urlscan.io logo urlscan.io
SecurityTrails logo

linktr.ee Open in urlscan Pro
50.112.83.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://linktr.ee/MagaLuBlackFriday?fbclid=IwAR1snA0LZ43Xz42yBU8TWy6W87AKBTSAzsViyt9QOiy2QI2ueJDMtTOIJAM
Effective URL: https://linktr.ee/status/blocked?username=magalublackfriday
Submission Tags: phishing malicious Search All
Submission: On April 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 8 HTTP transactions. The main IP is 50.112.83.130, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is linktr.ee.
TLS certificate: Issued by Amazon on December 9th 2019. Valid for: a year.
This is the only time linktr.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 50.112.83.130 16509 (AMAZON-02)
4 2600:9000:215... 16509 (AMAZON-02)
1 13.225.81.150 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
8 6
3    50.112.83.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-83-130.us-west-2.compute.amazonaws.com
linktr.ee
4    2600:9000:2156:4600:11:4dce:8880:21 (United States)

ASN16509 (AMAZON-02, US)
d1qr63pinnvtia.cloudfront.net
1    13.225.81.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-81-150.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2156:a200:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed.typeform.com
Domain Requested by
4 d1qr63pinnvtia.cloudfront.net linktr.ee
3 linktr.ee 2 redirects
1 embed.typeform.com linktr.ee
1 www.googletagmanager.com linktr.ee
1 www.datadoghq-browser-agent.com linktr.ee
8 5

This site contains no links.

Subject Issuer Validity Valid
linktr.ee
Amazon		 2019-12-09 -
2021-01-09		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-08 -
2021-04-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.typeform.com
Amazon		 2019-12-24 -
2021-01-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://linktr.ee/status/blocked?username=magalublackfriday
Frame ID: 61690D69860DDCE71B851C0346906104
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://linktr.ee/MagaLuBlackFriday?fbclid=IwAR1snA0LZ43Xz42yBU8TWy6W87AKBTSAzsViyt9QOiy2QI2ue... HTTP 301
    https://linktr.ee/MagaLuBlackFriday?fbclid=IwAR1snA0LZ43Xz42yBU8TWy6W87AKBTSAzsViyt9QOiy2QI2ue... HTTP 301
    https://linktr.ee/status/blocked?username=magalublackfriday Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i

Page Statistics

8
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

301 kB
Transfer

1052 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://linktr.ee/MagaLuBlackFriday?fbclid=IwAR1snA0LZ43Xz42yBU8TWy6W87AKBTSAzsViyt9QOiy2QI2ueJDMtTOIJAM HTTP 301
    https://linktr.ee/MagaLuBlackFriday?fbclid=IwAR1snA0LZ43Xz42yBU8TWy6W87AKBTSAzsViyt9QOiy2QI2ueJDMtTOIJAM HTTP 301
    https://linktr.ee/status/blocked?username=magalublackfriday Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request blocked
linktr.ee/status/
Redirect Chain
  • http://linktr.ee/MagaLuBlackFriday?fbclid=IwAR1snA0LZ43Xz42yBU8TWy6W87AKBTSAzsViyt9QOiy2QI2ueJDMtTOIJAM
  • https://linktr.ee/MagaLuBlackFriday?fbclid=IwAR1snA0LZ43Xz42yBU8TWy6W87AKBTSAzsViyt9QOiy2QI2ueJDMtTOIJAM
  • https://linktr.ee/status/blocked?username=magalublackfriday
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.83.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-83-130.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
93948ff2613d877c4ee9ab873682de3e8e1538efec164e39d437c3332b26d416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
linktr.ee
:scheme
https
:path
/status/blocked?username=magalublackfriday
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 09 Apr 2020 07:42:32 GMT
content-type
text/html; charset=UTF-8
content-length
4592
server
nginx
vary
Accept-Encoding
cache-control
max-age=604800, public, s-maxage=604800, stale-if-error=2592000, stale-while-revalidate=604800
set-cookie
lt_uid=deleted; expires=Wed, 10-Apr-2019 07:28:55 GMT; Max-Age=0; path=/; httponly
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
content-encoding
gzip
x-varnish
135638576 144227401
age
815
via
1.1 varnish (Varnish/5.2)
x-cache
HIT
accept-ranges
bytes

Redirect headers

status
301
date
Thu, 09 Apr 2020 07:42:31 GMT
content-type
text/html; charset=UTF-8
content-length
414
server
nginx
location
/status/blocked?username=magalublackfriday
set-cookie
lt_uid=deleted; expires=Wed, 10-Apr-2019 07:30:33 GMT; Max-Age=0; path=/; httponly
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
x-varnish
122132274 137801545
age
717
via
1.1 varnish (Varnish/5.2)
x-cache
HIT
status.css
d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/ 		1 KB
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/status.css
Requested by
Host: linktr.ee
URL: https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:11:4dce:8880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b15e360a920df58ed2f9b2ff37cf445d17fc7a2fed6df61dcba278a315d058c7

Request headers

Referer
https://linktr.ee/status/blocked?username=magalublackfriday
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 09 Apr 2020 07:23:49 GMT
content-encoding
gzip
last-modified
Thu, 09 Apr 2020 07:04:04 GMT
server
AmazonS3
age
1124
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
RAAeIdbvf-gqfzWqXq-7HoAPiOWQyrCnLe3DBFBA8jrBXlk0rQWqJA==
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
vendors~admin~auth~auth-v2~cms~contentWarning~instagramLoginDeprecation~leapLink~react~service~signup~views.js
d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/vendors~admin~auth~auth-v2~cms~contentWarning~instagramLoginDeprecation~leapLink~react~service~signup~views.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:11:4dce:8880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf602d52f680cae5a5fc440cc367fdaf8acfe55ae864b9257afd9d290eba3a97

Request headers

Referer
https://linktr.ee/status/blocked?username=magalublackfriday
Origin
https://linktr.ee
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 07:13:14 GMT
content-encoding
gzip
last-modified
Thu, 09 Apr 2020 07:04:04 GMT
server
AmazonS3
age
1759
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
access-control-allow-origin
*
x-amz-cf-id
fGgLQpTUEW3B3jDU0EUiCnDG5iGhN6s4WF3dwGK8SWPuVTfEK9Z-XA==
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
vendors~admin~auth~auth-v2~cms~instagramLoginDeprecation~react~signup~views.js
d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/vendors~admin~auth~auth-v2~cms~instagramLoginDeprecation~react~signup~views.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:11:4dce:8880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
276ac95594f22f894e4daf2c07b9ac2f0fdc816d85fa41ddd67566a609543a32

Request headers

Referer
https://linktr.ee/status/blocked?username=magalublackfriday
Origin
https://linktr.ee
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 07:13:14 GMT
content-encoding
gzip
last-modified
Thu, 09 Apr 2020 07:04:04 GMT
server
AmazonS3
age
1759
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
access-control-allow-origin
*
x-amz-cf-id
I4PXueCGVTIyRCs8o36G4b9enUe4vcgw_L7KI3psXjJQj1HqAfOO0A==
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
auth-v2.js
d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/ 		724 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1qr63pinnvtia.cloudfront.net/assets/6ce1a46af613e0bc39b2223ae11a9e6ce8f5d8eb/auth-v2.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:11:4dce:8880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87113d74717c245cad918715ed50238c28ad537852d8317c8664fc44b21a9db0

Request headers

Referer
https://linktr.ee/status/blocked?username=magalublackfriday
Origin
https://linktr.ee
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 07:15:11 GMT
content-encoding
gzip
last-modified
Thu, 09 Apr 2020 07:04:05 GMT
server
AmazonS3
age
1641
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
access-control-allow-origin
*
x-amz-cf-id
k7DHP9SlRiPQXtI4cW2PDGjLgxGXChOnZxvRXsLujXOgO7P3kVZoAw==
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
datadog-logs-us.js
www.datadoghq-browser-agent.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.81.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-81-150.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3606578fdec7e3239b6f4d77f98d46d8711d6a442a5841f7a96f6a24aa15592c

Request headers

Referer
https://linktr.ee/status/blocked?username=magalublackfriday
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 13:44:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 13:44:23 GMT
server
AmazonS3
age
151086
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=900
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
u0PQV5wlq2LqE_bl-g6wprldWKZGcgfWhUCr0_wuMPRhOuDXrA6AeQ==
via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
truncated
/ 		736 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f751d9bf529f58d7557837531ad367641dcd5eed324128ffba5ab07b2b4b99b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73bb21340163f066ff507e2aa79ba53592ecf25b105cdbca7482060d8c789ed0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
gtm.js
www.googletagmanager.com/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9PX6N
Requested by
Host: linktr.ee
URL: https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4bfcf161549a556110a333e463d3d9a800264bc5293d0f00bfe8020eeaaefd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://linktr.ee/status/blocked?username=magalublackfriday
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 07:42:32 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30446
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Apr 2020 07:42:32 GMT
embed.js
embed.typeform.com/ 		143 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.typeform.com/embed.js
Requested by
Host: linktr.ee
URL: https://linktr.ee/status/blocked?username=magalublackfriday
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:a200:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9676ea86e11494f8c4e2acc513916acf7bcad83fca9c37888e60c0af66a8c02d

Request headers

Referer
https://linktr.ee/status/blocked?username=magalublackfriday
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 07:40:19 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 13:39:40 GMT
server
AmazonS3
age
134
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HafIZIn1MjVKnMaQbtjatlO-1_3DC3ORZx8-Vyj1YUjneX85o1tvrQ==
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| DD_LOGS object| dataLayer object| webpackJsonp object| google_tag_manager object| typeformEmbed object| __SECRET_EMOTION__ boolean| typeformEmbedIsloaded

2 Cookies

Domain/Path Name / Value
linktr.ee/ Name: _dd_s
Value: logs=1&id=f5af4c70-bd05-43c9-8547-c6ec6349e93f
linktr.ee/ Name: dd_rum_test
Value: test

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block