heylink.me Open in urlscan Pro
104.22.13.166  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://heylink.me/daun123slot Page URL
2. https://heylink.me/daun123slot Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

• https://heylink.me/favicon.ico HTTP 301
• https://cdn-f.heylink.me/static/img/favicon_dark.ico

Request Chain 13

• https://heylink.me/favicon.ico HTTP 301
• https://cdn-f.heylink.me/static/img/favicon_dark.ico

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	daun123slot Show response heylink.me/	6 KB 5 KB	119ms 38ms	Document text/html	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/daun123slot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c98dc96d7a13b30cc5c58120f97ff9705393e81ee666ddd27d04f69716dea0 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 7fa5a4ea9ef89974-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Mon, 21 Aug 2023 20:32:14 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	challenges.css heylink.me/cdn-cgi/styles/	6 KB 3 KB	30ms 30ms	Stylesheet text/css	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/styles/challenges.css Requested by Host: heylink.me URL: https://heylink.me/daun123slot Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-AT,de;q=0.9 Referer https://heylink.me/daun123slot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 21 Aug 2023 20:32:14 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 17 Aug 2023 10:58:09 GMT server cloudflare etag W/"64ddfd41-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 7fa5a4eaef509974-FRA expires Mon, 21 Aug 2023 22:32:14 GMT
GET H3	200	v1 Show response heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	157 KB 54 KB	131ms 130ms	Script application/javascript	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ea9ef89974 Requested by Host: heylink.me URL: https://heylink.me/daun123slot Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 318eed3ffb91629e30ab304e7a766451d5ad880372c4ce0e2c5e10113b81e4e6 Request headers accept-language de-AT,de;q=0.9 Referer https://heylink.me/daun123slot?__cf_chl_rt_tk=T_ov4eqSQxePQgEzULJ5ffW4XPzfUNkiB4ViDbgYd78-1692649934-0-gaNycGzNC9A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 21 Aug 2023 20:32:14 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding br server cloudflare cf-ray 7fa5a4eb2b7f3a82-FRA alt-svc h3=":443"; ma=86400 content-type application/javascript; charset=UTF-8
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/313d8a27/	29 KB 10 KB	115ms 55ms	Script application/javascript	104.17.3.184 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit Requested by Host: heylink.me URL: https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ea9ef89974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed Request headers Referer Origin https://heylink.me accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 21 Aug 2023 20:32:14 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 7fa5a4ecc82f925f-FRA alt-svc h3=":443"; ma=86400
GET		favicon_dark.ico cdn-f.heylink.me/static/img/ Redirect Chain https://heylink.me/favicon.ico https://cdn-f.heylink.me/static/img/favicon_dark.ico	0 0
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-AT,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	4da3a769-0be3-4f5a-9bbd-a994597259d7 https://heylink.me/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://heylink.me/4da3a769-0be3-4f5a-9bbd-a994597259d7 Requested by Host: heylink.me URL: https://heylink.me/daun123slot Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-AT,de;q=0.9 Referer https://heylink.me/daun123slot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	a15d907a34c6de0 Show response heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/2142218059:1692648511:OJxdK7m3b2RMQp6qa2VfqJXvp3GgbRLJfZdR4XbgOa4/7fa5a4ea9ef89974/	10 KB 7 KB	50ms 50ms	XHR text/plain	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/2142218059:1692648511:OJxdK7m3b2RMQp6qa2VfqJXvp3GgbRLJfZdR4XbgOa4/7fa5a4ea9ef89974/a15d907a34c6de0 Requested by Host: heylink.me URL: https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ea9ef89974 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55de0adde0bd6905100cfa6cf33fa8f4eebd96b30551957e60102034ccfbf67a Request headers Referer https://heylink.me/daun123slot accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 CF-Challenge a15d907a34c6de0 Content-type application/x-www-form-urlencoded Response headers cf-chl-gen satnajcc+Vk0zCNuPrF63TiK9DbhDZnLfeKcgcEr0Wx4Vu7zojJuJpatdLAyX4Dx$IUH9la2Xq5Xg4FvSpHKzsg== date Mon, 21 Aug 2023 20:32:14 GMT content-encoding br server cloudflare cf-ray 7fa5a4ed0d8f3a82-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q202u/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame CD60	0 0	73ms 40ms	Document text/html	104.17.3.184 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/q202u/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7fa5a4edab994d7c-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 20:32:14 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	a15d907a34c6de0 Show response heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/2142218059:1692648511:OJxdK7m3b2RMQp6qa2VfqJXvp3GgbRLJfZdR4XbgOa4/7fa5a4ea9ef89974/	2 KB 2 KB	49ms 48ms	XHR text/html	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/2142218059:1692648511:OJxdK7m3b2RMQp6qa2VfqJXvp3GgbRLJfZdR4XbgOa4/7fa5a4ea9ef89974/a15d907a34c6de0 Requested by Host: heylink.me URL: https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ea9ef89974 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05216e64324895e22146627cfb668c8aa8d50682823fb63db821ef0c1df9d15c Request headers Referer https://heylink.me/daun123slot accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 CF-Challenge a15d907a34c6de0 Content-type application/x-www-form-urlencoded Response headers cf-chl-out O8qfI9Tjz/sYFHEiBGYSRSnU0tgeSNZuFSbQLYc3mwAd9GDF5deIFEtSXLz7HpMYif1VXNKHPoOq1p1E4IvrVC78H/NSWdBa2mChWhy6kSQ=$n2a97B/0u/FxJQVx1wSllw== cf-chl-out-s odieNywQGrtamIwpDzAM46Cli2D02s40uubaQ9RnX9yDqRaxBW5eBTZu5dTcr+z0syepuhBw7cVImoC8NGjPPlA2ScTZLplXN2dlzMQ+mC+CXRGr40Kq8cRDW1bw+mOJoicSGcnzAXNttKrVpK3CdcgjWBGLq1xc8ZNwy8RJz6P9W6zZdhrkG1jFDlzdChPE9A+5GX9HW+j9Pqv5sP6DaKpFfXoMODcyj+VqP42GiTH1AhycfTNZHGBCg4FMKOj9RDui8asPf6WkbMtjp0jVlQ==$ZSYxKXGCPK6iY/zgBcgv1w== date Mon, 21 Aug 2023 20:32:15 GMT content-encoding br server cloudflare content-type text/html; charset=UTF-8 cf-ray 7fa5a4efb8bd3a82-FRA alt-svc h3=":443"; ma=86400
GET H3	403	Primary Request daun123slot Show response heylink.me/	6 KB 4 KB	38ms 38ms	Document text/html	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/daun123slot Requested by Host: heylink.me URL: https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ea9ef89974 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfe4b75cd2d01eb030226b541172b263c9ec94b00cee9ba2801f367da7784058 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://heylink.me/daun123slot Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 7fa5a4ff2bb73a82-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Mon, 21 Aug 2023 20:32:17 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H3	200	challenges.css heylink.me/cdn-cgi/styles/	6 KB 3 KB	31ms 31ms	Stylesheet text/css	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/styles/challenges.css Requested by Host: heylink.me URL: https://heylink.me/daun123slot Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-AT,de;q=0.9 Referer https://heylink.me/daun123slot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 21 Aug 2023 20:32:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 17 Aug 2023 10:58:09 GMT server cloudflare etag W/"64ddfd41-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 7fa5a4ff6bed3a82-FRA expires Mon, 21 Aug 2023 22:32:17 GMT
GET H3	200	v1 Show response heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	173 KB 59 KB	44ms 44ms	Script application/javascript	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ff2bb73a82 Requested by Host: heylink.me URL: https://heylink.me/daun123slot Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff97da32213b6e44775f8563dee9e509494cc6a882fb96030ad4229ed09023c7 Request headers accept-language de-AT,de;q=0.9 Referer https://heylink.me/daun123slot?__cf_chl_rt_tk=hfmmg4v.L2jLaEzUPBaISR4mqEpXBnpVYQ34j5yYf.g-1692649937-0-gaNycGzNCiU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 21 Aug 2023 20:32:17 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding br server cloudflare cf-ray 7fa5a4ff9c363a82-FRA alt-svc h3=":443"; ma=86400 content-type application/javascript; charset=UTF-8
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/313d8a27/	29 KB 10 KB	54ms 54ms	Script application/javascript	104.17.3.184 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit Requested by Host: heylink.me URL: https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ff2bb73a82 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed Request headers Referer Origin https://heylink.me accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 21 Aug 2023 20:32:17 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 7fa5a5002cee925f-FRA alt-svc h3=":443"; ma=86400
GET		favicon_dark.ico cdn-f.heylink.me/static/img/ Redirect Chain https://heylink.me/favicon.ico https://cdn-f.heylink.me/static/img/favicon_dark.ico	0 0
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-AT,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	0fdea5d9-82d9-4e73-a464-c29148326322 https://heylink.me/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://heylink.me/0fdea5d9-82d9-4e73-a464-c29148326322 Requested by Host: heylink.me URL: https://heylink.me/daun123slot Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-AT,de;q=0.9 Referer https://heylink.me/daun123slot User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	4148122eeec9720 Show response heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/75697081:1692648532:1WoxoJdLPLryoDjH4QNJ7C6ct0PVI8pVPdEkwz3LZ2g/7fa5a4ff2bb73a82/	10 KB 7 KB	62ms 62ms	XHR text/plain	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/75697081:1692648532:1WoxoJdLPLryoDjH4QNJ7C6ct0PVI8pVPdEkwz3LZ2g/7fa5a4ff2bb73a82/4148122eeec9720 Requested by Host: heylink.me URL: https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ff2bb73a82 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612cbca4a89a67a1cef27650d870fe4a62d1090187e184ebf5c60d44c5e25528 Request headers Referer https://heylink.me/daun123slot accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 CF-Challenge 4148122eeec9720 Content-type application/x-www-form-urlencoded Response headers cf-chl-gen VLTguaEXuWaYd/E6xusTFqNAggTTQ2hHVA+C+H8xnjEeFrHo61L+MFoOmWbEMSsa$UgfizAfcywumuQnjHVD9Og== date Mon, 21 Aug 2023 20:32:18 GMT content-encoding br server cloudflare cf-ray 7fa5a500dd953a82-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3wkvr/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame BDC0	0 0	40ms 40ms	Document text/html	104.17.3.184 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3wkvr/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7fa5a5015c194d7c-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 20:32:18 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	4148122eeec9720 Show response heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/75697081:1692648532:1WoxoJdLPLryoDjH4QNJ7C6ct0PVI8pVPdEkwz3LZ2g/7fa5a4ff2bb73a82/	2 KB 2 KB	49ms 49ms	XHR text/html	104.22.13.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heylink.me/cdn-cgi/challenge-platform/h/g/flow/ov1/75697081:1692648532:1WoxoJdLPLryoDjH4QNJ7C6ct0PVI8pVPdEkwz3LZ2g/7fa5a4ff2bb73a82/4148122eeec9720 Requested by Host: heylink.me URL: https://heylink.me/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7fa5a4ff2bb73a82 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.13.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60a198bff48aee12a5d07843038e734ce0f26d71347d03860be9d9b5a32c9a1a Request headers Referer https://heylink.me/daun123slot accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 CF-Challenge 4148122eeec9720 Content-type application/x-www-form-urlencoded Response headers cf-chl-out 0zuNlO2j2oi4nfbLnpuuuMF19fkzxCzHNMwRR9Zt+zsRmdGz1ZXpQgSCguZ8jeRyvoK1GJJHWbv4WoyiiUn2B/Nvt2q1daT21pEaDW37I2s=$//oMERVtuf40bR5QWx1C8A== cf-chl-out-s AkYMo/GQsSsnBqCMvIx4rSas5pGC3sSHYgtveBnUxRuTRsyJNDMQXI9nag2Rm9syJst98X9sve2E7r0aCtsfljGVFtFR+hnoAbt+VFeE1oulpBGcGPshD1v0O1N4atRQW+dm5qeNOM1UhTftO1BWA1gb6EBdNRWMhGzrUkGYHhA5mYLp6wakoIGOkJF96yOY0u0xMyt4daorrEP5wdqbt8TH9KvP74na3P0X51eqGu82XJBHjVT4gs3M+Nd+uCw22gqso46lgZA2UDnEFgoyKg==$OwjKbrK4zuffelBXJUKVxQ== date Mon, 21 Aug 2023 20:32:18 GMT content-encoding br server cloudflare content-type text/html; charset=UTF-8 cf-ray 7fa5a503390f3a82-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn-f.heylink.me

URL

https://cdn-f.heylink.me/static/img/favicon_dark.ico

Domain

cdn-f.heylink.me

URL

https://cdn-f.heylink.me/static/img/favicon_dark.ico

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_chl_opt function| ICY6 function| ozlfeI1 function| aw3 object| Rkiqk9 function| URXdVe4 boolean| KdU6 function| vQGSCb7 function| TwZwupsVWD function| QlFv6 object| YSIJaU7 object| turnstile boolean| HVYp3 string| qja6

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			heylink.me/	1970-01-20 14:10:53	Name: cf_chl_rc_m Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://heylink.me/daun123slot Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn-f.heylink.me/static/img/favicon_dark.ico Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://heylink.me/daun123slot Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn-f.heylink.me/static/img/favicon_dark.ico Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-f.heylink.me
challenges.cloudflare.com
heylink.me
cdn-f.heylink.me
104.17.3.184
104.22.13.166
05216e64324895e22146627cfb668c8aa8d50682823fb63db821ef0c1df9d15c
1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
318eed3ffb91629e30ab304e7a766451d5ad880372c4ce0e2c5e10113b81e4e6
55de0adde0bd6905100cfa6cf33fa8f4eebd96b30551957e60102034ccfbf67a
60a198bff48aee12a5d07843038e734ce0f26d71347d03860be9d9b5a32c9a1a
612cbca4a89a67a1cef27650d870fe4a62d1090187e184ebf5c60d44c5e25528
74c98dc96d7a13b30cc5c58120f97ff9705393e81ee666ddd27d04f69716dea0
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
bfe4b75cd2d01eb030226b541172b263c9ec94b00cee9ba2801f367da7784058
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
ff97da32213b6e44775f8563dee9e509494cc6a882fb96030ad4229ed09023c7