urlscan.io logo urlscan.io
SecurityTrails logo

www.linkbux.com Open in urlscan Pro
198.11.181.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://notebookim.goole.co/
Effective URL: https://www.linkbux.com/track/0328Bt8iu1_aM7WEKI8HgRrZ4QnoRUI0tMwcwUD9m_apj2jCYr3szz_aOqVpt1S2VMVESI1KVDjYw_c_c?url=http...
Submission Tags: @phishunt_io
Submission: On November 08 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 11 HTTP transactions. The main IP is 198.11.181.248, located in United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is www.linkbux.com. The Cisco Umbrella rank of the primary domain is 163437.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on July 10th 2024. Valid for: a year.
This is the only time www.linkbux.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.247.81.54 206834 (TEAMINTER...)
1 100.26.0.14 14618 (AMAZON-AES)
1 1 2a01:4f8:2190... 24940 (HETZNER-AS)
1 2 168.119.32.212 24940 (HETZNER-AS)
1 3 54.154.136.171 16509 (AMAZON-02)
1 198.11.181.248 45102 (ALIBABA-C...)
11 6
2    104.247.81.54 (Canada)

ASN206834 (TEAMINTERNET-CA-AS, DE)
notebookim.goole.co
1    100.26.0.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-0-14.compute-1.amazonaws.com
varun-ysz.com
1    2a01:4f8:2190:2664:: (Germany)

ASN24940 (HETZNER-AS, DE)
plorexdry.com
2    168.119.32.212 (Düsseldorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: srv02.smartinfluence.de
buybutwhere.com
3    54.154.136.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
r.perfsimpl.com
1    198.11.181.248 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
www.linkbux.com
Apex Domain
Subdomains		 Transfer
3 perfsimpl.com
r.perfsimpl.com
3 KB
2 buybutwhere.com
buybutwhere.com — Cisco Umbrella Rank: 610308
1 KB
2 goole.co
notebookim.goole.co
2 KB
1 linkbux.com
www.linkbux.com — Cisco Umbrella Rank: 163437
699 B
1 plorexdry.com
plorexdry.com Failed
288 B
1 varun-ysz.com
varun-ysz.com — Cisco Umbrella Rank: 311193
3 KB
0 veganfication.com Failed
www.veganfication.com Failed
0 cloudfront.net Failed
d38psrni17bvxu.cloudfront.net Failed
11 8
Domain Requested by
3 r.perfsimpl.com 1 redirects buybutwhere.com
2 buybutwhere.com 1 redirects
2 notebookim.goole.co notebookim.goole.co
1 www.linkbux.com r.perfsimpl.com
1 plorexdry.com varun-ysz.com
1 varun-ysz.com notebookim.goole.co
0 www.veganfication.com Failed www.linkbux.com
0 d38psrni17bvxu.cloudfront.net Failed notebookim.goole.co
11 8

This site contains no links.

Subject Issuer Validity Valid
notebookim.goole.co
R11		 2024-10-30 -
2025-01-28		 3 months crt.sh
varun-ysz.com
Amazon RSA 2048 M02		 2024-09-30 -
2025-10-29		 a year crt.sh
buybutwhere.com
R10		 2024-10-21 -
2025-01-19		 3 months crt.sh
linksprf.com
R10		 2024-09-19 -
2024-12-18		 3 months crt.sh
*.linkbux.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-07-10 -
2025-08-10		 a year crt.sh

This page contains 1 frames:

Frame: http://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3
Frame ID: DE6775F7FDC843A94D08DF973D264EBE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

www.veganfication.com

Page URL History Show full URLs

  1. https://notebookim.goole.co/ Page URL
  2. https://varun-ysz.com/zclkvisitor/ed700254-9d75-11ef-b9cd-122d6041c8cd/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://plorexdry.com/r/b?s=6246150559&s2=lateritious-falcon&s3=xray-aha-w148uqf8x HTTP 302
    https://buybutwhere.com/buy/with/be4/in?store=veganfication.com&nid=3&sid1=6246150559&sid2=lateritio... HTTP 302
    https://buybutwhere.com/buy/in?store=veganfication.com Page URL
  4. https://r.perfsimpl.com/v1/redirect?type=linkId&id=a495cbc33f7e46d388ce92d52fe8f16c&api_key=a3ae2e81... HTTP 302
    https://r.perfsimpl.com/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaU... Page URL
  5. https://www.linkbux.com/track/0328Bt8iu1_aM7WEKI8HgRrZ4QnoRUI0tMwcwUD9m_apj2jCYr3szz_aOqVpt1S2VMVESI... Page URL

Page Statistics

11
Requests

64 %
HTTPS

17 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

10 kB
Transfer

26 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://notebookim.goole.co/ Page URL
  2. https://varun-ysz.com/zclkvisitor/ed700254-9d75-11ef-b9cd-122d6041c8cd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=07e579a0-b06c-11ee-ad77-123af5e664ff Page URL
  3. https://plorexdry.com/r/b?s=6246150559&s2=lateritious-falcon&s3=xray-aha-w148uqf8x HTTP 302
    https://buybutwhere.com/buy/with/be4/in?store=veganfication.com&nid=3&sid1=6246150559&sid2=lateritious-falcon&sid3=xray-aha-w148uqf8x&url=https%3A%2F%2Fveganfication.com&rtb_key=2a3796f55654e93aa5431cce790762f5&tsv=1731031533&shv=5ab265c91fbac5733045a50eb44fc3f8 HTTP 302
    https://buybutwhere.com/buy/in?store=veganfication.com Page URL
  4. https://r.perfsimpl.com/v1/redirect?type=linkId&id=a495cbc33f7e46d388ce92d52fe8f16c&api_key=a3ae2e816af8f1662ffc6841c5087225&site_id=ee50063cceb54d669baeccf803a2c06c&dch=feed&ad_t=advertiser&yk_tag=be48c850adfb727b54075d74528126c9&source=https%3A%2F%2Fbuybutwhere.com&url=https%3A%2F%2Fveganfication.com HTTP 302
    https://r.perfsimpl.com/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaUi0nMgcvUw9w_2pF2%25C3rpstz%3Darq%3Fp_1_2YMDEKI1SVVjVwSctcVuOl_hzt3%25YAj2j%25aFmwD.wewatfIcRtno4.rog%268iK%3DW0M0_0u083B52302kea2t5m5c4xebbn3l5w4wd%2Fcs6tch&s=https%3A%2F%2Fbuybutwhere.com%2F&e=1&ai=ed4ea5bbbd664d9795cdc4b82336bb27&sct=0&ct=1731031535602&cu=372be8215c5e4be7b33d564cd1cb6ec9&cs=a135d14ba2e82272404b612fe9b3bff2 Page URL
  5. https://www.linkbux.com/track/0328Bt8iu1_aM7WEKI8HgRrZ4QnoRUI0tMwcwUD9m_apj2jCYr3szz_aOqVpt1S2VMVESI1KVDjYw_c_c?url=http%3A%2F%2Fwww.veganfication.com&uid=v030400013853372be8215c5e4be7b33d564cd1cb6ec9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://varun-ysz.com/zclkredirect?visitid=ed700254-9d75-11ef-b9cd-122d6041c8cd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • https://plorexdry.com/r/b?s=6246150559&s2=lateritious-falcon&s3=xray-aha-w148uqf8x
Request Chain 8
  • https://plorexdry.com/r/b?s=6246150559&s2=lateritious-falcon&s3=xray-aha-w148uqf8x HTTP 302
  • https://buybutwhere.com/buy/with/be4/in?store=veganfication.com&nid=3&sid1=6246150559&sid2=lateritious-falcon&sid3=xray-aha-w148uqf8x&url=https%3A%2F%2Fveganfication.com&rtb_key=2a3796f55654e93aa5431cce790762f5&tsv=1731031533&shv=5ab265c91fbac5733045a50eb44fc3f8 HTTP 302
  • https://buybutwhere.com/buy/in?store=veganfication.com
Request Chain 9
  • https://r.perfsimpl.com/v1/redirect?type=linkId&id=a495cbc33f7e46d388ce92d52fe8f16c&api_key=a3ae2e816af8f1662ffc6841c5087225&site_id=ee50063cceb54d669baeccf803a2c06c&dch=feed&ad_t=advertiser&yk_tag=be48c850adfb727b54075d74528126c9&source=https%3A%2F%2Fbuybutwhere.com&url=https%3A%2F%2Fveganfication.com HTTP 302
  • https://r.perfsimpl.com/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaUi0nMgcvUw9w_2pF2%25C3rpstz%3Darq%3Fp_1_2YMDEKI1SVVjVwSctcVuOl_hzt3%25YAj2j%25aFmwD.wewatfIcRtno4.rog%268iK%3DW0M0_0u083B52302kea2t5m5c4xebbn3l5w4wd%2Fcs6tch&s=https%3A%2F%2Fbuybutwhere.com%2F&e=1&ai=ed4ea5bbbd664d9795cdc4b82336bb27&sct=0&ct=1731031535602&cu=372be8215c5e4be7b33d564cd1cb6ec9&cs=a135d14ba2e82272404b612fe9b3bff2
Request Chain 12
  • http://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3 HTTP 307
  • https://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3 HTTP 307
  • http://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
notebookim.goole.co/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notebookim.goole.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.54 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
22d4662d9e92ee49673ff9f39bd339805ff1436287cb84f0135f8f4edbf2d397

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 08 Nov 2024 02:05:29 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_fZNQ4mbMjBkxvNm4DM+gBK/iZ7pZUUW4UDsmqGDa5TeTATPh+GXOZZx3yjLl4V8NUXalRiXiMwO1fFUNowLlfg==
x-buckets
bucket011,bucket088,bucket089,bucket077
x-domain
goole.co
x-language
english
x-pcrew-blocked-reason
x-pcrew-ip-organization
Verizon Internet Services
x-redirect
zeropark_zeroclick
x-subdomain
notebookim
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		0
0
ls.php
notebookim.goole.co/ 		16 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notebookim.goole.co/ls.php?t=672d71e9&token=87a8ce1e0c82094be674e0e3c11f275e7c8833a1
Requested by
Host: notebookim.goole.co
URL: https://notebookim.goole.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.54 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://notebookim.goole.co/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
rtt
50
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_dv6R45XUG3OwDYYk4p7SO7l32TMWfUCwKp3RLZ35xizwydWrashDCkRUR7i9nuFbkf7hjK5RCFfG9NU3em4XRw==
accept-ch-lifetime
30
x-log-success
672d71ea91acec94fb00f262
access-control-allow-origin
alt-svc
h3=":8443"; ma=2592000
date
Fri, 08 Nov 2024 02:05:30 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
varun-ysz.com/zclkvisitor/ed700254-9d75-11ef-b9cd-122d6041c8cd/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://varun-ysz.com/zclkvisitor/ed700254-9d75-11ef-b9cd-122d6041c8cd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=07e579a0-b06c-11ee-ad77-123af5e664ff
Requested by
Host: notebookim.goole.co
URL: https://notebookim.goole.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.0.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-0-14.compute-1.amazonaws.com
Software
/
Resource Hash
dfc3ccaa9024914188983158466ff56ee2f35f58fa7d821e96028a0164216be1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://notebookim.goole.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Fri, 08 Nov 2024 02:05:30 GMT
b
plorexdry.com/r/
Redirect Chain
  • https://varun-ysz.com/zclkredirect?visitid=ed700254-9d75-11ef-b9cd-122d6041c8cd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://plorexdry.com/r/b?s=6246150559&s2=lateritious-falcon&s3=xray-aha-w148uqf8x
0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
in
buybutwhere.com/buy/
Redirect Chain
  • https://plorexdry.com/r/b?s=6246150559&s2=lateritious-falcon&s3=xray-aha-w148uqf8x
  • https://buybutwhere.com/buy/with/be4/in?store=veganfication.com&nid=3&sid1=6246150559&sid2=lateritious-falcon&sid3=xray-aha-w148uqf8x&url=https%3A%2F%2Fveganfication.com&rtb_key=2a3796f55654e93aa54...
  • https://buybutwhere.com/buy/in?store=veganfication.com
1 KB
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://buybutwhere.com/buy/in?store=veganfication.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.32.212 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv02.smartinfluence.de
Software
nginx /
Resource Hash

Request headers

Referer
https://varun-ysz.com/zclkvisitor/ed700254-9d75-11ef-b9cd-122d6041c8cd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=07e579a0-b06c-11ee-ad77-123af5e664ff
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 08 Nov 2024 02:05:34 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=utf-8
date
Fri, 08 Nov 2024 02:05:34 GMT
location
https://buybutwhere.com/buy/in?store=veganfication.com
referrer-policy
no-referrer
server
nginx
go
r.perfsimpl.com/v2/
Redirect Chain
  • https://r.perfsimpl.com/v1/redirect?type=linkId&id=a495cbc33f7e46d388ce92d52fe8f16c&api_key=a3ae2e816af8f1662ffc6841c5087225&site_id=ee50063cceb54d669baeccf803a2c06c&dch=feed&ad_t=advertiser&yk_tag...
  • https://r.perfsimpl.com/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaUi0nMgcvUw9w_2pF2%25C3rpstz%3Darq%3Fp_1_2YMDEKI1SVVjVwSctcVuOl_hzt3%25YAj2j%25aFmwD.wewatfIcRtno4....
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.perfsimpl.com/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaUi0nMgcvUw9w_2pF2%25C3rpstz%3Darq%3Fp_1_2YMDEKI1SVVjVwSctcVuOl_hzt3%25YAj2j%25aFmwD.wewatfIcRtno4.rog%268iK%3DW0M0_0u083B52302kea2t5m5c4xebbn3l5w4wd%2Fcs6tch&s=https%3A%2F%2Fbuybutwhere.com%2F&e=1&ai=ed4ea5bbbd664d9795cdc4b82336bb27&sct=0&ct=1731031535602&cu=372be8215c5e4be7b33d564cd1cb6ec9&cs=a135d14ba2e82272404b612fe9b3bff2
Requested by
Host: buybutwhere.com
URL: https://buybutwhere.com/buy/in?store=veganfication.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.154.136.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://buybutwhere.com/buy/in?store=veganfication.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
1673
content-type
text/html;charset=UTF-8
date
Fri, 08 Nov 2024 02:05:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

content-length
0
date
Fri, 08 Nov 2024 02:05:35 GMT
location
/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaUi0nMgcvUw9w_2pF2%25C3rpstz%3Darq%3Fp_1_2YMDEKI1SVVjVwSctcVuOl_hzt3%25YAj2j%25aFmwD.wewatfIcRtno4.rog%268iK%3DW0M0_0u083B52302kea2t5m5c4xebbn3l5w4wd%2Fcs6tch&s=https%3A%2F%2Fbuybutwhere.com%2F&e=1&ai=ed4ea5bbbd664d9795cdc4b82336bb27&sct=0&ct=1731031535602&cu=372be8215c5e4be7b33d564cd1cb6ec9&cs=a135d14ba2e82272404b612fe9b3bff2
strict-transport-security
max-age=31536000; includeSubDomains
Primary Request 0328Bt8iu1_aM7WEKI8HgRrZ4QnoRUI0tMwcwUD9m_apj2jCYr3szz_aOqVpt1S2VMVESI1KVDjYw_c_c
www.linkbux.com/track/ 		958 B
699 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.linkbux.com/track/0328Bt8iu1_aM7WEKI8HgRrZ4QnoRUI0tMwcwUD9m_apj2jCYr3szz_aOqVpt1S2VMVESI1KVDjYw_c_c?url=http%3A%2F%2Fwww.veganfication.com&uid=v030400013853372be8215c5e4be7b33d564cd1cb6ec9
Requested by
Host: r.perfsimpl.com
URL: https://r.perfsimpl.com/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaUi0nMgcvUw9w_2pF2%25C3rpstz%3Darq%3Fp_1_2YMDEKI1SVVjVwSctcVuOl_hzt3%25YAj2j%25aFmwD.wewatfIcRtno4.rog%268iK%3DW0M0_0u083B52302kea2t5m5c4xebbn3l5w4wd%2Fcs6tch&s=https%3A%2F%2Fbuybutwhere.com%2F&e=1&ai=ed4ea5bbbd664d9795cdc4b82336bb27&sct=0&ct=1731031535602&cu=372be8215c5e4be7b33d564cd1cb6ec9&cs=a135d14ba2e82272404b612fe9b3bff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.11.181.248 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
73a3ef88ea68f061f1977df1e0d689e3804ac2da44872d81bd533545fd6e6606

Request headers

Referer
https://r.perfsimpl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 08 Nov 2024 02:05:37 GMT
vary
Accept-Encoding
favicon.ico
r.perfsimpl.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r.perfsimpl.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.154.136.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://r.perfsimpl.com/v2/go?t=9tepb%3A1%2Fcw6.di3k7ub.eoc%2F1r8cb%2F73388t1i014a37vEdIuHmRcZnQioaUi0nMgcvUw9w_2pF2%25C3rpstz%3Darq%3Fp_1_2YMDEKI1SVVjVwSctcVuOl_hzt3%25YAj2j%25aFmwD.wewatfIcRtno4.rog%268iK%3DW0M0_0u083B52302kea2t5m5c4xebbn3l5w4wd%2Fcs6tch&s=https%3A%2F%2Fbuybutwhere.com%2F&e=1&ai=ed4ea5bbbd664d9795cdc4b82336bb27&sct=0&ct=1731031535602&cu=372be8215c5e4be7b33d564cd1cb6ec9&cs=a135d14ba2e82272404b612fe9b3bff2

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-length
1085
date
Fri, 08 Nov 2024 02:05:36 GMT
content-type
text/html;charset=utf-8
content-language
en
favicon.ico
www.linkbux.com/ 		0
0
/
www.veganfication.com/
Redirect Chain
  • http://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3
  • https://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3
  • http://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3
0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d38psrni17bvxu.cloudfront.net
URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Domain
plorexdry.com
URL
https://plorexdry.com/r/b?s=6246150559&s2=lateritious-falcon&s3=xray-aha-w148uqf8x
Domain
www.linkbux.com
URL
https://www.linkbux.com/favicon.ico
Domain
www.veganfication.com
URL
http://www.veganfication.com/?ref=C6DCt0hWjCm51a&sub_id=lb_4dgf7t3

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onResize function| setupMobileNav function| assert function| CollisionBox function| Runner function| GeneratedSoundFx function| announcePhrase function| getA11yString function| getRandomNum function| vibrate function| createCanvas function| decodeBase64ToArrayBuffer function| getTimeStamp function| GameOverPanel function| checkForCollision function| createAdjustedCollisionBox function| boxCompare function| Obstacle function| Trex function| DistanceMeter function| Cloud function| BackgroundEl function| NightMode function| HorizonLine function| Horizon function| toggleHelpBox function| diagnoseErrors function| portalSignin function| updateForDnsProbe function| updateIconClass function| reloadButtonClick function| downloadButtonClick function| detailsButtonClick function| setAutoFetchState function| savePageLaterClick function| cancelSavePageClick function| toggleErrorInformationPopup function| launchDownloadsPage function| toggleOfflineContentListVisibility function| onDocumentLoadOrUpdate function| onDocumentLoad function| jstGetTemplate function| JsEvalContext function| jstProcess object| loadTimeDataRaw object| errorPageController object| certificateErrorPageController object| supervisedUserErrorPageController

4 Cookies

Domain/Path Name / Value
.perfsimpl.com/ Name: ykuid
Value: b3ad23e7f2bb4067b0511b7ddcca17e1
r.perfsimpl.com/ Name: JSESSIONID
Value: 3CF7EFE6D0A72E35DEC618EC58838585
www.linkbux.com/ Name: discuz_2132_saltkey
Value: rgLhxd8C
www.linkbux.com/ Name: discuz_2132_lang
Value: en

3 Console Messages

Source Level URL
Text
network error URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
rendering warning URL: https://varun-ysz.com/zclkvisitor/ed700254-9d75-11ef-b9cd-122d6041c8cd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=07e579a0-b06c-11ee-ad77-123af5e664ff
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01C000C320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://r.perfsimpl.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()