO X10

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?client_id=330458598700-tvc98fsf0a3np731fossp5rnd0v3ddga.apps.googleusercontent.com&response_type=code&scope=email+profile+openid&redirect_uri=https://app.heylink.me/login/google
Title: Iscriviti con Google

Search URL Search Domain Scan URL

URL: https://www.facebook.com/v11.0/dialog/oauth?client_id=266003681172790&redirect_uri=https://app.heylink.me/login/facebook&state=fbloginheylinkme&scope=email
Title: Iscriviti con Facebook

Search URL Search Domain Scan URL

URL: https://app.heylink.me/login/?lng=it
Title: Per saperne di più o accedi a HeyLink.me

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sub0day.com/2014/10/black-energy-ii-ii/ Page URL
https://k9gambar.com/GCE HTTP 302
https://heylink.me/Eventbonusdepo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
sub0day.com/2014/10/black-energy-ii-ii/ 653 B
603 B 578ms
206ms Document
text/html 154.23.182.4
HKCICL-AS-AP Hong...

General

Check archive.org

Show headers Download Go to

Full URL: http://sub0day.com/2014/10/black-energy-ii-ii/
Protocol: HTTP/1.1
Server: 154.23.182.4 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Tue, 23 Aug 2022 22:05:25 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40

GET
H2

200

Primary Request / Show response
heylink.me/Eventbonusdepo/
Redirect Chain

https://k9gambar.com/GCE
https://heylink.me/Eventbonusdepo/

144 KB
13 KB

298ms
231ms

Document
text/html

2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heylink.me/Eventbonusdepo/

Requested by

Host: sub0day.com
URL: http://sub0day.com/2014/10/black-energy-ii-ii/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74154dde4bffc751e2924a2ef066c70c0ec3972645e36ae8f39a3c2097d34765

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline' frame-ancestors app.heylink.me
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sub0day.com/2014/10/black-energy-ii-ii/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73f7266379a4bad6-MXP
content-encoding: br
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' frame-ancestors app.heylink.me
content-type: text/html; charset=utf-8
date: Tue, 23 Aug 2022 22:05:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Date: Tue, 23 Aug 2022 22:05:29 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
connection: close
content-length: 0
content-type: text/html; charset=utf-8
location: https://heylink.me/Eventbonusdepo/
pragma: no-cache
x-content-type-options: nosniff
x-powered-by: Short.io link shortener

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
2 KB 94ms
24ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3321
x-jsd-version: 1.16.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1256
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
x-served-by: cache-fra19147-FRA, cache-mxp6957-MXP
x-jsd-version-type: version
date: Tue, 23 Aug 2022 22:05:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/ 20 KB
7 KB 94ms
32ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/otSDKStub.js

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ec320e8020b48aad5b148de39200cf3a5d4852b62534c7c0292611cdb72842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: F3UfK5EMBc6QTtDdMXRefA==
age: 2605
vary: Accept-Encoding
content-length: 6858
x-ms-lease-status: unlocked
last-modified: Wed, 03 Aug 2022 08:23:04 GMT
server: cloudflare
etag: 0x8DA7529630C2C21
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e1ef3157-501e-0168-2f12-a7c0e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73f726656fb7bb20-MXP
expires: Wed, 24 Aug 2022 02:05:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 121ms
43ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-170826174-2

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f859194357595d727655ffa27dc62415a2a6c2ddb65a96545f9b487816aa5c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43033
x-xss-protection: 0
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 style.min.css
cdn-f.heylink.me/static/dist/css/ 2 MB
92 KB 62ms
45ms Stylesheet
text/css 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b32534c80d746cd58998c53802dabbaff991baa22caca2809e748118b31240

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:54:01 GMT
server: cloudflare
age: 5609
etag: W/"390da036f9b1a15274690d97d84a357f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 73f726651c36bad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C55B21TDPBSESG50
x-amz-id-2: HRbjzBIP5w660WAWgXhIFnHPDAWGk1AWuNdaMP+INKw2MFrEMu5NNSZ8Mjk8BF+o0+S6Qwtn57A=

GET
H2 200 css2
fonts.googleapis.com/ 2 MB
607 KB 240ms
156ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Acme&family=Averia+Sans+Libre&family=Cabin:wght@500&family=Dosis:wght@500&family=Fredoka+One&family=Kalam&family=Libre+Baskerville&family=Londrina+Solid&family=Merienda&family=Montserrat:wght@500&family=Nova+Round&family=Open+Sans&family=Oswald:wght@500&family=Playfair+Display:wght@500&family=Prosto+One&family=Quicksand:wght@500&family=Righteous&family=Rock+Salt&family=Rokkitt:wght@500&family=Special+Elite&family=Press+Start+2P&family=Anton&family=Architects+Daughter&family=Barrio&family=Berkshire+Swash&family=Fredericka+the+Great&family=Gochi+Hand&family=Lobster+Two&family=Monofett&family=Racing+Sans+One&family=Secular+One&family=Carter+One&family=Leckerli+One&family=Amaranth&family=Itim&family=Love+Ya+Like+A+Sister&family=Magra&family=Marcellus&family=Marmelad&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;800&family=Philosopher:wght@400;700&family=McLaren&family=Acme&family=Averia+Sans+Libre&family=Cabin:wght@500&family=Dosis:wght@500&family=Fredoka+One&family=Kalam&family=Libre+Baskerville&family=Londrina+Solid&family=Merienda&family=Montserrat:wght@500&family=Nova+Round&family=Open+Sans&family=Oswald:wght@500&family=Playfair+Display:wght@500&family=Prosto+One&family=Quicksand:wght@500&family=Righteous&family=Rock+Salt&family=Rokkitt:wght@500&family=Special+Elite&family=Press+Start+2P&family=Anton&family=Architects+Daughter&family=Barrio&family=Berkshire+Swash&family=Fredericka+the+Great&family=Gochi+Hand&family=Lobster+Two&family=Monofett&family=Racing+Sans+One&family=Secular+One&family=Carter+One&family=Leckerli+One&family=Amaranth&family=Itim&family=Love+Ya+Like+A+Sister&family=Magra&family=Marcellus&family=Marmelad&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;800&family=Philosopher:wght@400;700&family=McLaren&family=Balsamiq+Sans&family=Balsamiq+Sans&family=Changa+One&family=Paytone+One&family=Russo+One&family=Amiri:ital,wght@0,400;0,700;1,400;1,700&family=Cairo:wght@200;300;400;500;600;700;800;900&family=IBM+Plex+Sans+Arabic:wght@100;200;300;400;500;600;700&family=Jomhuria&family=Katibeh&family=Lalezar&family=Mada:wght@200;300;400;500;600;700;900&family=Mirza:wght@400;500;600;700&family=Noto+Sans+Arabic:wght@100;200;300;400;500;600;700;800;900&family=Qahiri&family=Liu+Jian+Mao+Cao&family=Long+Cang&family=Ma+Shan+Zheng&family=Noto+Sans+SC:wght@100;300;400;500;700;900&family=Noto+Serif+SC:wght@200;300;400;500;600;700;900&family=ZCOOL+KuaiLe&family=ZCOOL+QingKe+HuangYou&family=ZCOOL+XiaoWei&family=Zhi+Mang+Xing&family=Liu+Jian+Mao+Cao&family=Long+Cang&family=Ma+Shan+Zheng&family=Noto+Sans+SC:wght@100;300;400;500;700;900&family=Noto+Serif+SC:wght@200;300;400;500;600;700;900&family=ZCOOL+KuaiLe&family=ZCOOL+QingKe+HuangYou&family=ZCOOL+XiaoWei&family=Zhi+Mang+Xing&family=Fahkwang:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,200;1,300;1,400;1,500;1,600;1,700&family=Itim&family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Mali:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,200;1,300;1,400;1,500;1,600;1,700&family=Noto+Sans+Thai:wght@100;200;300;400;500;600;700;800;900&family=Pattaya&family=Pridi:wght@200;300;400;500;600;700&family=Sarabun:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800&family=Sriracha&family=Taviraj:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Henny+Penny&family=Pangolin&family=Fira+Sans:wght@500&family=PT+Sans&family=Orelega+One&family=Rubik:wght@600&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f99938c253a1be459f3c98fa07791494133e6f11cc6c1ec7102d96912546d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 22:05:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.2/ 3 KB
2 KB 111ms
42ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.2/jquery.modal.min.css

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1141397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAOrmy3NB%2BCGm1CZuB7%2FTS1f5wrtBt3Nu%2FIEgl77QJG%2FJk3wBiAHMU3YLaHe1GNpiDtsbp9DD7hus6eU5HqfU16TmEaWqpbjO9nzBPuspxNXpHWzCq3Ta9EGtJo7JsDBIGYoF%2BChDPLJBurEfSlHI%2BUA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f726657f7683b4-MXP
expires: Sun, 13 Aug 2023 22:05:29 GMT

GET
H2 200 scripts.min.js Show response
cdn-f.heylink.me/static/dist/js/ 28 KB
6 KB 52ms
47ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/scripts.min.js?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1adcfaaaae23ab8de391965d744e234508add467bbef4fb343bf7f9abcaee19a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:53:57 GMT
server: cloudflare
age: 6143
etag: W/"1ac6a447e92209cbb236a041e2c7bc56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f726651c42bad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C55FQ8P093RWFH8G
x-amz-id-2: NS4YWnQBIYN5N2pO3Q5LJDv9+JCnuGAHO3Y1JZu/M+tRcRFjYKWPgB/yKNcfndMlEYa8Q9385Gk=

GET
H2 200 clamp.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Clamp.js/0.5.1/ 2 KB
1 KB 95ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Clamp.js/0.5.1/clamp.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e29c4b04e0e4e32e6181d07d2924377d9cce29fb514b1038ffa91fbffd553b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1009
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:03:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cee-9ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jxBMtOoJ1kklON85wT4wBLF4SPP%2FLSBQCES8HY5k2%2FbypHPNc4Qu%2FD5xYzMRpsNOU%2FXh1Y6kEVytYkJDlZHAxa6G8TXdLzGgm7Wl2Kb92R%2BFNBZauVrewv3Bpm9gyLiojEjVdv%2BVnAQzlPd2nyWTbgx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f726657f7883b4-MXP
expires: Sun, 13 Aug 2023 22:05:29 GMT

GET
H2 200 download.min.js Show response
cdnjs.cloudflare.com/ajax/libs/downloadjs/1.4.8/ 3 KB
2 KB 93ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/downloadjs/1.4.8/download.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93bee2a8a7a8e8e8352dfe666b0bb1dab4f18da57dcd4b723962955f756db4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7865496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1287
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3d-d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2EaQ5Oe4VGDGuzz3CeNew7fxDyoYAZNT8J2mixxjeOyMepnHc9Jmx33xzbqf%2FDARwWZlNDAvFmqD3qrTgl3a26iWFVFr0CPEFhmXqhip5Xtxai1dRZjJV8m%2Bq58sia8m9U3zb0MP78IPkOs7hWrMtPJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f726657f7a83b4-MXP
expires: Sun, 13 Aug 2023 22:05:29 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
7 KB 94ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6970
timing-allow-origin: *
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed13e63-5f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FF0cQlIc%2BWla995%2FXeyhV7QM%2FzxhA5nl9ExidXu33XmrHiSrW6EqaBJ9I5CMtVYGnQ74p7%2F8F2X3V%2Fz0PlWKDC6lfg%2BB4rfWksgcC1SGlpufnj1%2FwIR%2FSs53yXbCrRAKg9LRBroWMHGwO4jJEEL8szY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f726657f7c83b4-MXP
expires: Sun, 13 Aug 2023 22:05:29 GMT

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.2/ 5 KB
2 KB 95ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.2/jquery.modal.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1217251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1405
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-136e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dvu0uwhuM3jHNg5nV84GC00f%2FSZy0k8nUTi37KtYnLPnT3AV1wSqV2xPH%2B9i4UX6RdG1l%2BSeCPYY8V26rfU6DkFduWAu3G0Ruru8Hm%2BmnlcJ8j7rgI%2BJCr06nOGzBWCrOxx2Aavch0kkv6Y3NdHjHAS5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f726657f7d83b4-MXP
expires: Sun, 13 Aug 2023 22:05:29 GMT

GET
H2 200 user.min.js Show response
cdn-f.heylink.me/static/dist/js/ 463 B
375 B 41ms
38ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/user.min.js?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67b6767238f9f9fda24d1f4ebf94ade988f48348f725b3f935aec6064dd0d47a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:53:59 GMT
server: cloudflare
age: 5609
etag: W/"7e3ca0d1490f844c88b20b8e944946f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f726651c40bad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C5596KSYEWC8ME4E
x-amz-id-2: MXZaG02VuOJInlVNIHxswprynLpxXYAR9DVev8Lu31O+tkKUkLJ9qNFvqHO10zjQEXOaxeCL9EY=

GET
H2 200 signup-form.min.js Show response
cdn-f.heylink.me/static/dist/js/ 2 KB
1016 B 43ms
41ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/signup-form.min.js?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7539eb4603148101f879df69c4497311bf38f315266fe446fe06f64667e2b775

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:53:58 GMT
server: cloudflare
age: 6141
etag: W/"d98497a57b03e9650fbed7cdc3b3e5bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f726651c39bad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C55CSQXWGMANTWRD
x-amz-id-2: mbP6T6G7LqB8UuJgDH29xuF/a4NCXeKlL4lqjZ8bvA4zNTWuvd/dmCM4z+E1VfQwzsddyjiYaOc=

GET
H2 200 locations.min.js Show response
cdn-f.heylink.me/static/dist/js/ 1 KB
637 B 49ms
47ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/locations.min.js?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd066efdb410ef79695830b9a95b1decfc0d059f1b1c1d94b713901677d5bd93

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:54:00 GMT
server: cloudflare
age: 5609
etag: W/"f2184ff339b1f059af41d35a06820f7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f726651c3abad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C553TWM11CBXTB04
x-amz-id-2: 00cy87HYhloLXghAmPqzG9oPkh32714RwV8X8hVd5EbgI54zXE6HJ7RvrvNEGz6Zelqoe/R6aIg=

GET
H2 200 menu-links.min.js Show response
cdn-f.heylink.me/static/dist/js/ 1 KB
581 B 39ms
37ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/menu-links.min.js?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1c67d2a8cb39609b39177c35ace29d9e0eac86d9b9d9b9a07ab3ed170d96cd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:53:59 GMT
server: cloudflare
age: 5609
etag: W/"ea971548f8e45700ee08343a30550a5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f726651c3bbad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C557P1BAFNCW9EH1
x-amz-id-2: LayGOmzca6Mk78RZqbrSzOlZhWJDE9Qu++xH4MJt+67Ic1ti8ZwlhzDgrK+kBt9vYZTOpJVsIW4=

GET
H2 200 nft.min.js Show response
cdn-f.heylink.me/static/dist/js/ 173 B
324 B 40ms
39ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/nft.min.js?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c68fa3a311a723bc0d4acf6bfd20ffe2f3112f67cfe31975718ec006ac7549

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:53:58 GMT
server: cloudflare
age: 5609
etag: W/"3d45b7f6eb74a5cd655b50798de8a41a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f726651c3cbad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C550XDB6V4NPJZNF
x-amz-id-2: fmhSh82dmxg0uZ6LbaNmSB4X6+18pUQg5tCR6oArgfkR4/1LfEiUQ3HKJDx4SeuaqSTVAGx7g60=

GET
H2 200 drop-down-list.min.js Show response
cdn-f.heylink.me/static/dist/js/ 360 B
426 B 36ms
35ms Script
application/javascript 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-f.heylink.me/static/dist/js/drop-down-list.min.js?v=b4605db8ff0590fd36bcfd6322b2ec57
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbda847b1dc2380e736a70166bc43db4830bc2e57e5a97418cc079b6f2d30b6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 11:54:00 GMT
server: cloudflare
age: 5609
etag: W/"f918d363a0f6c1ddb652dd54ee08c59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 73f726651c3ebad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C55FXC892NXQKYEN
x-amz-id-2: gHkAsbl6VYJwc9Dci6PSMtbD4C3VvRuKDCoVpxATxGE3pqOXyYeBS+Hh8AENMfKPrzRjV+HrXeQ=

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 153ms
87ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://heylink.me/Eventbonusdepo/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 73f7266628d9839d-MXP

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
546 B 51ms
48ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Philosopher&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a597b2268b777e085eb300bbb832e09c26f3a475b2315e7fc33c132036d0e546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 22:05:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
648 B 51ms
49ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:07:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 49ms
47ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

846b536d31d3270cf08f884440bdc0e2aa6b73ed99361e54f299a372dfa95d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:20:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
525 B 52ms
50ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alice&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fa19c7a19daa83232c5240d52b4a8ff15a728a4a1cff780e4bdd0be87374b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:38:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
588 B 52ms
50ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fc36357212a81b5f94eb6d872c115f631608694c340ac2ba2a23e28ae277715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 22:05:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
608 B 77ms
75ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Comfortaa&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d8f0a8723792fd3fa2f8ea5e7f496dd433cd95894bffce710de4f02231f9abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 22:05:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
563 B 76ms
75ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Yanone+Kaffeesatz&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dee995baa064e4c89061e1c817b109711f24c9ef47746ed95d1bc77801c65e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 22:05:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
568 B 88ms
87ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arsenal&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a85fc43581a3712943996832a4e36ca94c804ec421061dd14c733eb26e24a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 22:05:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
584 B 87ms
86ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Didact+Gothic&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d92c73f365fac1f16c9426e9863af83862c0a8abc7dfe5bfd3d6818a437047d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:42:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
589 B 80ms
78ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lobster&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7de50cc2e7686f3ecf963697ac261a439d584d61d0980f2c7de5fb1b21b9439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:12:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
595 B 79ms
78ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Pacifico&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00b6294afc61ef4bc202f191b68fffc31d344395ac3ce8d6c4fc8d0e4a25a399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 22:05:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
494 B 77ms
76ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Russo+One&display=swap

Requested by

Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12410a70b0fef88be3f33fb22db68107a628ec433f48b32e97ea80b87ad68978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:46:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
624 B 67ms
66ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7698cbc9b060e5e676a83c63829b2cc792e04a5dc6ed101ba68029f1157ceebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:54:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 22:05:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 22:05:29 GMT

GET
H2 200 ic_close_icon.svg
cdn-f.heylink.me/static/img/ 1 KB
819 B 37ms
36ms Image
image/svg+xml 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/ic_close_icon.svg
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeef2ff92e472665dfe307949fb6f5d4794244de02b4f7609b09c57f599d626a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 14:43:33 GMT
server: cloudflare
age: 6141
etag: W/"9aa01fe36e2e1ea0434177624f166591"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 73f72665dd4bbad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JR2DJ4PWE0CYHBY9
x-amz-id-2: XzYp3zdAp1u4B5juc3FAkMhI/F6uco/nf6+yOaHLVuv/UkIsmbj874pgmEV/ld4LZql0KeoECZk=

GET
H2 200 Animation_Loading2.gif
cdn-f.heylink.me/static/img/ 562 KB
563 KB 37ms
36ms Image
image/gif 2606:4700:10::ac43:798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/Animation_Loading2.gif
Requested by: Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:798 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd912e8d462739018cd0180ff62c9873f9e15708eceed8dbaa956d68f285f1c4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
cf-cache-status: HIT
age: 6142
cf-polished: origSize=604905, status=webp_bigger
cf-ray: 73f72665dd4dbad6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 575145
x-amz-id-2: SC+TJCKB3vXwCuPAbECQusNG5dxMG6adyhyuOFAQ3jMybZOmd6I/9Eh4O5TRXh7Us/+n2/1QkIE=
last-modified: Mon, 20 Jun 2022 14:43:30 GMT
server: cloudflare
etag: "703d3539469015441ad9b33c025bf848"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BTADK9676ZZQYDXE
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/gif
cf-bgj: imgq:85,h2pri

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 33ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1140942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywGoD7C7P%2FeDnkQkMv0hZHe4PCvV37tHstoJWwpIzQPkrWgyJ4DSQHgcoslDN8YfksJ5Bk3Fayf2GTKnSwo%2FtGRo%2FC7cALSWLXuLR0sZV3BcYhuW0lA2ifqBQakPQzE%2FDor3vwrCfTE8I1oFNyKrV0wV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f72665d89283b4-MXP
expires: Sun, 13 Aug 2023 22:05:29 GMT

GET
H3 200 USA_1.webp
cdn-f.heylink.me/static/img/countries-themes/ 11 KB
12 KB 43ms
43ms Image
binary/octet-stream 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/countries-themes/USA_1.webp
Requested by: Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41425645278a522378b82a0e3e682097eb84d1aadf1ff57e72dd0d93f74c7804

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
cf-cache-status: HIT
age: 2471
cf-ray: 73f726691d1ababd-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11632
x-amz-id-2: 9m+FGLyrhaNnu/KEmwd5Tg8iW33jcHyf3+M8JMdCcDU5yRwq+YksyhQo3lVSQ9VcTuZM4COtuQA=
last-modified: Tue, 09 Aug 2022 11:56:16 GMT
server: cloudflare
etag: "aa261c8b686b4d0922dd924018aa351c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 5SWCW15Q24MRQYFF
cache-control: max-age=86400
accept-ranges: bytes
content-type: binary/octet-stream

GET
H3 200 img_default_avatar@2x.png
cdn-f.heylink.me/static/img/ 568 B
1 KB 40ms
40ms Image
image/webp 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-f.heylink.me/static/img/img_default_avatar@2x.png
Requested by: Host: cdn-f.heylink.me
URL: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5b9bc65bd069c80e6adf1248b74e6f7bbd923a21274982e5ec1243022d75bc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn-f.heylink.me/static/dist/css/style.min.css?v=b4605db8ff0590fd36bcfd6322b2ec57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
cf-cache-status: HIT
age: 5499
cf-polished: origFmt=png, origSize=778
cf-ray: 73f726691d1cbabd-MXP
content-disposition: inline; filename="img_default_avatar@2x.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 568
x-amz-id-2: s3fb5X7wgTCc2dcrgdu1vxHXAqnAu2vKGx6kVg+zx4GoY0xT27ganLn35c8UQTYzIhcXXsYvvll979KaxrrMeQ==
last-modified: Thu, 07 Jul 2022 14:21:06 GMT
server: cloudflare
etag: "a2ecc165af745503dd363915abbda759"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 5V2EVKKSRM2RVP8C
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 13 KB
13 KB 119ms
35ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Acme&family=Averia+Sans+Libre&family=Cabin:wght@500&family=Dosis:wght@500&family=Fredoka+One&family=Kalam&family=Libre+Baskerville&family=Londrina+Solid&family=Merienda&family=Montserrat:wght@500&family=Nova+Round&family=Open+Sans&family=Oswald:wght@500&family=Playfair+Display:wght@500&family=Prosto+One&family=Quicksand:wght@500&family=Righteous&family=Rock+Salt&family=Rokkitt:wght@500&family=Special+Elite&family=Press+Start+2P&family=Anton&family=Architects+Daughter&family=Barrio&family=Berkshire+Swash&family=Fredericka+the+Great&family=Gochi+Hand&family=Lobster+Two&family=Monofett&family=Racing+Sans+One&family=Secular+One&family=Carter+One&family=Leckerli+One&family=Amaranth&family=Itim&family=Love+Ya+Like+A+Sister&family=Magra&family=Marcellus&family=Marmelad&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;800&family=Philosopher:wght@400;700&family=McLaren&family=Acme&family=Averia+Sans+Libre&family=Cabin:wght@500&family=Dosis:wght@500&family=Fredoka+One&family=Kalam&family=Libre+Baskerville&family=Londrina+Solid&family=Merienda&family=Montserrat:wght@500&family=Nova+Round&family=Open+Sans&family=Oswald:wght@500&family=Playfair+Display:wght@500&family=Prosto+One&family=Quicksand:wght@500&family=Righteous&family=Rock+Salt&family=Rokkitt:wght@500&family=Special+Elite&family=Press+Start+2P&family=Anton&family=Architects+Daughter&family=Barrio&family=Berkshire+Swash&family=Fredericka+the+Great&family=Gochi+Hand&family=Lobster+Two&family=Monofett&family=Racing+Sans+One&family=Secular+One&family=Carter+One&family=Leckerli+One&family=Amaranth&family=Itim&family=Love+Ya+Like+A+Sister&family=Magra&family=Marcellus&family=Marmelad&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;800&family=Philosopher:wght@400;700&family=McLaren&family=Balsamiq+Sans&family=Balsamiq+Sans&family=Changa+One&family=Paytone+One&family=Russo+One&family=Amiri:ital,wght@0,400;0,700;1,400;1,700&family=Cairo:wght@200;300;400;500;600;700;800;900&family=IBM+Plex+Sans+Arabic:wght@100;200;300;400;500;600;700&family=Jomhuria&family=Katibeh&family=Lalezar&family=Mada:wght@200;300;400;500;600;700;900&family=Mirza:wght@400;500;600;700&family=Noto+Sans+Arabic:wght@100;200;300;400;500;600;700;800;900&family=Qahiri&family=Liu+Jian+Mao+Cao&family=Long+Cang&family=Ma+Shan+Zheng&family=Noto+Sans+SC:wght@100;300;400;500;700;900&family=Noto+Serif+SC:wght@200;300;400;500;600;700;900&family=ZCOOL+KuaiLe&family=ZCOOL+QingKe+HuangYou&family=ZCOOL+XiaoWei&family=Zhi+Mang+Xing&family=Liu+Jian+Mao+Cao&family=Long+Cang&family=Ma+Shan+Zheng&family=Noto+Sans+SC:wght@100;300;400;500;700;900&family=Noto+Serif+SC:wght@200;300;400;500;600;700;900&family=ZCOOL+KuaiLe&family=ZCOOL+QingKe+HuangYou&family=ZCOOL+XiaoWei&family=Zhi+Mang+Xing&family=Fahkwang:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,200;1,300;1,400;1,500;1,600;1,700&family=Itim&family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Mali:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,200;1,300;1,400;1,500;1,600;1,700&family=Noto+Sans+Thai:wght@100;200;300;400;500;600;700;800;900&family=Pattaya&family=Pridi:wght@200;300;400;500;600;700&family=Sarabun:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800&family=Sriracha&family=Taviraj:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Henny+Penny&family=Pangolin&family=Fira+Sans:wght@500&family=PT+Sans&family=Orelega+One&family=Rubik:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 23:50:09 GMT
x-content-type-options: nosniff
age: 512121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 23:50:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 152ms
69ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:27:16 GMT
x-content-type-options: nosniff
age: 527894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7824
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:27:16 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 127ms
43ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 528030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:25:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 147ms
64ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heylink.me
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 528038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:24:52 GMT

GET
H2 200 ed015149-1f0d-43d2-85fc-05bb16cc098b.json Show response
cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/ 4 KB
2 KB 85ms
34ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/ed015149-1f0d-43d2-85fc-05bb16cc098b.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770a65099294e4528cf8588c8640f307b196b97f80f6a4f19ec86e22f31314b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Aug 2022 22:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: x70RDW8CRDjVsElpIioqng==
age: 11047
vary: Accept-Encoding
content-length: 1626
x-ms-lease-status: unlocked
last-modified: Wed, 03 Aug 2022 08:23:03 GMT
server: cloudflare
etag: 0x8DA752962CE1A6E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 60317286-b01e-0029-380b-abaea4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73f72669cfbb0f4e-MXP
expires: Wed, 24 Aug 2022 02:05:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 118ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SLMX7BZBWP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-170826174-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b64998f1be2befed45fa80af4b0823639a7a75f2036a958e640a16b053874b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72823
x-xss-protection: 0
expires: Tue, 23 Aug 2022 22:05:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 110ms
33ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-170826174-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3810
date: Tue, 23 Aug 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Aug 2022 23:02:00 GMT

GET
H3 200 d8555276616c42e4b7b51548896df90a.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=200/https://cdn-b.heylink.me/media/users/avatars/ 12 KB
13 KB 55ms
54ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=200/https://cdn-b.heylink.me/media/users/avatars/d8555276616c42e4b7b51548896df90a.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dad0db927a4cf9559af37969771fc3e1ce1934c31ec73c701b43852dbf24094a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12773
last-modified: Mon, 15 Aug 2022 15:56:12 GMT
server: cloudflare
etag: "cfLraNK3rb700leVwRuOVtmQ:0dac333f4b1fb6d452c393820fa1b04e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=22 c=459 v=2022.8.0 l=12773
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698db8babd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 2767aa01ba0d441eb1949d15035d7db6.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 5 KB
5 KB 76ms
75ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/2767aa01ba0d441eb1949d15035d7db6.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be3c66234ec29c89d730ae1eb71b07eecf027e370583fb1a62c1297b8f77f41b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4622
last-modified: Mon, 15 Aug 2022 16:18:06 GMT
server: cloudflare
etag: "cfvl2yyUVBTkRTXAdY_NAuHQ:4ff6f1936c0024fa1268571ae07c5d04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=9 c=175 v=2022.8.0 l=4622
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dbbbabd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 f994b4f2689043f6a905e670cdfc5c87.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 5 KB
5 KB 76ms
75ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/f994b4f2689043f6a905e670cdfc5c87.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe59bd6424439c4154db5ae45b44412e5b704633a2a5801f5644fc639575d1c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4725
last-modified: Mon, 15 Aug 2022 16:17:22 GMT
server: cloudflare
etag: "cfaNE7H-a2lP65zzTU_31Vew:421d5a49e448b58249318128bcee53ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=9 c=191 v=2022.8.0 l=4725
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dbdbabd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 01b9fc05df914dfdba7e5a6629df0052.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 4 KB
4 KB 76ms
75ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/01b9fc05df914dfdba7e5a6629df0052.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05dd155c55326945839d676983bc261b138844e2c06284d0c10d6c9003d78eed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4025
last-modified: Mon, 15 Aug 2022 16:17:07 GMT
server: cloudflare
etag: "cfw9s4123akzV3dbRZNfUtzA:9d2ddf38bb4bce00430bd612decaf447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=14 c=183 v=2022.8.0 l=4025
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dbebabd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 828292a9e40540feb4b41a08f1601c1a.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 5 KB
6 KB 76ms
76ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/828292a9e40540feb4b41a08f1601c1a.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a026f2201aaeca93ef62fcae5d43266e29b137fde756b79f4afea1f8e38256

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5522
last-modified: Mon, 15 Aug 2022 16:16:24 GMT
server: cloudflare
etag: "cfU1A2k15pFLzhWyOhEi6P4g:adc5f24c5510be469e0bf7ad4ed0667f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=8 c=193 v=2022.8.0 l=5522
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dc3babd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 b45905854d344a2b9e210536577a0639.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 5 KB
5 KB 1039ms
1038ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/b45905854d344a2b9e210536577a0639.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa264b66a163b718d38905c5f34198d92b21107ee0419b4d1e6e482f9750bcbe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4959
last-modified: Mon, 15 Aug 2022 16:16:09 GMT
server: cloudflare
etag: "cfJE02AHCHhKNamVKpU4zNaA:0230347ab997225ef5dd4d2096e754af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=7 c=203 v=2022.8.0 l=4959
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dc6babd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 9ad261b1280448edbcb5359aed339164.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 4 KB
4 KB 1029ms
1029ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/9ad261b1280448edbcb5359aed339164.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280cc18162a02497b4c317a4945cc0f9d33c9c40c5a41de1f77036b2fb78203d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3905
last-modified: Mon, 15 Aug 2022 16:15:51 GMT
server: cloudflare
etag: "cf8sLWAf6m6yRzAtASvMYwAA:0f86ad420f7e6fab6dc0889e63ff772b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=13 c=225 v=2022.8.1 l=3905
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dc9babd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 34ed98d9b8124ba197063cfd250706c9.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 4 KB
5 KB 50ms
49ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/34ed98d9b8124ba197063cfd250706c9.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf5b73fca4c60bbb59f5b2d39fc1400c178126e1cf19cc3404f5b36704cd1574

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ZH_X845ZRptK269xlUXmY.Fco2ImvNyTEAlWkKfFweQ-1661292330-0-Aa0e0R5oQDCCWJFYDoM0L_HXGqjHQknVuwCxb2HukGUCMJMYlY7PTyMQZV65Xgf1hi3SI43abkOPQXSSFWG5vio; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3985
last-modified: Mon, 15 Aug 2022 16:15:18 GMT
server: cloudflare
etag: "cfFrQEd2Q2cAKcTadYVbPOIg:12a6a8d3e20591e8996a59b0418ebb58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ZH_X845ZRptK269xlUXmY.Fco2ImvNyTEAlWkKfFweQ-1661292330-0-Aa0e0R5oQDCCWJFYDoM0L_HXGqjHQknVuwCxb2HukGUCMJMYlY7PTyMQZV65Xgf1hi3SI43abkOPQXSSFWG5vio"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=11 c=168 v=2022.8.0 l=3985
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dcababd-MXP
warning: cf-images 299 "crop fit mode needs both width and height"
cf-bgj: imgq:85,h2pri

GET
H3 200 13f55df62f374dadb4fb755d5ae29d9a.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 4 KB
4 KB 50ms
50ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/13f55df62f374dadb4fb755d5ae29d9a.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a917865aae8a981a346c24ebc064b5a7c4d6aff4c33e4330f469f64e106627f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3647
last-modified: Mon, 15 Aug 2022 16:13:59 GMT
server: cloudflare
etag: "cf0qEeS-YOAzF5l14Jt9gvrQ:302857752ddba2dd6d4b8e6722f5ec85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=8 c=202 v=2022.8.4 l=3647
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dcbbabd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 dc1368474b284371af8ebe7fec903601.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 3 KB
4 KB 50ms
50ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/dc1368474b284371af8ebe7fec903601.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d43e973ec5d8412dfb88d8f7a3e59dc5e6da518aea8950e10de37a276427266

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3241
last-modified: Mon, 15 Aug 2022 16:13:35 GMT
server: cloudflare
etag: "cf5E5jD6yaYkpEkk5xkBnuXw:c3659c0e6fddc4094c4cabb5c20f4861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=16 c=158 v=2022.8.1 l=3241
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dcfbabd-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 c0c747fcfdf14eb09bc85f8688f89d33.jpg
heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/ 5 KB
5 KB 1000ms
999ms Image
image/avif 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heylink.me/cdn-cgi/image/f=auto,q=85,fit=crop,w=96/https://cdn-b.heylink.me/media/links/thumbnails/c0c747fcfdf14eb09bc85f8688f89d33.jpg

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d9db942ea69ade8029d3a1ea780b3228c075706ab39744635e519cc6117880

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4950
last-modified: Mon, 15 Aug 2022 16:13:11 GMT
server: cloudflare
etag: "cf3Pf3wxpcSW9wR2ViEwPnLw:3d3ef6281dd3cfe31589a13eecbe9c4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
warning: cf-images 299 "crop fit mode needs both width and height"
content-type: image/avif
cache-control: max-age=86400
cf-resized: internal=ok/h q=0 n=13 c=141 v=2022.8.0 l=4950
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 73f726698dd0babd-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 171 B
458 B 116ms
64ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8b8783f52539e0585f0c028a2d76ea3f710361dba00e9e98f629c7fee7d19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://heylink.me/Eventbonusdepo/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:05:30 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73f7266a4d763745-MXP
access-control-allow-headers: Content-Type

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 109ms
40ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1086354587&t=pageview&_s=1&dl=https%3A%2F%2Fheylink.me%2FEventbonusdepo%2F&dr=http%3A%2F%2Fsub0day.com%2F&ul=en-us&de=UTF-8&dt=HeyLink.me%20%7C%20FREECHIPS%2050K%20%26%20BONUS%20NEW%20MEMBER%20100%25%20%2B%2050K%20hingga%201-5jt%20(turnover%20rendah%20dibawah%20x10)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2117082710&gjid=1150796276&cid=480574056.1661292331&tid=UA-170826174-2&_gid=294347569.1661292331&_r=1&gtm=2ou8m0&z=118210458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heylink.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 120ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SLMX7BZBWP&gtm=2oe8m0&_p=1086354587&cid=480574056.1661292331&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661292330&sct=1&seg=0&dl=https%3A%2F%2Fheylink.me%2FEventbonusdepo%2F&dr=http%3A%2F%2Fsub0day.com%2F&dt=HeyLink.me%20%7C%20FREECHIPS%2050K%20%26%20BONUS%20NEW%20MEMBER%20100%25%20%2B%2050K%20hingga%201-5jt%20(turnover%20rendah%20dibawah%20x10)&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SLMX7BZBWP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 22:05:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heylink.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.35.0/ 360 KB
85 KB 31ms
30ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Aug 2022 22:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bDp57sS049dDkRqCL4m53Q==
age: 10660
vary: Accept-Encoding
content-length: 87115
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:06 GMT
server: cloudflare
etag: 0x8DA4784BD4AE529
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73f7266ab822bb20-MXP

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 146ms
44ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-170826174-2&cid=480574056.1661292331&jid=2117082710&gjid=1150796276&_gid=294347569.1661292331&_u=YEBAAUAAAAAAAC~&z=1412686044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heylink.me/Eventbonusdepo/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Aug 2022 22:05:30 GMT
content-type: text/plain
access-control-allow-origin: https://heylink.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/248304d2-c811-4fb2-b10b-61331633921e/ 34 KB
9 KB 34ms
33ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ed015149-1f0d-43d2-85fc-05bb16cc098b/248304d2-c811-4fb2-b10b-61331633921e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84c91f50baff2a9d0c43697ebf9e69017db2f96b9526c51a44d7f659a622069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Aug 2022 22:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1HcRBzpGVmXZeDWBDGIK/Q==
age: 8810
vary: Accept-Encoding
content-length: 8535
x-ms-lease-status: unlocked
last-modified: Wed, 03 Aug 2022 08:23:06 GMT
server: cloudflare
etag: 0x8DA752964698F44
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7ce3bc7e-601e-012f-590b-ab1f89000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73f7266b18da0f4e-MXP
expires: Wed, 24 Aug 2022 02:05:30 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 5 KB
2 KB 47ms
46ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Aug 2022 22:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: su1aQDzLNGhJWoAF9QNyDA==
age: 11046
vary: Accept-Encoding
content-length: 1780
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:20:58 GMT
server: cloudflare
etag: 0x8DA4784B8AE7ECF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 757c6303-901e-0157-38c4-a9773e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73f7266b690e0f4e-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 21 KB
4 KB 46ms
46ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Aug 2022 22:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 11046
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: fc6b53b1-b01e-004f-03c4-a91cfe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 73f7266b690f0f4e-MXP

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 121ms
45ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170826174-2&cid=480574056.1661292331&jid=2117082710&_u=YEBAAUAAAAAAAC~&z=1143445672

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 133ms
45ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170826174-2&cid=480574056.1661292331&jid=2117082710&_u=YEBAAUAAAAAAAC~&z=1143445672

Requested by

Host: heylink.me
URL: https://heylink.me/Eventbonusdepo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://heylink.me/Eventbonusdepo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 22:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rum Show response
heylink.me/cdn-cgi/ 0
163 B 28ms
25ms XHR
text/plain 2606:4700:10::6816:da6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heylink.me/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:da6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://heylink.me/Eventbonusdepo/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: application/json

Response headers

date: Tue, 23 Aug 2022 22:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://heylink.me
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 73f7267008bababd-MXP
vary: Origin

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
heylink.me/	1969-12-31 23:59:59	Name: session Value: eyJsYW5ndWFnZSI6Iml0In0.YwVPKQ.KI2Icr5GGVD215_xE03RHCgX4Wc
.heylink.me/	1970-01-20 05:29:38	Name: _gid Value: GA1.2.294347569.1661292331
.heylink.me/	1970-01-20 05:28:12	Name: _gat_gtag_UA_170826174_2 Value: 1
.heylink.me/	1970-01-20 15:04:12	Name: _ga_SLMX7BZBWP Value: GS1.1.1661292330.1.0.1661292330.0.0.0
.heylink.me/	1970-01-20 15:04:12	Name: _ga Value: GA1.1.480574056.1661292331
.heylink.me/	1970-01-20 14:13:48	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Aug+23+2022+22%3A05%3A30+GMT%2B0000+(GMT)&version=6.35.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fheylink.me%2FEventbonusdepo%2F&groups=C0003%3A0%2CC0002%3A0%2CC0001%3A1%2CC0004%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-f.heylink.me
cdn.cookielaw.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
heylink.me
k9gambar.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sub0day.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
154.23.182.4
2001:4860:4802:32::36
2606:4700:10::6816:da6
2606:4700:10::ac43:798
2606:4700:4400::ac40:929e
2606:4700:440e::6812:2fe6
2606:4700::6810:9540
2606:4700::6811:190e
2a00:1450:4001:801::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::2008
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9c
2a00:1450:400e:800::200a
2a04:4e42:200::485
52.21.33.16
00b6294afc61ef4bc202f191b68fffc31d344395ac3ce8d6c4fc8d0e4a25a399
05dd155c55326945839d676983bc261b138844e2c06284d0c10d6c9003d78eed
12410a70b0fef88be3f33fb22db68107a628ec433f48b32e97ea80b87ad68978
1adcfaaaae23ab8de391965d744e234508add467bbef4fb343bf7f9abcaee19a
1c5b9bc65bd069c80e6adf1248b74e6f7bbd923a21274982e5ec1243022d75bc
1cbda847b1dc2380e736a70166bc43db4830bc2e57e5a97418cc079b6f2d30b6
1d92c73f365fac1f16c9426e9863af83862c0a8abc7dfe5bfd3d6818a437047d
280cc18162a02497b4c317a4945cc0f9d33c9c40c5a41de1f77036b2fb78203d
2a85fc43581a3712943996832a4e36ca94c804ec421061dd14c733eb26e24a1c
2d43e973ec5d8412dfb88d8f7a3e59dc5e6da518aea8950e10de37a276427266
32d9db942ea69ade8029d3a1ea780b3228c075706ab39744635e519cc6117880
36ec320e8020b48aad5b148de39200cf3a5d4852b62534c7c0292611cdb72842
3fc36357212a81b5f94eb6d872c115f631608694c340ac2ba2a23e28ae277715
41425645278a522378b82a0e3e682097eb84d1aadf1ff57e72dd0d93f74c7804
53b32534c80d746cd58998c53802dabbaff991baa22caca2809e748118b31240
5d8f0a8723792fd3fa2f8ea5e7f496dd433cd95894bffce710de4f02231f9abf
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
67b6767238f9f9fda24d1f4ebf94ade988f48348f725b3f935aec6064dd0d47a
6e29c4b04e0e4e32e6181d07d2924377d9cce29fb514b1038ffa91fbffd553b7
6f99938c253a1be459f3c98fa07791494133e6f11cc6c1ec7102d96912546d08
74154dde4bffc751e2924a2ef066c70c0ec3972645e36ae8f39a3c2097d34765
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
7539eb4603148101f879df69c4497311bf38f315266fe446fe06f64667e2b775
7698cbc9b060e5e676a83c63829b2cc792e04a5dc6ed101ba68029f1157ceebb
770a65099294e4528cf8588c8640f307b196b97f80f6a4f19ec86e22f31314b6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
846b536d31d3270cf08f884440bdc0e2aa6b73ed99361e54f299a372dfa95d8f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93bee2a8a7a8e8e8352dfe666b0bb1dab4f18da57dcd4b723962955f756db4a1
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1
9fa19c7a19daa83232c5240d52b4a8ff15a728a4a1cff780e4bdd0be87374b91
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c68fa3a311a723bc0d4acf6bfd20ffe2f3112f67cfe31975718ec006ac7549
a597b2268b777e085eb300bbb832e09c26f3a475b2315e7fc33c132036d0e546
a917865aae8a981a346c24ebc064b5a7c4d6aff4c33e4330f469f64e106627f9
aa1c67d2a8cb39609b39177c35ace29d9e0eac86d9b9d9b9a07ab3ed170d96cd
b3a026f2201aaeca93ef62fcae5d43266e29b137fde756b79f4afea1f8e38256
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b64998f1be2befed45fa80af4b0823639a7a75f2036a958e640a16b053874b1e
b7de50cc2e7686f3ecf963697ac261a439d584d61d0980f2c7de5fb1b21b9439
bd066efdb410ef79695830b9a95b1decfc0d059f1b1c1d94b713901677d5bd93
be3c66234ec29c89d730ae1eb71b07eecf027e370583fb1a62c1297b8f77f41b
bf5b73fca4c60bbb59f5b2d39fc1400c178126e1cf19cc3404f5b36704cd1574
cd912e8d462739018cd0180ff62c9873f9e15708eceed8dbaa956d68f285f1c4
ce8b8783f52539e0585f0c028a2d76ea3f710361dba00e9e98f629c7fee7d19c
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
dad0db927a4cf9559af37969771fc3e1ce1934c31ec73c701b43852dbf24094a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee995baa064e4c89061e1c817b109711f24c9ef47746ed95d1bc77801c65e6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
eeef2ff92e472665dfe307949fb6f5d4794244de02b4f7609b09c57f599d626a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
f84c91f50baff2a9d0c43697ebf9e69017db2f96b9526c51a44d7f659a622069
f859194357595d727655ffa27dc62415a2a6c2ddb65a96545f9b487816aa5c6c
fa264b66a163b718d38905c5f34198d92b21107ee0419b4d1e6e482f9750bcbe
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe59bd6424439c4154db5ae45b44412e5b704633a2a5801f5644fc639575d1c1

heylink.me Open in urlscan Pro 2606:4700:10::ac43:798 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

99 %HTTPS

88 %IPv6

15 Domains

17 Subdomains

15 IPs

4 Countries

1698 kBTransfer

5785 kBSize

6 Cookies

13 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heylink.me Open in urlscan Pro
2606:4700:10::ac43:798 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

99 %
HTTPS

88 %
IPv6

15
Domains

17
Subdomains

15
IPs

4
Countries

1698 kB
Transfer

5785 kB
Size

6
Cookies

67 HTTP transactions
0 data transactions