urlscan.io logo urlscan.io
SecurityTrails logo

goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev Open in urlscan Pro
172.66.44.119  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://linktr.ee/kekon52045
Effective URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Submission: On August 20 via manual from IN — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main IP is 172.66.44.119, located in United States and belongs to CLOUDFLARENET, US. The main domain is goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev.
TLS certificate: Issued by WE1 on August 12th 2024. Valid for: 3 months.
This is the only time goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 151.101.66.133 54113 (FASTLY)
18 151.101.2.133 54113 (FASTLY)
1 151.101.130.133 54113 (FASTLY)
4 104.18.29.127 13335 (CLOUDFLAR...)
1 104.18.26.223 13335 (CLOUDFLAR...)
1 142.250.186.67 15169 (GOOGLE)
3 172.66.44.119 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2 104.18.95.41 13335 (CLOUDFLAR...)
1 172.67.163.47 13335 (CLOUDFLAR...)
1 151.101.66.137 54113 (FASTLY)
36 12
1    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
linktr.ee
18    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.production.linktr.ee
ingress.linktr.ee
1    151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
ugc.production.linktr.ee
4    104.18.29.127 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-au.onetrust.com
geolocation.onetrust.com
1    104.18.26.223 (None, )

ASN13335 (CLOUDFLARENET, US)
ciam.linktr.ee
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
3    172.66.44.119 (United States)

ASN13335 (CLOUDFLARENET, US)
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    172.67.163.47 (United States)

ASN13335 (CLOUDFLARENET, US)
synthnexilite.cbg.ru
1    151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
21 linktr.ee
linktr.ee — Cisco Umbrella Rank: 13825
assets.production.linktr.ee — Cisco Umbrella Rank: 17481
ugc.production.linktr.ee — Cisco Umbrella Rank: 23548
ciam.linktr.ee
ingress.linktr.ee — Cisco Umbrella Rank: 22199
550 KB
4 onetrust.com
cdn-au.onetrust.com — Cisco Umbrella Rank: 17015
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
10 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
30 KB
3 pages.dev
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
10 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
31 KB
1 cbg.ru
synthnexilite.cbg.ru
126 KB
1 gstatic.com
fonts.gstatic.com
46 KB
0 browser-intake-datadoghq.com Failed
logs.browser-intake-datadoghq.com Failed
36 8
Domain Requested by
17 assets.production.linktr.ee linktr.ee
assets.production.linktr.ee
3 goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev assets.production.linktr.ee
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
3 cdn-au.onetrust.com assets.production.linktr.ee
cdn-au.onetrust.com
2 challenges.cloudflare.com 1 redirects goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
1 code.jquery.com goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
1 synthnexilite.cbg.ru goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
1 cdnjs.cloudflare.com goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
1 geolocation.onetrust.com assets.production.linktr.ee
1 ingress.linktr.ee assets.production.linktr.ee
1 fonts.gstatic.com linktr.ee
1 ciam.linktr.ee assets.production.linktr.ee
1 ugc.production.linktr.ee linktr.ee
1 linktr.ee
0 logs.browser-intake-datadoghq.com Failed assets.production.linktr.ee
36 14

This site contains no links.

Subject Issuer Validity Valid
linktr.ee
R11		 2024-07-10 -
2024-10-08		 3 months crt.sh
assets.production.linktr.ee
R10		 2024-07-22 -
2024-10-20		 3 months crt.sh
ugc.production.linktr.ee
R10		 2024-06-21 -
2024-09-19		 3 months crt.sh
onetrust.com
WE1		 2024-08-15 -
2024-11-13		 3 months crt.sh
ciam.linktr.ee
E5		 2024-08-01 -
2024-10-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.linktr.ee
R11		 2024-08-07 -
2024-11-05		 3 months crt.sh
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
synthnexilite.cbg.ru
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Frame ID: 5596B307F33659EFBC639AA9859ACC98
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

obscurantism

Page URL History Show full URLs

  1. https://linktr.ee/kekon52045 Page URL
  2. https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

89 %
HTTPS

0 %
IPv6

8
Domains

14
Subdomains

12
IPs

2
Countries

802 kB
Transfer

2957 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linktr.ee/kekon52045 Page URL
  2. https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kekon52045
linktr.ee/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5378092eb4f80d01118df117bc47c44a86a9407c5f825137f1ad4300bdffa6ce
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
23316
cache-control
max-age=31536000, no-cache, stale-if-error=31536000
city
milan
client-geo-region
region-other
content-encoding
gzip
content-length
6902
content-type
text/html; charset=utf-8
continent-code
EU
country-code
IT
date
Tue, 20 Aug 2024 06:53:07 GMT
etag
W/"qh0ht72unsv03"
expect-ct
max-age=0
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=300
traceparent
00-000000000000000040523ec8b867bb87-40523ec8b867bb87-00
tracestate
dd=t.dm:1;s:0
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS, HIT, MISS
x-cache-hits
0, 0, 0, 0, 0
x-content-type-options
nosniff
x-datadog-parent-id
4634835998325848967
x-datadog-sampling-priority
0
x-datadog-trace-id
4634835998325848967
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-lt-cache
E-MISS ~> SP-HIT ~> P-MISS
x-permitted-cross-domain-policies
none
x-served-by
cache-mxp6952-MXP, cache-mxp6924-MXP, cache-mxp6924-MXP
x-timer
S1724136788.988997,VS0,VE2
x-xss-protection
0
cep.min.js
assets.production.linktr.ee/cep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/cep/cep.min.js?v2
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8d5b1c06c72b4cdd5291aa4418f412c27b938cab7e6078dc5ffc6d5a452807e

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
3281
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-key
client-event-producer
content-length
2244
x-served-by
cache-bfi-kbfi7400051-BFI, cache-mxp6966-MXP
last-modified
Mon, 24 Jun 2024 03:01:25 GMT
server
AmazonS3
x-timer
S1724136788.211220,VS0,VE0
etag
"e3be2fddea3977723c0586a5c6da3f86"
vary
Accept-Encoding, Origin
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
18521, 152
cca901a4-0e78-4fcc-a85c-c64403daced6_untitled.webp
ugc.production.linktr.ee/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugc.production.linktr.ee/cca901a4-0e78-4fcc-a85c-c64403daced6_untitled.webp?io=true&size=avatar-v3_0
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c7efd3f6c162fc96284c37162beebf2c04488383986840abd00ab35c50f7ce6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
fastly-io-served-by
vpop-haf2300704
age
110902
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2830 idim=600x600 ifmt=webp ofsz=2128 odim=400x400 ofmt=webp
fastly-stats
io=1
content-length
2128
x-served-by
cache-bfi-krnt7300057-BFI, cache-mxp6937-MXP
server
AmazonS3
x-timer
S1724136788.217495,VS0,VE1
etag
"nmjgWvNh3r1ZYVgndZSKHLWt9nQr59tBGHBBCEqW4W0"
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
x-amz-meta-filename
untitled.webp
accept-ranges
bytes
x-amz-meta-user-uuid
6e092025-8bf4-4bc7-9993-713dde70444c
x-cache-hits
60, 0
adora.js
assets.production.linktr.ee/consent-scripts/ 		596 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/consent-scripts/adora.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
729db1afb8a99c4c892c87aeba443e3dd7529449913e5a9c715c56134e34d38d

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
497975
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-key
consent-scripts
content-length
362
x-served-by
cache-bfi-krnt7300037-BFI, cache-mxp6966-MXP
last-modified
Wed, 14 Aug 2024 12:25:30 GMT
server
AmazonS3
x-timer
S1724136788.263016,VS0,VE0
etag
"87c93985fddca8fb50fec059b8d20d8f"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
43, 6798
one-trust.js
assets.production.linktr.ee/consent-scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/consent-scripts/one-trust.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01049fa7a0e911889d5395a5534895f9c2d069107ade7781eb2d7a1f0379fed2

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
395433
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-key
consent-scripts
content-length
980
x-served-by
cache-bfi-kbfi7400058-BFI, cache-mxp6966-MXP
last-modified
Thu, 15 Aug 2024 07:13:51 GMT
server
AmazonS3
x-timer
S1724136788.262995,VS0,VE0
etag
"a7c5be0f93684de270cf470ef9a6d656"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
46, 6697
55fb8d1bc167ebd8.css
assets.production.linktr.ee/profiles/_next/static/css/ 		111 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/css/55fb8d1bc167ebd8.css
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ef0ce0c991dc097dc1b3e7044bdc4994b5f447d8669ebec6e887d96aaf70c30

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
360489
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
17053
x-served-by
cache-bfi-krnt7300035-BFI, cache-mxp6957-MXP
last-modified
Fri, 16 Aug 2024 02:37:55 GMT
server
AmazonS3
x-timer
S1724136788.211421,VS0,VE0
etag
"1a913ef271b2714c51292b2564e36c26"
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
180, 2469
webpack-387e730c00c0410b.js
assets.production.linktr.ee/profiles/_next/static/chunks/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/webpack-387e730c00c0410b.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9d74ca74ac532858736dda1b49d4e5c2d8332ff2c8f33666a4ce5019f5cc913

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
360487
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6973
x-served-by
cache-bfi-kbfi7400076-BFI, cache-mxp6957-MXP
last-modified
Fri, 16 Aug 2024 02:37:55 GMT
server
AmazonS3
x-timer
S1724136788.263223,VS0,VE0
etag
"c95f611990269bb101f787638f173d93"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
180, 6214
framework-ca32d4ec620501e2.js
assets.production.linktr.ee/profiles/_next/static/chunks/ 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/framework-ca32d4ec620501e2.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ae546d4e92f77f89ee1f21abe2a82ba71f5a22f6e1f2667067f4e36dac7de31

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
4212995
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
39828
x-served-by
cache-bfi-kbfi7400045-BFI, cache-mxp6957-MXP
last-modified
Wed, 09 Aug 2023 05:10:19 GMT
server
AmazonS3
x-timer
S1724136788.263197,VS0,VE0
etag
"b1751487bfde714612f096a6773192df"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
548784, 75887
main-8a4f0e1845e55dbf.js
assets.production.linktr.ee/profiles/_next/static/chunks/ 		89 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/main-8a4f0e1845e55dbf.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fda62a6846f047d0d6526b395dd923d2122845410968edbf183bffccc22a8a5a

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
5784174
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
26610
x-served-by
cache-bfi-krnt7300066-BFI, cache-mxp6957-MXP
last-modified
Thu, 25 Jan 2024 03:01:10 GMT
server
AmazonS3
x-timer
S1724136788.263180,VS0,VE0
etag
"976ae99ea32912bf15f523280cb70607"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
3980, 67417
_app-0fc62ee28849c398.js
assets.production.linktr.ee/profiles/_next/static/chunks/pages/ 		2 MB
409 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/pages/_app-0fc62ee28849c398.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1794e74f42ad7f384d853b5f75579c37ca4f367ca166a8899df20aff64ec0a9f

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
32658
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
418870
x-served-by
cache-bfi-krnt7300110-BFI, cache-mxp6957-MXP
last-modified
Mon, 19 Aug 2024 21:42:14 GMT
server
AmazonS3
x-timer
S1724136788.263166,VS0,VE0
etag
"b86e54075ebe191a07885a8beabed653"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
229, 85
7773-dadb5262e1fc1b6f.js
assets.production.linktr.ee/profiles/_next/static/chunks/ 		492 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/7773-dadb5262e1fc1b6f.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99eb32988a982ed4d9c6dc6504c3f80db3b9427abdbe23f859da14a4ebe6d882

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
360490
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
32288
x-served-by
cache-bfi-krnt7300105-BFI, cache-mxp6957-MXP
last-modified
Fri, 16 Aug 2024 02:37:51 GMT
server
AmazonS3
x-timer
S1724136788.263487,VS0,VE0
etag
"d9f880c44e81391128e3a59fc1ae9faf"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
178, 6223
%5Bprofile%5D-e6d32ab588179db6.js
assets.production.linktr.ee/profiles/_next/static/chunks/pages/ 		301 B
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/pages/%5Bprofile%5D-e6d32ab588179db6.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cab42948a79f898e9ab0c2a27860c56a197e68583af74f6f122712ff9402e4c

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
2461292
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
172
x-served-by
cache-bfi-krnt7300031-BFI, cache-mxp6957-MXP
last-modified
Mon, 22 Jul 2024 19:04:15 GMT
server
AmazonS3
x-timer
S1724136788.263463,VS0,VE0
etag
"126f0433ba548d17e8253f9a5df8da11"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
240, 76923
_buildManifest.js
assets.production.linktr.ee/profiles/_next/static/c14afb3d577d2e2254c4b0d66954b96b6d53e201/ 		1 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/c14afb3d577d2e2254c4b0d66954b96b6d53e201/_buildManifest.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6afb7ac881d8469d1e400500c2f0cdd9839dadee09fabf5d7b4d4157c340be8e

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
32681
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
430
x-served-by
cache-bfi-krnt7300105-BFI, cache-mxp6957-MXP
last-modified
Mon, 19 Aug 2024 21:42:11 GMT
server
AmazonS3
x-timer
S1724136788.263450,VS0,VE0
etag
"7b5dbd0fd1fa8ee450ccbd4a81fb68d0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding, Origin
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
44, 193
_ssgManifest.js
assets.production.linktr.ee/profiles/_next/static/c14afb3d577d2e2254c4b0d66954b96b6d53e201/ 		77 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/c14afb3d577d2e2254c4b0d66954b96b6d53e201/_ssgManifest.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
32681
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
52
x-served-by
cache-bfi-kbfi7400058-BFI, cache-mxp6957-MXP
last-modified
Mon, 19 Aug 2024 21:42:11 GMT
server
AmazonS3
x-timer
S1724136788.263508,VS0,VE0
etag
"b6652df95db52feb4daf4eca35380933"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding, Origin
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
46, 194
otSDKStub.js
cdn-au.onetrust.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-au.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: assets.production.linktr.ee
URL: https://assets.production.linktr.ee/consent-scripts/one-trust.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Aug 2024 06:53:09 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Wbr2pAeg61Hfi+2FuD0cYA==
age
58007
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 12:36:00 GMT
server
cloudflare
etag
0x8DCB15D5545870B
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bacff0f7-a01e-006e-7957-e32f9b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b6076f3bd5c374d-MXP
expires
Wed, 21 Aug 2024 06:53:09 GMT
profiles-LeapLink.196a4de9b2539ec2.js
assets.production.linktr.ee/profiles/_next/static/chunks/ 		1 KB
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/profiles-LeapLink.196a4de9b2539ec2.js
Requested by
Host: assets.production.linktr.ee
URL: https://assets.production.linktr.ee/profiles/_next/static/chunks/webpack-387e730c00c0410b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1efe78a09bcc778cf4de1dc7cb6b6a2465c2a0c1d20bd0273318eabd4aa4e5bf

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
4298453
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
583
x-served-by
cache-bfi-kbfi7400065-BFI, cache-mxp6957-MXP
last-modified
Wed, 22 May 2024 04:54:01 GMT
server
AmazonS3
x-timer
S1724136789.553577,VS0,VE0
etag
"5290f74e00f133f89b25f762748b6d01"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
452, 664
follow-ToastMessage.977ad2a3bb5e048b.js
assets.production.linktr.ee/profiles/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/chunks/follow-ToastMessage.977ad2a3bb5e048b.js
Requested by
Host: assets.production.linktr.ee
URL: https://assets.production.linktr.ee/profiles/_next/static/chunks/webpack-387e730c00c0410b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c93abe3c926785f63094396d9b153a50b23d33cd8e338af2ed93218fa3b15e13

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:08 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
2202960
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1089
x-served-by
cache-bfi-kbfi7400073-BFI, cache-mxp6957-MXP
last-modified
Thu, 25 Jul 2024 18:49:05 GMT
server
AmazonS3
x-timer
S1724136789.553536,VS0,VE0
etag
"37fda4b27e2895d7e1686bc97d3534c1"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://linktr.ee
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
338, 77536
refresh
ciam.linktr.ee/v1/auth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ciam.linktr.ee/v1/auth/refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-descope-sdk-name,x-descope-sdk-version
Access-Control-Request-Method
POST
Origin
https://linktr.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Accept,Authorization,current-project,x-csrf-token,x-current-project,x-current-company,x-descope-sdk-name,x-descope-sdk-version,x-descope-sdk-sha,x-descope-sdk-go-version,x-descope-sdk-python-version,x-descope-sdk-node-version,x-descope-sdk-java-version,x-descope-widget-id,x-descope-widget-type,x-descope-widget-version,x-request-id,x-feature-flags,cf-ipcountry,cf-ja3-hash,cf-bot-score,cf-threat-score,cf-verified-bot,cf-ray,cf-ipcity,cf-iplatitude,cf-iplongitude,cf-connecting-ip,x-hub-signature-256,sec-fetch-dest
access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-origin
https://linktr.ee
access-control-expose-headers
x-csrf-token,Content-Disposition
access-control-max-age
604800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b6076f3d9225252-MXP
date
Tue, 20 Aug 2024 06:53:09 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
refresh
ciam.linktr.ee/v1/auth/ 		0
0
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: linktr.ee
URL: https://linktr.ee/kekon52045
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://linktr.ee/
Origin
https://linktr.ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:46:48 GMT
x-content-type-options
nosniff
age
576381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46552
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:46:48 GMT
uLZfGRmpj7
ingress.linktr.ee/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ingress.linktr.ee/uLZfGRmpj7
Requested by
Host: assets.production.linktr.ee
URL: https://assets.production.linktr.ee/cep/cep.min.js?v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
d5c19ad0-1f05-4c37-9934-1585c94aab5c.json
cdn-au.onetrust.com/consent/d5c19ad0-1f05-4c37-9934-1585c94aab5c/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-au.onetrust.com/consent/d5c19ad0-1f05-4c37-9934-1585c94aab5c/d5c19ad0-1f05-4c37-9934-1585c94aab5c.json
Requested by
Host: assets.production.linktr.ee
URL: https://assets.production.linktr.ee/profiles/_next/static/chunks/pages/_app-0fc62ee28849c398.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Aug 2024 06:53:10 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12290
content-md5
cMssyPnaS0Kyf7WKcNxPcw==
content-length
1781
x-ms-lease-status
unlocked
last-modified
Sat, 27 Jul 2024 02:06:41 GMT
server
cloudflare
etag
0x8DCADE0C1B85130
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bab2613b-601e-002c-1cc9-df961b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b6076fd4f7259bf-MXP
favicon.png
assets.production.linktr.ee/profiles/_next/static/logo-assets/ 		385 B
613 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/logo-assets/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9433eb3fbf81353e12f3fac6bccc5d39c53c4db8592644016607df2bde6512c3

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:09 GMT
via
1.1 varnish, 1.1 varnish
age
2226308
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
385
x-served-by
cache-bfi-kbfi7400035-BFI, cache-mxp6966-MXP
last-modified
Tue, 03 Oct 2023 03:52:18 GMT
server
AmazonS3
x-timer
S1724136789.193886,VS0,VE0
etag
"03cbdb5568748cea7d3f07d5aa4dec3a"
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1355, 20948
favicon.ico
assets.production.linktr.ee/profiles/_next/static/logo-assets/ 		1 KB
496 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/logo-assets/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f57fbb9ca3b6a9f3562087fd0945ca6a7a4c26b291647e67a96e293f10320da0

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:09 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
age
2331211
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
244
x-served-by
cache-bfi-kbfi7400092-BFI, cache-mxp6966-MXP
last-modified
Tue, 03 Oct 2023 03:52:18 GMT
server
AmazonS3
x-timer
S1724136789.235688,VS0,VE0
etag
"a4e5c9bd1eae41565e13fb79f0f52d77"
vary
Accept-Encoding, Origin
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
2495, 20557
favicon-32x32.png
assets.production.linktr.ee/profiles/_next/static/logo-assets/ 		615 B
756 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.production.linktr.ee/profiles/_next/static/logo-assets/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ddbbce136f527bab046a745e15cfed867f1df8b72cc61f2560d7b55d78b577e

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:09 GMT
via
1.1 varnish, 1.1 varnish
age
4150716
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
615
x-served-by
cache-bfi-kbfi7400077-BFI, cache-mxp6966-MXP
last-modified
Tue, 03 Oct 2023 03:52:18 GMT
server
AmazonS3
x-timer
S1724136789.285544,VS0,VE0
etag
"99cfbba81b9fb99feb0ad543564f2394"
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
4361, 20436
Primary Request /
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Requested by
Host: assets.production.linktr.ee
URL: https://assets.production.linktr.ee/profiles/_next/static/chunks/profiles-LeapLink.196a4de9b2539ec2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4ded295322c4eadb94e6b6f5bae8db709b6f501f50aec1253571f255a4a5ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://linktr.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8b6076fe0f310e02-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 06:53:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXSvwhhMxeg9rrL3YVCoJMA5aEi8PiZMhKymwtUxc6anCL7Vtuxp54OA2dayLImK02%2FIhgqqfYr7ViDEjH4XmnWdkt7m2xe1xNE4o9Z5r03ISzkR2QVRsgVZTQH33HYLJ8mtv5nreyGCsKhIPf8AnbXQCQ5g1ssQ0ptTELM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
logs
logs.browser-intake-datadoghq.com/api/v2/ 		0
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: assets.production.linktr.ee
URL: https://assets.production.linktr.ee/profiles/_next/static/chunks/pages/_app-0fc62ee28849c398.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8b6076fdd86959bf-MXP
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-au.onetrust.com/scripttemplates/202407.1.0/ 		18 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-au.onetrust.com/scripttemplates/202407.1.0/otBannerSdk.js
Requested by
Host: cdn-au.onetrust.com
URL: https://cdn-au.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://linktr.ee/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Aug 2024 06:53:10 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
OB5ZPaM1F+xqSvW4fnjknQ==
age
1289
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112090
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jul 2024 14:42:04 GMT
server
cloudflare
etag
0x8DCA280CBF3DB9D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b6bbe4a5-101e-0009-6577-d43f67000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b6076fe4c27374d-MXP
expires
Wed, 21 Aug 2024 06:53:10 GMT
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Requested by
Host: goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
385942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14107
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-bb78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EEbvmTJBBus6nzrREj%2BfehjqY1%2FTwvNNHDvAXb2ZfYQF3Gt%2BNwuSmvCnpqUS0qbDfHTA5Vf1%2F4NpcXmEglXzYuf6hVLe%2BEWWZIYQQgnqRYnTyTvBzzUz39BAJrtXwSVQ2bIvROK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b607702d98259b3-MXP
expires
Sun, 10 Aug 2025 06:53:11 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
Requested by
Host: goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Protocol
H2
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:11 GMT
content-encoding
br
last-modified
Thu, 15 Aug 2024 16:28:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8b60770338523752-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 20 Aug 2024 06:53:11 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/6790c32b9fc9/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8b607702eff13752-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
/
synthnexilite.cbg.ru// 		165 KB
126 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://synthnexilite.cbg.ru//
Requested by
Host: goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6cf10cd0604bf49569e364b2adc94224d54354535d059a9a2e9b72c9cf9541

Request headers

Referer
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Aug 2024 06:53:14 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=516TUzVgB5Z%2BCqQ%2BunQTRXDRvH%2FJTMHdazlvO7DRVwg5pin7zSaZJgDjPXa7dvAhepqlo74Gd2oPykM66L6amYF1Faz1L0ntIiOA%2Fb4k2hH0aAJXuqwXdZczjp%2BAxdpeldPau%2F5iww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
8b607707bcee526c-MXP
alt-svc
h3=":443"; ma=86400
content-length
128132
favicon.ico
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/ 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4ded295322c4eadb94e6b6f5bae8db709b6f501f50aec1253571f255a4a5ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:11 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=II7UZWC3cxYlrqWiArf89GU0XNqHfae61lKaOnAytwxihQUVP6BBfZnPAoDCZNPzQLVxNCxXrn%2FENm9cjO9U9SagaekynqKRsakF8aChQ45X9%2FQZ%2Ff5wSe7uMKnhUhohc8XS4%2FLYEuflAgoh2f%2Fh6j%2BMc5cqKoIUhvl58ac%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8b6077047f2c0e02-MXP
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 20 Aug 2024 06:53:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2154540
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6945-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724136795.955651,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
93803, 961204
,
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/,
Requested by
Host: goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 06:53:14 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h63t90kfw7pNRH3EKVFAF2Vq8X5%2BIFK4USVGm%2BHjaBPOHOMaN6tlOlccLNHwo0XcxCBKZPc8%2BxayaW0kVxQ7In7j7S2k46axQuscF0EKZb8aAkT1o1d5%2BnLdZgrRDc%2Bke2aDIT9OIGJWg7AN3FroSszRwgEWCFF24N%2BwQXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8b6077146cb00e02-MXP
alt-svc
h3=":443"; ma=86400
,
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/ 		0
0
truncated
/ 		496 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4623ca999744624a837f54806a96901fb05352c84addb1208c382e12733bbe6f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9e7b808d5f429a2f704eeb999d572fe2884ce9f763823c021723d7b3ac90fbc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d88618abd8d28ca19625380b7ae28a1e1086063ce7c66fc3257464f5f5b4c71

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		231 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
906f71d6d2948b4ac632811cce156c73e0d73a9045ee83a42822824de2b0bb3f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18fb69e74d40c9203eb732e5ba423b45fcf1d2b48f6d38efe87a08bb686fd94e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe4c1d8917b395d0f058f165778769d4dd7a214f2b3d226c50b992d593f602e7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ciam.linktr.ee
URL
https://ciam.linktr.ee/v1/auth/refresh
Domain
logs.browser-intake-datadoghq.com
URL
https://logs.browser-intake-datadoghq.com/api/v2/logs?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Abeacon%2Cenv%3Aproduction%2Cservice%3Aprofiles&dd-api-key=pub42f389bd36fc9203ee133e9277bf57f4&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=09dc32ec-1f08-4431-a3e1-519e9c681b69
Domain
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
URL
https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/,

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CryptoJS object| turnstile function| machination function| jadeite function| $ function| jQuery function| gB string| abidance function| value function| uF function| faggot function| pagination function| gameness function| yippee function| b

10 Cookies

Domain/Path Name / Value
.linktr.ee/ Name: countryCode
Value: IT
.linktr.ee/ Name: ipOverride
Value: 185.198.62.23
.linktr.ee/ Name: city
Value: milan
.linktr.ee/ Name: region
Value: MI
.linktr.ee/ Name: browserId
Value: 1abcde8d-f561-4c01-a977-7d4308138a20
.linktr.ee/ Name: sessionId
Value: fda6f172-0652-4f5d-a9d8-e62add371517
linktr.ee/ Name: _dd_s
Value: logs=1&id=bb644904-d0b4-4be5-9d8f-1a164828f030&created=1724136788521&expire=1724137688521
.ciam.linktr.ee/ Name: __cf_bm
Value: ijcDY4EserGw0lVih4DhZh4.28WvEoLAGdSd7AinwL0-1724136790-1.0.1.1-uvvZu3vuThGZHg9mrZc.V7e0R9LdJqLwp1M_St6jmSO86ELe2wJ1EHrEzdHcejG.l.zVTCyPegPQ51Bye257rQ
.ciam.linktr.ee/ Name: _cfuvid
Value: S1QDeVk0.74B9HBnWSMv5bUkNXhtOnSh.kslHjpH.2Q-1724136790833-0.0.1.1-604800000
.linktr.ee/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Aug+20+2024+08%3A53%3A11+GMT%2B0200+(Ora+legale+dell%E2%80%99Europa+centrale)&version=202407.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=b259e5cf-ead3-484d-a19c-b6ea16695b8b&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Flinktr.ee%2Fkekon52045

2 Console Messages

Source Level URL
Text
javascript warning URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/(Line 23)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev/(Line 23)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.production.linktr.ee
cdn-au.onetrust.com
cdnjs.cloudflare.com
challenges.cloudflare.com
ciam.linktr.ee
code.jquery.com
fonts.gstatic.com
geolocation.onetrust.com
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
ingress.linktr.ee
linktr.ee
logs.browser-intake-datadoghq.com
synthnexilite.cbg.ru
ugc.production.linktr.ee
ciam.linktr.ee
goodlifepaidrqwrrqwrdfhfhdfg-com.pages.dev
logs.browser-intake-datadoghq.com
104.17.25.14
104.18.26.223
104.18.29.127
104.18.95.41
142.250.186.67
151.101.130.133
151.101.2.133
151.101.66.133
151.101.66.137
172.66.44.119
172.67.163.47
01049fa7a0e911889d5395a5534895f9c2d069107ade7781eb2d7a1f0379fed2
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
1794e74f42ad7f384d853b5f75579c37ca4f367ca166a8899df20aff64ec0a9f
18fb69e74d40c9203eb732e5ba423b45fcf1d2b48f6d38efe87a08bb686fd94e
1d6cf10cd0604bf49569e364b2adc94224d54354535d059a9a2e9b72c9cf9541
1efe78a09bcc778cf4de1dc7cb6b6a2465c2a0c1d20bd0273318eabd4aa4e5bf
3ae546d4e92f77f89ee1f21abe2a82ba71f5a22f6e1f2667067f4e36dac7de31
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
4623ca999744624a837f54806a96901fb05352c84addb1208c382e12733bbe6f
4d88618abd8d28ca19625380b7ae28a1e1086063ce7c66fc3257464f5f5b4c71
5378092eb4f80d01118df117bc47c44a86a9407c5f825137f1ad4300bdffa6ce
6afb7ac881d8469d1e400500c2f0cdd9839dadee09fabf5d7b4d4157c340be8e
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
729db1afb8a99c4c892c87aeba443e3dd7529449913e5a9c715c56134e34d38d
7c7efd3f6c162fc96284c37162beebf2c04488383986840abd00ab35c50f7ce6
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55
8ddbbce136f527bab046a745e15cfed867f1df8b72cc61f2560d7b55d78b577e
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
8ef0ce0c991dc097dc1b3e7044bdc4994b5f447d8669ebec6e887d96aaf70c30
906f71d6d2948b4ac632811cce156c73e0d73a9045ee83a42822824de2b0bb3f
9433eb3fbf81353e12f3fac6bccc5d39c53c4db8592644016607df2bde6512c3
99eb32988a982ed4d9c6dc6504c3f80db3b9427abdbe23f859da14a4ebe6d882
9cab42948a79f898e9ab0c2a27860c56a197e68583af74f6f122712ff9402e4c
bd4ded295322c4eadb94e6b6f5bae8db709b6f501f50aec1253571f255a4a5ce
c93abe3c926785f63094396d9b153a50b23d33cd8e338af2ed93218fa3b15e13
c9d74ca74ac532858736dda1b49d4e5c2d8332ff2c8f33666a4ce5019f5cc913
d8d5b1c06c72b4cdd5291aa4418f412c27b938cab7e6078dc5ffc6d5a452807e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e7b808d5f429a2f704eeb999d572fe2884ce9f763823c021723d7b3ac90fbc
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
f57fbb9ca3b6a9f3562087fd0945ca6a7a4c26b291647e67a96e293f10320da0
fda62a6846f047d0d6526b395dd923d2122845410968edbf183bffccc22a8a5a
fe4c1d8917b395d0f058f165778769d4dd7a214f2b3d226c50b992d593f602e7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e