URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Submission: On November 08 via api from BE

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 22 HTTP transactions.
The main IP is 104.254.152.2, located in Canada and belongs to HURRICANE - Hurricane Electric LLC, US. The main domain is link.heytens.com.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
2 104.254.152.2 6939 (HURRICANE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
10 151.139.243.20 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
22 6
Domain
Subdomains
Transfer
10 mydialoginsight.com
29 MB
6 fonts.googleapis.com
3 KB
2 twitter.com
29 KB
2 heytens.com
12 KB
1 gstatic.com
9 KB
1 ajax.googleapis.com
30 KB
22 6
Domain Requested by
10 cdn.mydialoginsight.com link.heytens.com
6 fonts.googleapis.com link.heytens.com
2 platform.twitter.com link.heytens.com
platform.twitter.com
2 link.heytens.com link.heytens.com
1 fonts.gstatic.com ajax.googleapis.com
1 ajax.googleapis.com link.heytens.com
22 6

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.googleapis.com
GTS CA 1O1
2019-10-16 -
2020-01-08
3 months
cdn.mydialoginsight.com
Let's Encrypt Authority X3
2019-09-19 -
2019-12-18
3 months
*.google.com
GTS CA 1O1
2019-10-10 -
2020-01-02
3 months
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
157.html
/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh
51 KB
12 KB
Document
General
Full URL
http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
HTTP/1.1
Server
104.254.152.2 , Canada, ASN6939 (HURRICANE - Hurricane Electric LLC, US),
Reverse DNS
secure.mydialoginsight.com
Software
/
Resource Hash
fabcb8800fa279225401caf190896023dc0046479578c3c778bfde3304cc18e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
link.heytens.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-Robots-Tag
noindex
X-UA-Compatible
IE=Edge
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Date
Fri, 08 Nov 2019 16:27:20 GMT
Content-Length
11593
css?family=Lato
fonts.googleapis.com
767 B
435 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 16:27:20 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 16:27:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 16:27:20 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5
84 KB
30 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 21:20:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
587223
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30082
X-XSS-Protection
0
Expires
Sat, 31 Oct 2020 21:20:17 GMT
widgets.js
platform.twitter.com
95 KB
29 KB
Script
General
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E7) /
Resource Hash
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 16:27:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Oct 2019 23:03:20 GMT
Server
ECS (fcn/40E7)
Etag
"dbb5834a50c19a7a8e3ad3ae8f1c1329+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28705
iFQezYkh.gif
/T/OFC4/T/13276/204226
43 B
313 B
Image
General
Full URL
http://link.heytens.com/T/OFC4/T/13276/204226/iFQezYkh.gif
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
HTTP/1.1
Server
104.254.152.2 , Canada, ASN6939 (HURRICANE - Hurricane Electric LLC, US),
Reverse DNS
secure.mydialoginsight.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 16:27:20 GMT
Referrer-Policy
same-origin
Content-Type
image/gif
Cache-Control
private
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex
Content-Length
43
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
logo.png
cdn.mydialoginsight.com/T/OFSYS/H/C1300/388/ZYgKtV
11 KB
12 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/388/ZYgKtV/logo.png
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d9bfef0274c6bd0600ad35a1d707e4639782285e06b186af0808a433b74a4d85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:20 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="LOGO.png";
content-length
11691
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 09:44:51 GMT
decodays-fr-3.jpg
cdn.mydialoginsight.com/T/OFSYS/H/C1300/575/MSqpOE
127 KB
128 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/575/MSqpOE/decodays-fr-3.jpg
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
10e8c05ddc4e6c1262739db7dfb275a2c1b7bad6e4be7bd70a0ad1ad20eca3cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="decodays-fr-3.jpg";
content-length
130342
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 09:51:36 GMT
rb-tr-196-jpg-retouch.jpg
cdn.mydialoginsight.com/T/OFSYS/H/C1300/572/vv7eEG
28 MB
28 MB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/572/vv7eEG/rb-tr-196-jpg-retouch.jpg
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d7867041d11474f08de15398c9ee98a5a9a543fbd1abf9c9140e334c23948898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="RB_TR_196+JPG-retouch.jpg";
content-length
29848818
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 12:36:14 GMT
logo.png
cdn.mydialoginsight.com/T/OFSYS/H/C1300/444/WduBvp
173 KB
173 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/444/WduBvp/logo.png
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b761a06dcb02eea69bdb92ce8b9da378997d9f308c833fa08d619411c8630d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="Logo.png";
content-length
176664
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 12:36:14 GMT
wintershoot.jpg
cdn.mydialoginsight.com/T/OFSYS/H/C1300/445/hyvGLR
332 KB
333 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/445/hyvGLR/wintershoot.jpg
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0dbd48a1f991bb2ec8791d81a1b0fa90d2ec032f99a48f940beb7a7bc7ea2299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="Wintershoot.jpg";
content-length
339985
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 12:36:14 GMT
logo.png
cdn.mydialoginsight.com/T/OFSYS/H/C1300/373/Gmlvsg
11 KB
12 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/373/Gmlvsg/logo.png
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d9bfef0274c6bd0600ad35a1d707e4639782285e06b186af0808a433b74a4d85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="LOGO.png";
content-length
11691
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 09:27:23 GMT
css?family=Roboto
fonts.googleapis.com
2 KB
535 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 16:27:20 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 16:27:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 16:27:20 GMT
css?family=Open+Sans
fonts.googleapis.com
2 KB
553 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 16:27:20 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 16:27:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 16:27:20 GMT
css?family=Oswald
fonts.googleapis.com
2 KB
500 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
f668753c306400ef364c104b0bc10fed6ec4f75d6d059ca5fe053ed50bc7ccc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 16:27:20 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 16:27:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 16:27:20 GMT
css?family=Montserrat
fonts.googleapis.com
2 KB
510 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e4ad5784c7123f5e5acf19919e5979228a042d0fa8555c94c06e979652c33e2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 16:27:20 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 16:27:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 16:27:20 GMT
css?family=Dosis
fonts.googleapis.com
998 B
423 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Dosis
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d385c560bb0b19c371c59a0ad3281114287c37892405f52e31ef24a161e13e3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 16:27:20 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 16:27:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 16:27:20 GMT
white-logo-big-facebook.png
cdn.mydialoginsight.com/T/OFSYS/H/C1300/568/qkkrK2
1 KB
2 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/568/qkkrK2/white-logo-big-facebook.png
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0ff946d54bc1ab8094f6cdd58295f18c945130a24d24480738fc05c67b2be9e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="white-logo-big-facebook.png";
content-length
1384
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 12:39:16 GMT
white-logo-big-pinterest.png
cdn.mydialoginsight.com/T/OFSYS/H/C1300/567/CAGkKh
3 KB
3 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/567/CAGkKh/white-logo-big-pinterest.png
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
052f2ad489af16f7c0820b45f0ae310c2823c0c71e7b2196fac1a84733db4a2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="white-logo-big-pinterest.png";
content-length
2762
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 12:44:48 GMT
white-logo-big-instagram.png
cdn.mydialoginsight.com/T/OFSYS/H/C1300/566/86b8IJ
3 KB
3 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/566/86b8IJ/white-logo-big-instagram.png
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94c63b45f495234ce6fb4ddc62b243d8ce926181cf8f6a93963952b77ecfcb33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="white-logo-big-instagram.png";
content-length
2757
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 12:44:47 GMT
white-logo-big-link.png
cdn.mydialoginsight.com/T/OFSYS/H/C1300/565/f95kf5
2 KB
2 KB
Image
General
Full URL
https://cdn.mydialoginsight.com/T/OFSYS/H/C1300/565/f95kf5/white-logo-big-link.png
Requested by
Host: link.heytens.com
URL: http://link.heytens.com/T/OFSYS/SM2/1300/2/S/F/13276/204226/iFQezYkh/157.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.20 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
3a61c644b062e870f8c48d2f5566ed95d99bae0f612290b1dfffd35ba7e3b63f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 16:27:21 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-disposition
filename="white-logo-big-link.png";
content-length
2017
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 09 Nov 2019 12:44:44 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans
Origin
http://link.heytens.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 10:18:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
713358
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Fri, 30 Oct 2020 10:18:03 GMT
widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=http%3A%2F%2Flink.heytens.com
platform.twitter.com/widgets
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=http%3A%2F%2Flink.heytens.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Nov 2019 16:27:21 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4185)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| storeJavaScriptPath function| includeJavascript function| $ function| jQuery object| __twttrll object| twttr object| __twttr boolean| ContainsFBRoot function| AddFBRoot

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ajax.googleapis.com
cdn.mydialoginsight.com
fonts.googleapis.com
fonts.gstatic.com
link.heytens.com
platform.twitter.com


104.254.152.2
151.139.243.20
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:817::200a
2a00:1450:4001:820::200a
2a00:1450:4001:821::2003

052f2ad489af16f7c0820b45f0ae310c2823c0c71e7b2196fac1a84733db4a2c
0dbd48a1f991bb2ec8791d81a1b0fa90d2ec032f99a48f940beb7a7bc7ea2299
0ff946d54bc1ab8094f6cdd58295f18c945130a24d24480738fc05c67b2be9e9
10e8c05ddc4e6c1262739db7dfb275a2c1b7bad6e4be7bd70a0ad1ad20eca3cf
3a61c644b062e870f8c48d2f5566ed95d99bae0f612290b1dfffd35ba7e3b63f
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
94c63b45f495234ce6fb4ddc62b243d8ce926181cf8f6a93963952b77ecfcb33
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
b761a06dcb02eea69bdb92ce8b9da378997d9f308c833fa08d619411c8630d7c
d385c560bb0b19c371c59a0ad3281114287c37892405f52e31ef24a161e13e3f
d7867041d11474f08de15398c9ee98a5a9a543fbd1abf9c9140e334c23948898
d9bfef0274c6bd0600ad35a1d707e4639782285e06b186af0808a433b74a4d85
e4ad5784c7123f5e5acf19919e5979228a042d0fa8555c94c06e979652c33e2e
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9
f668753c306400ef364c104b0bc10fed6ec4f75d6d059ca5fe053ed50bc7ccc5
fabcb8800fa279225401caf190896023dc0046479578c3c778bfde3304cc18e2