Submitted URL: http://ht.ly/WNiy30rv9qf
Effective URL: https://windko11.page.link/6SuK?platform=hootsuite&_imcp=1
Submission: On February 02 via manual from US

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2a00:1450:4001:816::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is windko11.page.link.
TLS certificate: Issued by GTS CA 1O1 on January 19th 2021. Valid for: 3 months.
This is the only time windko11.page.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.67.57.56 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 3
Apex Domain
Subdomains
Transfer
3 gstatic.com
www.gstatic.com
71 KB
2 page.link
windko11.page.link
18 KB
1 ht.ly
ht.ly
402 B
5 3
Domain Requested by
3 www.gstatic.com windko11.page.link
www.gstatic.com
2 windko11.page.link www.gstatic.com
1 ht.ly 1 redirects
5 3

This site contains links to these domains. Also see Links.

Domain
firebase.google.com
Subject Issuer Validity Valid
*.page.link
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://windko11.page.link/6SuK?platform=hootsuite&_imcp=1
Frame ID: 9A2C7FCDA515AF5EA7B96CD6B2D82814
Requests: 6 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://ht.ly/WNiy30rv9qf HTTP 301
    https://windko11.page.link/6SuK?platform=hootsuite Page URL
  2. https://windko11.page.link/6SuK?platform=hootsuite&_imcp=1 Page URL

Page Statistics

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

89 kB
Transfer

248 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ht.ly/WNiy30rv9qf HTTP 301
    https://windko11.page.link/6SuK?platform=hootsuite Page URL
  2. https://windko11.page.link/6SuK?platform=hootsuite&_imcp=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ht.ly/WNiy30rv9qf HTTP 301
  • https://windko11.page.link/6SuK?platform=hootsuite

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
6SuK
windko11.page.link/
Redirect Chain
  • http://ht.ly/WNiy30rv9qf
  • https://windko11.page.link/6SuK?platform=hootsuite
34 KB
11 KB
Document
General
Full URL
https://windko11.page.link/6SuK?platform=hootsuite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0822cd4692c1fbb2bad627d9f00f16388088f91aa41b39fc492dd822c3d74d4b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aZ/L1o5vFPDCUSnB7u3KwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-aZ/L1o5vFPDCUSnB7u3KwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
windko11.page.link
:scheme
https
:path
/6SuK?platform=hootsuite
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 02 Feb 2021 16:02:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-aZ/L1o5vFPDCUSnB7u3KwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-aZ/L1o5vFPDCUSnB7u3KwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location
https://windko11.page.link/6SuK?platform=hootsuite
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Date
Tue, 02 Feb 2021 16:02:04 GMT
Connection
close
Content-Length
0
X-Pool
owly_web
m=_b,_tp
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48EWhct3W7tLjJI3x5k4x2-SmH9w/
147 KB
52 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48EWhct3W7tLjJI3x5k4x2-SmH9w/m=_b,_tp
Requested by
Host: windko11.page.link
URL: https://windko11.page.link/6SuK?platform=hootsuite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656b19b7f5996f45de0508de2219c6104c41430bb308474dffdd4d74cee42aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windko11.page.link/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519834
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53033
x-xss-protection
0
last-modified
Mon, 25 Jan 2021 21:34:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 15:38:11 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zZ_Pa75qtFw.L.B1.O/am=BAg/d=1/exm=_b,_tp/excm=_b,_tp,view...
35 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zZ_Pa75qtFw.L.B1.O/am=BAg/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP53T2Zvvcj-no5t7iOdBa5fLpKP0w/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48EWhct3W7tLjJI3x5k4x2-SmH9w/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a57b6bbc520d030ec20dfbf2680ae4521ccd7ba7a739a8546833e0647e4aab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windko11.page.link/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 22:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496733
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12999
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 03:30:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 22:03:12 GMT
m=KjEEgd
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zZ_Pa75qtFw.L.B1.O/am=BAg/d=1/exm=LEikZe,_b,_tp,byfTOb,ls...
16 KB
6 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zZ_Pa75qtFw.L.B1.O/am=BAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP53T2Zvvcj-no5t7iOdBa5fLpKP0w/m=KjEEgd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48EWhct3W7tLjJI3x5k4x2-SmH9w/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
491ba22f95dc068130aa2368902db24fa747a2769a11333e38ebedbf0ef8d780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windko11.page.link/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 06:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553496
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5770
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 03:30:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 06:17:09 GMT
Primary Request 6SuK
windko11.page.link/
9 KB
7 KB
Document
General
Full URL
https://windko11.page.link/6SuK?platform=hootsuite&_imcp=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48EWhct3W7tLjJI3x5k4x2-SmH9w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0001038b0b390e836834fffe79b6b951991cfb622e29d33380cf7b98ffdd7723
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TAwmVEQJicKukSnVgRIZ4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-TAwmVEQJicKukSnVgRIZ4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
windko11.page.link
:scheme
https
:path
/6SuK?platform=hootsuite&_imcp=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://windko11.page.link/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://windko11.page.link/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 02 Feb 2021 16:02:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-TAwmVEQJicKukSnVgRIZ4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-TAwmVEQJicKukSnVgRIZ4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67efcb882356eaf3944d74a8bd3bd46f3a8012fe2defd64cc3281e26bf041eb5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48EWhct3W7tLjJI3x5k4x2-SmH9w/m=_b,_tp(Line 428)
Message:
%c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.swD99xJsw5I.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48EWhct3W7tLjJI3x5k4x2-SmH9w/m=_b,_tp(Line 428)
Message:
%c%s font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'report-sample' 'nonce-aZ/L1o5vFPDCUSnB7u3KwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-aZ/L1o5vFPDCUSnB7u3KwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0