urlscan.io logo urlscan.io
SecurityTrails logo

3ydbh.app.link
108.157.142.28  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
Submitted URL: https://links.payboxapp.com/Zfqe95mpvXb 9mo old
Effective URL: https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386 8mo old
Submission: On January 08 via api from IE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 8 HTTP transactions. The main IP is 108.157.142.28, located in United States and belongs to AMAZON-02, US. The main domain is 3ydbh.app.link. 8mo old
TLS certificate: Issued by Amazon RSA 2048 M03 on February 22nd 2025. Valid for: 1yr.
This is the only time 3ydbh.app.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.16.16.68 13335 (CLOUDFLAR...)
2 108.157.142.28 16509 (AMAZON-02)
1 142.251.40.170 15169 (GOOGLE)
1 162.251.63.43 63023 (AS-GLOBAL...)
1 104.16.79.6 13335 (CLOUDFLAR...)
3 142.251.32.99 15169 (GOOGLE)
8 6
1    104.16.16.68 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
links.payboxapp.com 9mo old
2    108.157.142.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-142-28.mci50.r.cloudfront.net
3ydbh.app.link 8mo old
1    142.251.40.170 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net
fonts.googleapis.com 56yr old
1    162.251.63.43 (Los Angeles, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 43-63-251-162.clients.gthost.com
i.postimg.cc 8yr old
1    104.16.79.6 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
res.cloudinary.com 9yr old
3    142.251.32.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net
fonts.gstatic.com 9yr old
Apex Domain
Subdomains		 Transfer
3 gstatic.com
fonts.gstatic.com 9yr old
43 KB
2 app.link
3ydbh.app.link 8mo old
4 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2692 9yr old
201 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 20901 8yr old
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49 56yr old
1 KB
1 payboxapp.com
links.payboxapp.com 9mo old
617 B
8 6
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
2 3ydbh.app.link
1 res.cloudinary.com 3ydbh.app.link
1 i.postimg.cc 3ydbh.app.link
1 fonts.googleapis.com 3ydbh.app.link
1 links.payboxapp.com 1 redirects
8 6

This site contains links to these domains. Also see Links.

Domain
links.payboxapp.com
Subject Issuer Validity Valid
appipv4.link
Amazon RSA 2048 M03		 2025-02-22 -
2026-03-23		 1yr crt.sh
upload.video.google.com
WR2		 2025-12-03 -
2026-02-25		 3mo crt.sh
postimg.cc
E8		 2025-12-15 -
2026-03-15		 3mo crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2025-04-24 -
2026-05-26		 1yr crt.sh
*.gstatic.com
WR2		 2025-12-03 -
2026-02-25		 3mo crt.sh

This page contains 1 frames:

Primary Page: https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386
Frame ID: 6157BD243A41573D9A28BC1C8369D9FC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

מתנת פרידה לאבירם PayBox -

Page URL History Show full URLs

  1. https://links.payboxapp.com/Zfqe95mpvXb HTTP 307
    https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

267 kB
Transfer

276 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.payboxapp.com/Zfqe95mpvXb HTTP 307
    https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Zfqe95mpvXb
3ydbh.app.link/
Redirect Chain
  • https://links.payboxapp.com/Zfqe95mpvXb
  • https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-28.mci50.r.cloudfront.net
Software
openresty /
Resource Hash
4cdda240324617c25a1097c32b21d9b366df11c505eb9e6ed811022982434fa7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
access-control-allow-origin
*
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Thu, 08 Jan 2026 15:56:26 GMT
etag
W/"1e78-wSPyUcld2u+8LCaTSARby+lJmZw"
last-modified
Thu, 08 Jan 2026 15:56:26 GMT
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 93d1362ad054a6f5efbf69cb2aea62e4.cloudfront.net (CloudFront)
x-amz-cf-id
y7PnhZK3mO_NGa-ba7n5Lt7JlH5TmbzBmWaWqyF96REsCU0Q_7oAvQ==
x-amz-cf-pop
MCI50-P1
x-cache
Miss from cloudfront

Redirect headers

accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
9bace26db87c3484-PHX
date
Thu, 08 Jan 2026 15:56:22 GMT
expect-ct
max-age=86400, enforce
location
https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@900&family=Source+Sans+Pro:wght@400;600&display=swap
Requested by
Host: 3ydbh.app.link
URL: https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
ESF /
Resource Hash
d6ce891cb11fda9d17cf8765e68460336db60b7c06d2823958bc420b6390fdf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://3ydbh.app.link/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 08 Jan 2026 15:56:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 08 Jan 2026 15:56:27 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 08 Jan 2026 15:56:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
paybox-background.png
i.postimg.cc/h41c75nV/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/h41c75nV/paybox-background.png
Requested by
Host: 3ydbh.app.link
URL: https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.251.63.43 Los Angeles, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
43-63-251-162.clients.gthost.com
Software
nginx /
Resource Hash
247e33f56545bd4cb24f92994e06a3c093fdbe649280977fdcaa1d266d8cd8de

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://3ydbh.app.link/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
18254
date
Thu, 08 Jan 2026 15:56:26 GMT
content-type
image/png
last-modified
Mon, 04 Aug 2025 10:40:19 GMT
server
nginx
collection-gift.png
res.cloudinary.com/paybox/image/upload/v1698226407/group_collection_default/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/paybox/image/upload/v1698226407/group_collection_default/collection-gift.png
Requested by
Host: 3ydbh.app.link
URL: https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.6 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a122ab78845171f2c77f7ae1c9932faf256114b2f3c81bacc4cf295107fa2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://3ydbh.app.link/

Response headers

access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
etag
"f04b01c4691d5c65b23baa1e0a6ab1dd"
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=33;start=2026-01-08T15:56:26.877Z;desc=hit,rtt;dur=1,content-info;desc="width=2029,height=1375,bytes=205278,o=1,ef=(17);"
date
Thu, 08 Jan 2026 15:56:26 GMT
content-type
image/png
last-modified
Wed, 03 Jan 2024 10:47:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
public, no-transform, immutable, max-age=2592000
timing-allow-origin
*
cf-ray
9bace28bcc8bd984-PHX
accept-ranges
bytes
access-control-allow-origin
*
content-length
205278
server
cloudflare
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26bdf8e57bb8225cee6357c05e6d01f1cd0428aab6d78ff2cadeebc0065e2e61

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

Content-Type
image/png
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@900&family=Source+Sans+Pro:wght@400;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
156650610835fe32914722ecfc8dab0ebbb84795e201b842158afa0ea873cfa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://3ydbh.app.link
Referer
https://fonts.googleapis.com/

Response headers

age
51421
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 08 Jan 2027 01:39:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 08 Jan 2026 01:39:26 GMT
last-modified
Wed, 10 Sep 2025 16:46:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14876
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@900&family=Source+Sans+Pro:wght@400;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://3ydbh.app.link
Referer
https://fonts.googleapis.com/

Response headers

age
75000
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 07 Jan 2027 19:06:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 07 Jan 2026 19:06:27 GMT
last-modified
Wed, 10 Sep 2025 16:44:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14868
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v25/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@900&family=Source+Sans+Pro:wght@400;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://3ydbh.app.link
Referer
https://fonts.googleapis.com/

Response headers

age
582787
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 01 Jan 2027 22:03:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 01 Jan 2026 22:03:20 GMT
last-modified
Mon, 15 Sep 2025 17:12:15 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13724
x-xss-protection
0
server
sffe
favicon.ico
3ydbh.app.link/ 		198 B
592 B 		Other
General
Check archive.org
Download Go to
Full URL
https://3ydbh.app.link/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-28.mci50.r.cloudfront.net
Software
openresty /
Resource Hash
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://3ydbh.app.link/Zfqe95mpvXb?_p=c71629c39c1c65f4ea0386

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
"69409634-c6"
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
via
1.1 93d1362ad054a6f5efbf69cb2aea62e4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
198
x-amz-cf-id
GXRt7reYhEO7-xwlRDm2_JzRtIEUvwV_YjsyO1wRLftYF4kWYGU2jA==
date
Thu, 08 Jan 2026 15:56:27 GMT
content-type
image/x-icon
last-modified
Mon, 15 Dec 2025 23:13:56 GMT
server
openresty
x-amz-cf-pop
MCI50-P1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
links.payboxapp.com/ Name: _s
Value: NJ77gDofeUeo3VqQgs0WZYviO1U530zhcPBFP1QHfpm%2FA%2F%2FV0SRBFc%2BMS%2FOMhxKm
.links.payboxapp.com/ Name: _cfuvid
Value: BSSl9HaMMpYQqtchy6G4EAG4wvsS7qrKrOEEWvS0CKE-1767887782.0407083-1.0.1.1-vzoHSlDs9Qrnazp_cdvGe.bt27BZIHABKE5xg9QC9CM
.app.link/ Name: _s
Value: qKVh1PhB3EdB%2B3l8yqDQaomLLTqYiZ%2FLZy3yhGDuChWHM%2BimabXZS5KW58p51205

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains