urlscan.io logo urlscan.io
SecurityTrails logo

parg.co Open in urlscan Pro
178.238.224.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Effective URL: https://parg.co/UYw2
Submission: On August 10 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 31 HTTP transactions. The main IP is 178.238.224.248, located in Munich, Germany and belongs to CONTABO, DE. The main domain is parg.co.
TLS certificate: Issued by R3 on July 10th 2022. Valid for: 3 months.
This is the only time parg.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    54.83.19.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-19-8.compute-1.amazonaws.com
access-billing-amazon-2214.lnk.to
1    2607:f8b0:4006:80d::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
www.googleadservices.com
1    2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    178.238.224.248 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: host.aparg.com
parg.co
4    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2607:f8b0:4006:81c::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
10 parg.co
parg.co
137 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
922 B
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 674
analytics.twitter.com — Cisco Umbrella Rank: 506
945 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
132 KB
3 lnk.to
access-billing-amazon-2214.lnk.to
83 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
656 B
2 t.co
t.co — Cisco Umbrella Rank: 445
521 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 609
15 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
31 11
Domain Requested by
10 parg.co access-billing-amazon-2214.lnk.to
parg.co
4 www.facebook.com
3 connect.facebook.net access-billing-amazon-2214.lnk.to
connect.facebook.net
3 access-billing-amazon-2214.lnk.to access-billing-amazon-2214.lnk.to
2 www.google.com
2 analytics.twitter.com
2 t.co
2 googleads.g.doubleclick.net www.googleadservices.com
1 static.ads-twitter.com access-billing-amazon-2214.lnk.to
1 platform.twitter.com 1 redirects
1 www.googleadservices.com access-billing-amazon-2214.lnk.to
1 www.google-analytics.com access-billing-amazon-2214.lnk.to
31 12

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
apps.apple.com
play.google.com
aparg.com
Subject Issuer Validity Valid
lnk.to
Amazon		 2022-07-30 -
2023-08-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-20 -
2022-08-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
parg.co
R3		 2022-07-10 -
2022-10-08		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://parg.co/UYw2
Frame ID: 9CC3A70DE36EC4B5605F1DE7F4390300
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

parg.co - URL Shortener

Page URL History Show full URLs

  1. https://access-billing-amazon-2214.lnk.to/xkjY8z7l Page URL
  2. https://parg.co/UYw2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

408 kB
Transfer

903 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://access-billing-amazon-2214.lnk.to/xkjY8z7l Page URL
  2. https://parg.co/UYw2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xkjY8z7l
access-billing-amazon-2214.lnk.to/ 		83 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.19.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-19-8.compute-1.amazonaws.com
Software
nginx /
Resource Hash
36b59383e9461dd2cbba892c39bc0568ae724d8de12ae074cea2c5231544abbe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 16:11:32 GMT
server
nginx
x-redirector-version
redirector-v3
/
access-billing-amazon-2214.lnk.to/~/tr/pageview/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-billing-amazon-2214.lnk.to/~/tr/pageview/
Requested by
Host: access-billing-amazon-2214.lnk.to
URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.19.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-19-8.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a5601e0dfe5c0de65e1f14a78c8ce173922fd7653519858cb80a15dd3031752e

Request headers

Referer
https://access-billing-amazon-2214.lnk.to/xkjY8z7l
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: access-billing-amazon-2214.lnk.to
URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4151
date
Wed, 10 Aug 2022 15:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Aug 2022 17:02:21 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: access-billing-amazon-2214.lnk.to
URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26506
x-xss-protection
0
pragma
public
x-fb-debug
BhGlf5te5kwumNyD1a8Qv7Mgv9cJOEHqcVUe+3OHXUipodzQ1vR7T7U6GqWk5KYPiIUUC5ix9qxshjWf0SxXLg==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Wed, 10 Aug 2022 16:11:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: access-billing-amazon-2214.lnk.to
URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15165
x-xss-protection
0
server
cafe
etag
6365998374961989006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 16:11:32 GMT
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: access-billing-amazon-2214.lnk.to
URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:26:43 GMT
etag
"58faa0bb9a63121ea57a3106609bc291+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15291
x-served-by
cache-iad-kcgs7200020-IAD, cache-lga21960-LGA

Redirect headers

x-tw-cdn
VZ
Date
Wed, 10 Aug 2022 16:11:32 GMT
Server
ECS (nyb/1D08)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Server-Timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
0
/
access-billing-amazon-2214.lnk.to/~/tr/event/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-billing-amazon-2214.lnk.to/~/tr/event/
Requested by
Host: access-billing-amazon-2214.lnk.to
URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.19.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-19-8.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://access-billing-amazon-2214.lnk.to/xkjY8z7l
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.73
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
FbSRxawfIvQToVfjAWOos2QBUnAM5FujDraXZ2jAfd3ehiisCYyTqrYMpy9c8M+UGiMsJ4z1bcaSzqAc+BW2FQ==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 10 Aug 2022 16:11:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
399736106876066
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/399736106876066?v=2.9.73&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86260
x-xss-protection
0
pragma
public
x-fb-debug
eJB1k23gZcjf/oqX3O3LU5mdDXs2smHbRKqhc8zPpgjnExH+LNijInbIG67iiXLmm9hUlMIX5yfOyr3ndAo2xw==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Wed, 10 Aug 2022 16:11:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/?random=1660147892403&cv=9&fst=1660147892403&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=organisation%3DTIMPLUSGANS%3Bboard%3DTIMPLUSGANS%3Burl%3DAccess-Billing-Amazon-2214.lnk.to%2FxkjY8z7l%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DBuffalo%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tiba=Amazon%20Security&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 16:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1100
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/?random=1660147892408&cv=9&fst=1660147892408&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=organisation%3DTIMPLUSGANS%3Bboard%3DTIMPLUSGANS%3Burl%3DAccess-Billing-Amazon-2214.lnk.to%2FxkjY8z7l%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DBuffalo%3Breferrer%3Ddirect%3Baction%3Dservice%3Bmusicservice%3Dcontentlink&frm=0&url=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tiba=Amazon%20Security&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 16:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1114
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request UYw2
parg.co/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parg.co/UYw2
Requested by
Host: access-billing-amazon-2214.lnk.to
URL: https://access-billing-amazon-2214.lnk.to/xkjY8z7l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
2c361310358273e46eb3ea8463918b3fd4d7f61c25a424dc87b251d59ee95f3d

Request headers

Referer
https://access-billing-amazon-2214.lnk.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 16:11:32 GMT
server
Apache
vary
User-Agent
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399736106876066&ev=LF&dl=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&rl=&if=false&ts=1660147892452&cd[organisation]=TIMPLUSGANS&cd[board]=TIMPLUSGANS&cd[url]=Access-Billing-Amazon-2214.lnk.to%2FxkjY8z7l&cd[countryCode]=US&cd[country]=United%20States&cd[city]=Buffalo&cd[oid]=657fb3a0-4c93-49f7-a9e7-176645537056&cd[bid]=a849f8cc-1c16-491f-b87c-c5c9da31dacc&cd[linkId]=4507ad21-f5cf-46d4-87ab-0ed6e250757d&cd[furl]=Access-Billing-Amazon-2214.lnk.to%2FxkjY8z7l&cd[domain]=Access-Billing-Amazon-2214.lnk.to&cd[subdomain]=Access-Billing-Amazon-2214&cd[luuid]=4507ad21-f5cf-46d4-87ab-0ed6e250757d&cd[ouuid]=657fb3a0-4c93-49f7-a9e7-176645537056&cd[buuid]=a849f8cc-1c16-491f-b87c-c5c9da31dacc&cd[sid]=468c0980f64e4f04dcc3f25849a0bfc3&cd[uid]=62f3d8b41adf75.76614303&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=10%3A08%3A2022&cd[action]=pageview&sw=1600&sh=1200&ud[external_id]=468c0980f64e4f04dcc3f25849a0bfc3&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.1.1660147892451.532169902&it=1660147892381&coo=false&tm=2&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 10 Aug 2022 16:11:32 GMT
/
www.facebook.com/tr/ 		44 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399736106876066&ev=PageView&dl=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&rl=&if=false&ts=1660147892454&sw=1600&sh=1200&ud[external_id]=468c0980f64e4f04dcc3f25849a0bfc3&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.1.1660147892451.532169902&it=1660147892381&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 10 Aug 2022 16:11:32 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399736106876066&ev=LF&dl=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&rl=&if=false&ts=1660147892455&cd[organisation]=TIMPLUSGANS&cd[board]=TIMPLUSGANS&cd[url]=Access-Billing-Amazon-2214.lnk.to%2FxkjY8z7l&cd[countryCode]=US&cd[country]=United%20States&cd[city]=Buffalo&cd[oid]=657fb3a0-4c93-49f7-a9e7-176645537056&cd[bid]=a849f8cc-1c16-491f-b87c-c5c9da31dacc&cd[linkId]=4507ad21-f5cf-46d4-87ab-0ed6e250757d&cd[furl]=Access-Billing-Amazon-2214.lnk.to%2FxkjY8z7l&cd[domain]=Access-Billing-Amazon-2214.lnk.to&cd[subdomain]=Access-Billing-Amazon-2214&cd[luuid]=4507ad21-f5cf-46d4-87ab-0ed6e250757d&cd[ouuid]=657fb3a0-4c93-49f7-a9e7-176645537056&cd[buuid]=a849f8cc-1c16-491f-b87c-c5c9da31dacc&cd[sid]=468c0980f64e4f04dcc3f25849a0bfc3&cd[uid]=62f3d8b41adf75.76614303&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=10%3A08%3A2022&cd[action]=service&cd[musicservice]=contentlink&cd[mediaservicetype]=contentlink&sw=1600&sh=1200&ud[external_id]=468c0980f64e4f04dcc3f25849a0bfc3&v=2.9.73&r=stable&ec=2&o=30&fbp=fb.1.1660147892451.532169902&it=1660147892381&coo=false&tm=2&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 10 Aug 2022 16:11:32 GMT
adsct
t.co/i/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=1&eci=1&event_id=4d1f2b0d-aaee-491d-82fd-01391f48f5b0&p_id=Twitter&p_user_id=0&pl_id=5b3d2e37-d7b0-4c63-86af-e4769768096b&tw_document_href=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
5
date
Wed, 10 Aug 2022 16:11:32 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fcc6a248bacfde9ffb2aaba5d2e9b105b8f7aece835693cb88b2ab179c38a7c8
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=4d1f2b0d-aaee-491d-82fd-01391f48f5b0&p_id=Twitter&p_user_id=0&pl_id=5b3d2e37-d7b0-4c63-86af-e4769768096b&tw_document_href=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
5
date
Wed, 10 Aug 2022 16:11:31 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9ec79e042f792051f684e15cb2bb8a37abc237d9ddef5d005f436c6904e217fe
content-length
43
adsct
t.co/i/ 		43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=1&eci=1&event_id=a8577b72-1a9a-43ed-b727-3576f3a6e760&p_id=Twitter&p_user_id=0&pl_id=5b3d2e37-d7b0-4c63-86af-e4769768096b&tw_document_href=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numuc&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
7
date
Wed, 10 Aug 2022 16:11:32 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fcc6a248bacfde9ffb2aaba5d2e9b105b8f7aece835693cb88b2ab179c38a7c8
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=a8577b72-1a9a-43ed-b727-3576f3a6e760&p_id=Twitter&p_user_id=0&pl_id=5b3d2e37-d7b0-4c63-86af-e4769768096b&tw_document_href=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numuc&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
6
date
Wed, 10 Aug 2022 16:11:31 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9ec79e042f792051f684e15cb2bb8a37abc237d9ddef5d005f436c6904e217fe
content-length
43
/
www.google.com/pagead/1p-user-list/950249395/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950249395/?random=1660147892403&cv=9&fst=1660147200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=organisation%3DTIMPLUSGANS%3Bboard%3DTIMPLUSGANS%3Burl%3DAccess-Billing-Amazon-2214.lnk.to%2FxkjY8z7l%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DBuffalo%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tiba=Amazon%20Security&async=1&fmt=3&is_vtc=1&random=2954584122&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 16:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/950249395/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950249395/?random=1660147892408&cv=9&fst=1660147200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=organisation%3DTIMPLUSGANS%3Bboard%3DTIMPLUSGANS%3Burl%3DAccess-Billing-Amazon-2214.lnk.to%2FxkjY8z7l%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DBuffalo%3Breferrer%3Ddirect%3Baction%3Dservice%3Bmusicservice%3Dcontentlink&frm=0&url=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&tiba=Amazon%20Security&async=1&fmt=3&is_vtc=1&random=1092911609&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 16:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399736106876066&ev=Microdata&dl=https%3A%2F%2Faccess-billing-amazon-2214.lnk.to%2FxkjY8z7l&rl=&if=false&ts=1660147892954&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Amazon%20Security%22%2C%22meta%3Adescription%22%3A%22Go%20to%20Amazon%20Security.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Amazon%20Security%22%2C%22og%3Adescription%22%3A%22Go%20to%20Amazon%20Security.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2FAccess-Billing-Amazon-2214.lnk.to%2FxkjY8z7l%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=468c0980f64e4f04dcc3f25849a0bfc3&v=2.9.73&r=stable&ec=3&o=30&fbp=fb.1.1660147892451.532169902&it=1660147892381&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://access-billing-amazon-2214.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 10 Aug 2022 16:11:32 GMT
app.css
parg.co/includes/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://parg.co/includes/css/app.css?v=e0e429a
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
525beea6dec61449baa8b7c4c14534eca0190b1f61db17e207024ac1bcb874d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
content-encoding
gzip
last-modified
Fri, 04 Jun 2021 06:15:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
2730
expires
Wed, 17 Aug 2022 16:11:32 GMT
jquery.js
parg.co/includes/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parg.co/includes/js/jquery.js
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
content-encoding
gzip
last-modified
Fri, 04 Jun 2021 06:15:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
33282
expires
Wed, 17 Aug 2022 16:11:32 GMT
app.js
parg.co/includes/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parg.co/includes/js/app.js?v=e0e429a
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
ce4911f4dc1df90b14b5fc7e7f14e4f86e3db7aad20f4346af2920cf3e44ebf4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
content-encoding
gzip
last-modified
Fri, 04 Jun 2021 06:15:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
3406
expires
Wed, 17 Aug 2022 16:11:32 GMT
menu.png
parg.co/includes/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parg.co/includes/images/menu.png
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
c9050b8674cfd84be886f1ab94dadad33604036ce72248c3a431c11fd32bd291

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Thu, 03 Jun 2021 09:46:42 GMT
server
Apache
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1183
expires
Fri, 09 Sep 2022 16:11:32 GMT
close.png
parg.co/includes/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parg.co/includes/images/close.png
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
91138c159db978f1c9a02ced918d5891a64cfc446a8e93db649387c4d16e54d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Thu, 03 Jun 2021 09:46:42 GMT
server
Apache
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2859
expires
Fri, 09 Sep 2022 16:11:32 GMT
app-logo.png
parg.co/includes/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parg.co/includes/images/app-logo.png
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
770c3802d34d6338767ed1aa6d230d5a31636c73b2cbc5b7e3ca2fd4da145c16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Thu, 03 Jun 2021 09:46:42 GMT
server
Apache
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1472
expires
Fri, 09 Sep 2022 16:11:32 GMT
apple_badge.png
parg.co/includes/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parg.co/includes/images/apple_badge.png
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
da8c647e655a4fd1676a4b80066f6af04544dc04a09099c81089448122dc24c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Thu, 03 Jun 2021 09:46:42 GMT
server
Apache
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4050
expires
Fri, 09 Sep 2022 16:11:32 GMT
google_badge.png
parg.co/includes/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parg.co/includes/images/google_badge.png
Requested by
Host: parg.co
URL: https://parg.co/UYw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
73a6a524d740f731db7656b1cf5ba104c46d97fc9e11b3654b35d5cf74458aa2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://parg.co/UYw2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Thu, 03 Jun 2021 09:46:42 GMT
server
Apache
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3832
expires
Fri, 09 Sep 2022 16:11:32 GMT
gothic.woff
parg.co/includes/fonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://parg.co/includes/fonts/gothic.woff
Requested by
Host: parg.co
URL: https://parg.co/includes/css/app.css?v=e0e429a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.238.224.248 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
host.aparg.com
Software
Apache /
Resource Hash
cb6fb87881b74b91645be8b0eee4465a412051ee8c107dfa77367671dad62540

Request headers

Referer
https://parg.co/includes/css/app.css?v=e0e429a
Origin
https://parg.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:11:32 GMT
last-modified
Thu, 03 Jun 2021 09:46:42 GMT
server
Apache
accept-ranges
bytes
content-length
82192
vary
User-Agent
content-type
font/woff

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| shorten function| register function| balloon function| historyRow function| select_all function| setCookie function| getCookie function| nFormatter string| apiURL string| registerURL string| apiEmail string| apiKey

8 Cookies

Domain/Path Name / Value
.lnk.to/ Name: LF_session_6c06592734f49de41b5a86afc08400b7
Value: 1
.lnk.to/ Name: _ga
Value: GA1.2.62f3d8b41adf75.76614303
.lnk.to/ Name: _gid
Value: GA1.2.1609866811.1660147892
.lnk.to/ Name: _fbp
Value: fb.1.1660147892451.532169902
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.facebook.com/ Name: fr
Value: 0XDRY6edvpPKiU5wQ..Bi89i0...1.0.Bi89i0.
.t.co/ Name: muc_ads
Value: ef1e2dcc-dec7-40c5-bd25-8b9b36c6e0ad
.twitter.com/ Name: personalization_id
Value: "v1_UfNOaGbLkEVO4fimEm91jw=="

1 Console Messages

Source Level URL
Text
network error URL: https://parg.co/UYw2
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

access-billing-amazon-2214.lnk.to
analytics.twitter.com
connect.facebook.net
googleads.g.doubleclick.net
parg.co
platform.twitter.com
static.ads-twitter.com
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
104.244.42.197
104.244.42.3
142.250.80.34
178.238.224.248
199.232.36.157
2606:2800:220:de:468:2285:c1:4a3
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2004
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
54.83.19.8
2c361310358273e46eb3ea8463918b3fd4d7f61c25a424dc87b251d59ee95f3d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
36b59383e9461dd2cbba892c39bc0568ae724d8de12ae074cea2c5231544abbe
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
525beea6dec61449baa8b7c4c14534eca0190b1f61db17e207024ac1bcb874d0
73a6a524d740f731db7656b1cf5ba104c46d97fc9e11b3654b35d5cf74458aa2
770c3802d34d6338767ed1aa6d230d5a31636c73b2cbc5b7e3ca2fd4da145c16
91138c159db978f1c9a02ced918d5891a64cfc446a8e93db649387c4d16e54d6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5601e0dfe5c0de65e1f14a78c8ce173922fd7653519858cb80a15dd3031752e
c9050b8674cfd84be886f1ab94dadad33604036ce72248c3a431c11fd32bd291
cb6fb87881b74b91645be8b0eee4465a412051ee8c107dfa77367671dad62540
ce4911f4dc1df90b14b5fc7e7f14e4f86e3db7aad20f4346af2920cf3e44ebf4
da8c647e655a4fd1676a4b80066f6af04544dc04a09099c81089448122dc24c7
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd