tfghelp.helpshift.com Open in urlscan Pro
2600:1f18:3f7:b408:6ede:34ae:d8a0:a56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cs.wildlife.io/subscription-sharing
Effective URL:
https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymo...
Submission: On February 27 via manual (February 27th 2024, 11:26:47 am UTC) from GB — Scanned from GB

Summary HTTP 11 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2600:1f18:3f7:b408:6ede:34ae:d8a0:a56, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is tfghelp.helpshift.com. The Cisco Umbrella rank of the primary domain is 239405.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on May 16th 2023. Valid for: a year.

This is the only time tfghelp.helpshift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1f18:3f7... 2600:1f18:3f7:b408:6ede:34ae:d8a0:a56	14618 (AMAZON-AES) (AMAZON-AES)
5	18.172.102.52 18.172.102.52	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:3f7... 2600:1f18:3f7:b408:3a31:9e88:da16:c0ed	14618 (AMAZON-AES) (AMAZON-AES)
11	4

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

cs.wildlife.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:3f7:b408:6ede:34ae:d8a0:a56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

tfghelp.helpshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.172.102.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-102-52.fra60.r.cloudfront.net

d2duuy9yo5pldo.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:3f7:b408:3a31:9e88:da16:c0ed (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.helpshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudfront.net d2duuy9yo5pldo.cloudfront.net	133 KB
3	unpkg.com unpkg.com — Cisco Umbrella Rank: 753	5 KB
3	helpshift.com tfghelp.helpshift.com — Cisco Umbrella Rank: 239405 api.helpshift.com — Cisco Umbrella Rank: 9140	9 KB
1	wildlife.io 1 redirects cs.wildlife.io	324 B
11	4

	Domain	Requested by
5	d2duuy9yo5pldo.cloudfront.net	tfghelp.helpshift.com
3	unpkg.com	tfghelp.helpshift.com
2	api.helpshift.com	d2duuy9yo5pldo.cloudfront.net
1	tfghelp.helpshift.com
1	cs.wildlife.io	1 redirects
11	5

This site contains links to these domains. Also see Links.

Domain
support.helpshift.com
unleash.wildlifestudios.com
twitter.com
www.youtube.com
wildlifestudios.com
helpshift.com

Subject Issuer	Validity	Valid
*.helpshift.com Sectigo ECC Domain Validation Secure Server CA	`2023-05-16` - `2024-05-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all
Frame ID: 03985C2473037B849B633F04A623D9D7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Logo X(formerly Twitter)Logo Youtube

Page URL History Show full URLs

https://cs.wildlife.io/subscription-sharing HTTP 302
https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscri... Page URL

Page Statistics

11
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

147 kB
Transfer

420 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://support.helpshift.com/hc/en/13-helpshift-technical-support/faq/717-cookies-used-by-helpshift/

Search URL Search Domain Scan URL

URL: https://unleash.wildlifestudios.com/en
Title: Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/wildlifestudios
Title: Logo X(formerly Twitter)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCgYHGkTMJ6iInwyNWOCmbkA
Title: Logo Youtube

Search URL Search Domain Scan URL

URL: https://wildlifestudios.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://wildlifestudios.com/who-we-are/
Title: About

Search URL Search Domain Scan URL

URL: https://wildlifestudios.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://helpshift.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cs.wildlife.io/subscription-sharing HTTP 302
https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/
Redirect Chain

https://cs.wildlife.io/subscription-sharing
https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all

23 KB
8 KB

350ms
128ms

Document
text/html

2600:1f18:3f7:b408:6ede:34ae:d8a0:a56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:3f7:b408:6ede:34ae:d8a0:a56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

23b3c50bf2c4f582d17efdf999fa79c4c25ddd5f9a42c00d8c121304724c1f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 27 Feb 2024 11:26:41 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-hs-request-id: 5653d0e0-98a1-44e2-b780-c27a73f09904
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, max-age=90
content-length: 222
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 27 Feb 2024 11:26:41 GMT
location: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all
referrer-policy: unsafe-url
server: nginx
strict-transport-security: max-age=1209600

GET
H2 200 style.8d4365b986d3fff67b70.css
d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/ 45 KB
8 KB 147ms
45ms Stylesheet
text/css 18.172.102.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/style.8d4365b986d3fff67b70.css
Requested by: Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.102.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-102-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fc14e377b6771d9c101ff5a71eb101d8cef47b013f2f97ec3bf83488ae91ed1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tfghelp.helpshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 08:48:10 GMT
x-amz-version-id: 4IdsXKkLsRq03V51_qJ94SpFPBW8YF5K
content-encoding: gzip
last-modified: Thu, 22 Feb 2024 08:46:14 GMT
server: AmazonS3
via: 1.1 284574e4f15389d93bfcb84d196a92f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
etag: W/"8ef01519c81464176b1289b32ec3df23"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
age: 441513
x-amz-cf-id: _EqXlURHN__60wAPxjtrxRtOGQ2pxHe8vH2Ha0hkBQX4aIORSp7Leg==

GET
H2 200 default-logo.webp
d2duuy9yo5pldo.cloudfront.net/dashboard-resources/320/ 25 KB
25 KB 148ms
47ms Image
image/webp 18.172.102.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2duuy9yo5pldo.cloudfront.net/dashboard-resources/320/default-logo.webp
Requested by: Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.102.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-102-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56a39c285235668d8a16f5062dfde204af4ee92f458b4797ba68ae16a15c878e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tfghelp.helpshift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: imtHTSK29dOWHg4SjnMsg06JndQrUnXk
date: Tue, 27 Feb 2024 10:31:03 GMT
via: 1.1 284574e4f15389d93bfcb84d196a92f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 3387
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25160
last-modified: Fri, 25 Nov 2022 05:07:30 GMT
server: AmazonS3
etag: "9f8932673bf64d2b063eedcb8dec94e4"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: sbPvy274YzyniJfFI9kXM2KpKAuZgOMVDAbYvp6Cjy4jqmDvu3h8aQ==

GET
H2 200 ionicons.esm.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 335 B
577 B 105ms
46ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js

Requested by

Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9164e9e61772747c5cb442694612e0059544001673b79fb88d326b6fc0c008ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tfghelp.helpshift.com/
Origin: https://tfghelp.helpshift.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:26:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9351441
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HEYETY2M3TM2QDTNWRT1SJ09-lhr
server: cloudflare
etag: W/"14f-6q7cP/2WOxXfiij0/H6SoJ2icJE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85c01308ec6b657c-LHR

GET
H2 200 vendors.223f61d07e3b79b54f34.c3d5b4ba8739780c38d1.js Show response
d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/ 47 KB
18 KB 151ms
50ms Script
application/javascript 18.172.102.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/vendors.223f61d07e3b79b54f34.c3d5b4ba8739780c38d1.js
Requested by: Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.102.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-102-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10c9afa9e79daae9d4bbbeb500fadcf964a0b9ff62e31351ff6a20fc992fcbb7

Request headers

Referer: https://tfghelp.helpshift.com/
Origin: https://tfghelp.helpshift.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 07:08:59 GMT
x-amz-version-id: ifb0bsiCrrsOSPNI574XGxFre5b7vG1C
content-encoding: br
via: 1.1 7011da69940360ddebc87f61490ffecc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 15464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 27 Feb 2024 07:08:31 GMT
server: AmazonS3
etag: W/"930e2df5dc238e173549ce325d536a6c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: RldzRLjR_mll3NVT-WcPmn7yPVg_NIYgeIDsf-J3ZDGrrMESspOCxQ==

GET
H2 200 corejs.93bba7fd2ac6a03b01ad.c3d5b4ba8739780c38d1.js Show response
d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/ 169 KB
55 KB 158ms
57ms Script
application/javascript 18.172.102.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/corejs.93bba7fd2ac6a03b01ad.c3d5b4ba8739780c38d1.js
Requested by: Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.102.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-102-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f61324cbe563d48ada177a835367574f61f548278ce105fa7792a05c75f5580c

Request headers

Referer: https://tfghelp.helpshift.com/
Origin: https://tfghelp.helpshift.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 07:08:59 GMT
x-amz-version-id: GcZZlIab05oTLt3zclNJyazvZVCfeSuD
content-encoding: br
via: 1.1 7011da69940360ddebc87f61490ffecc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 15464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 27 Feb 2024 07:08:31 GMT
server: AmazonS3
etag: W/"2098504939663047dcbe6fe661d49ef7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: iXR0X7NEQCgyCGnAVzkerlRa5wYJvDrlq1-1DbC8ZxfUi8ngk7gVqA==

GET
H2 200 404.440fd0b94c044855ddd1.c3d5b4ba8739780c38d1.js Show response
d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/ 101 KB
28 KB 204ms
103ms Script
application/javascript 18.172.102.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/404.440fd0b94c044855ddd1.c3d5b4ba8739780c38d1.js
Requested by: Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.102.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-102-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a34900e79fd78a8cb4bd2ddacb1d3e26e0916e343156ad0cadd924e72f63fe2b

Request headers

Referer: https://tfghelp.helpshift.com/
Origin: https://tfghelp.helpshift.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 07:12:15 GMT
x-amz-version-id: 3TiDp9XyV3AyfdsR8w5BHR4NYuXXwJKs
content-encoding: br
via: 1.1 7011da69940360ddebc87f61490ffecc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 15268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 27 Feb 2024 07:08:30 GMT
server: AmazonS3
etag: W/"ebf30d366232240d3991f4696cb5d667"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: SNFdeOrt0BV5kK_7rnxP04Q65hkgmxoEe2PfbQPaPQmJ0e0yNUyRVg==

GET
H2 200 p-6f4eae92.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 8 KB
4 KB 38ms
38ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-6f4eae92.js

Requested by

Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
Origin: https://tfghelp.helpshift.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:26:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6281336
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HHSYQ3F2HYVMZHF8MKV2NQA3-lhr
server: cloudflare
etag: W/"1f7c-gfDDha4bujGL8M3AApXNE3RBbwQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85c013093cd1657c-LHR

GET
H2 200 p-4372c4bc.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 1 KB
811 B 42ms
42ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-4372c4bc.js

Requested by

Host: tfghelp.helpshift.com
URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
Origin: https://tfghelp.helpshift.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:26:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9106603
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF5RAS2B7TJ387ZD1T3Q984R-lhr
server: cloudflare
etag: W/"4a1-eLv8UEu9cOFw7ZcY76wJ+IRRvYI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85c013093cd3657c-LHR

POST
H2 400 performance Show response
api.helpshift.com/events/v1/tfghelp/logs/hc/ 27 B
150 B 103ms
103ms XHR
text/plain 2600:1f18:3f7:b408:3a31:9e88:da16:c0ed
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.helpshift.com/events/v1/tfghelp/logs/hc/performance
Requested by: Host: d2duuy9yo5pldo.cloudfront.net
URL: https://d2duuy9yo5pldo.cloudfront.net/hc-themes/theme2/latest/static/404.440fd0b94c044855ddd1.c3d5b4ba8739780c38d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:3f7:b408:3a31:9e88:da16:c0ed Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 973809a5792da34e812218e8ec6dc91584b6d13eb62c16b7cb7d91cd2b2791c7

Request headers

Referer: https://tfghelp.helpshift.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tfghelp.helpshift.com
date: Tue, 27 Feb 2024 11:26:42 GMT
server: nginx
content-length: 27
vary: Origin

OPTIONS
H2 204 performance
api.helpshift.com/events/v1/tfghelp/logs/hc/ 0
0 324ms
100ms Preflight 2600:1f18:3f7:b408:3a31:9e88:da16:c0ed
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.helpshift.com/events/v1/tfghelp/logs/hc/performance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:3f7:b408:3a31:9e88:da16:c0ed Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://tfghelp.helpshift.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Content-Type,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://tfghelp.helpshift.com
access-control-max-age: 86400
date: Tue, 27 Feb 2024 11:26:42 GMT
server: nginx
vary: Origin

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cs.wildlife.io/	1970-01-20 23:03:05	Name: _bit Value: o1rbqF-40d2ea53b6b37bfee8-00w
tfghelp.helpshift.com/	1970-01-20 18:43:55	Name: _faq_view_uuid Value: 1ca2e9d0-85de-400c-888a-07dce456cd1d
tfghelp.helpshift.com/	1970-01-20 18:43:55	Name: _faq_view_uuid_legacy Value: 1ca2e9d0-85de-400c-888a-07dce456cd1d

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tfghelp.helpshift.com/hc/en/4-sniper-3d/faq/1489-i-m-not-receiving-my-premium-premium-plus-subscription-benefits-anymore/?p=all Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.helpshift.com/events/v1/tfghelp/logs/hc/performance Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.helpshift.com
cs.wildlife.io
d2duuy9yo5pldo.cloudfront.net
tfghelp.helpshift.com
unpkg.com
18.172.102.52
2600:1f18:3f7:b408:3a31:9e88:da16:c0ed
2600:1f18:3f7:b408:6ede:34ae:d8a0:a56
2606:4700::6810:7caf
67.199.248.13
10c9afa9e79daae9d4bbbeb500fadcf964a0b9ff62e31351ff6a20fc992fcbb7
23b3c50bf2c4f582d17efdf999fa79c4c25ddd5f9a42c00d8c121304724c1f01
56a39c285235668d8a16f5062dfde204af4ee92f458b4797ba68ae16a15c878e
88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded
8fc14e377b6771d9c101ff5a71eb101d8cef47b013f2f97ec3bf83488ae91ed1
9164e9e61772747c5cb442694612e0059544001673b79fb88d326b6fc0c008ef
973809a5792da34e812218e8ec6dc91584b6d13eb62c16b7cb7d91cd2b2791c7
998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5
a34900e79fd78a8cb4bd2ddacb1d3e26e0916e343156ad0cadd924e72f63fe2b
f61324cbe563d48ada177a835367574f61f548278ce105fa7792a05c75f5580c

tfghelp.helpshift.com Open in urlscan Pro 2600:1f18:3f7:b408:6ede:34ae:d8a0:a56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

147 kBTransfer

420 kBSize

3 Cookies

8 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

2 Console Messages

Security Headers

Indicators

tfghelp.helpshift.com Open in urlscan Pro
2600:1f18:3f7:b408:6ede:34ae:d8a0:a56 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

147 kB
Transfer

420 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions