authorized-signinapps-scamdedek.duckdns.org Open in urlscan Pro
23.100.27.171 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.getresponse.com/click.html?x=a62b&lc=SSQaya&mc=V6&s=BGxTx4o&u=yNAD3&z=EtKjy79
Effective URL:
https://authorized-signinapps-scamdedek.duckdns.org/ap/signin?session=3a27eedcc46191330a86a37f1867770fc7ca618b
Submission Tags: falconsandbox
Submission: On October 19 via api (October 19th 2020, 4:19:14 pm UTC) from US

Summary HTTP 30 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 30 HTTP transactions. The main IP is 23.100.27.171, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is authorized-signinapps-scamdedek.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 18th 2020. Valid for: 3 months.

This is the only time authorized-signinapps-scamdedek.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.160.64.9 104.160.64.9	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
16	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
4	99.86.154.127 99.86.154.127	16509 (AMAZON-02) (AMAZON-02)
4	99.86.154.12 99.86.154.12	16509 (AMAZON-02) (AMAZON-02)
3	23.100.27.171 23.100.27.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.192.205.222 54.192.205.222	16509 (AMAZON-02) (AMAZON-02)
30	7

1 104.160.64.9 (United States) 1 redirects

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com

app.getresponse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

linktr.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.154.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-154-127.mxp64.r.cloudfront.net

analytics.linktr.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.154.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-154-12.mxp64.r.cloudfront.net

i.linktr.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.100.27.171 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

authorized-signinapps-scamdedek.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.205.222 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-205-222.ham50.r.cloudfront.net

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	linktr.ee linktr.ee analytics.linktr.ee i.linktr.ee	704 KB
3	duckdns.org authorized-signinapps-scamdedek.duckdns.org	182 KB
1	media-amazon.com m.media-amazon.com	28 KB
1	googleapis.com fonts.googleapis.com	553 B
1	googleadservices.com www.googleadservices.com	11 KB
1	getresponse.com 1 redirects app.getresponse.com	2 KB
30	6

	Domain	Requested by
16	linktr.ee	linktr.ee
4	i.linktr.ee	linktr.ee
4	analytics.linktr.ee	linktr.ee
3	authorized-signinapps-scamdedek.duckdns.org	linktr.ee authorized-signinapps-scamdedek.duckdns.org
1	m.media-amazon.com	authorized-signinapps-scamdedek.duckdns.org
1	fonts.googleapis.com	linktr.ee
1	www.googleadservices.com	linktr.ee
1	app.getresponse.com	1 redirects
30	8

This site contains links to these domains. Also see Links.

Domain
www.amazon.com

Subject Issuer	Validity	Valid
linktr.ee Let's Encrypt Authority X3	`2020-09-29` - `2020-12-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
analytics.linktr.ee Amazon	`2020-02-29` - `2021-03-29`	a year	crt.sh
i.linktr.ee Amazon	`2020-09-01` - `2021-10-01`	a year	crt.sh
authorized-signinapps-scamdedek.duckdns.org cPanel, Inc. Certification Authority	`2020-10-18` - `2021-01-16`	3 months	crt.sh
Images-na.ssl-images-amazon.com DigiCert SHA2 Secure Server CA	`2020-04-23` - `2021-04-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://authorized-signinapps-scamdedek.duckdns.org/ap/signin?session=3a27eedcc46191330a86a37f1867770fc7ca618b
Frame ID: AF212387F8156C695EDDD484E302DF48
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://app.getresponse.com/click.html?x=a62b&lc=SSQaya&mc=V6&s=BGxTx4o&u=yNAD3&z=EtKjy79 HTTP 302
https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsa... Page URL
https://authorized-signinapps-scamdedek.duckdns.org/?asu Page URL
https://authorized-signinapps-scamdedek.duckdns.org/ap/signin?session=3a27eedcc46191330a86a37f1867770fc7ca618b Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

30
Requests

100 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

926 kB
Transfer

2395 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/ap/forgotpassword?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=usflex&openid.return_to=https%3A%2F%2Fwww.amazon.com%2F%3Fref_%3Dnav_ya_signin&prevRID=BRHA9NYG75BQK2E6TR1F&openid.assoc_handle=usflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.amazon.com/ap/register?showRememberMe=true&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2F%3Fref_%3Dnav_ya_signin&prevRID=5E2S0M02YQK0KWXY6QRW&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=usflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=usflex&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: Create your Amazon account

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.getresponse.com/click.html?x=a62b&lc=SSQaya&mc=V6&s=BGxTx4o&u=yNAD3&z=EtKjy79 HTTP 302
https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign= Page URL
https://authorized-signinapps-scamdedek.duckdns.org/?asu Page URL
https://authorized-signinapps-scamdedek.duckdns.org/ap/signin?session=3a27eedcc46191330a86a37f1867770fc7ca618b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://app.getresponse.com/click.html?x=a62b&lc=SSQaya&mc=V6&s=BGxTx4o&u=yNAD3&z=EtKjy79 HTTP 302
https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

nuranjayguys Show response
linktr.ee/
Redirect Chain

https://app.getresponse.com/click.html?x=a62b&lc=SSQaya&mc=V6&s=BGxTx4o&u=yNAD3&z=EtKjy79
https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

22 KB
6 KB

62ms
22ms

Document
text/html

151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

29c23045f8847c2ebfb8d22ba1c9c02ec1c35ac7bc8662c52ea0c9fffe25f73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: linktr.ee
:scheme: https
:path: /nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
x-datadog-trace-id: 2993512995932862646
x-datadog-parent-id: 2993512995932862646
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
cache-control: stale-while-revalidate=300
content-encoding: gzip
accept-ranges: bytes
date: Mon, 19 Oct 2020 16:18:58 GMT
via: 1.1 varnish
age: 56731
x-served-by: cache-cph20632-CPH
x-cache: HIT
x-cache-hits: 1
x-timer: S1603124339.704617,VS0,VE1
vary: Accept-Encoding
content-length: 5678

Redirect headers

Date: Mon, 19 Oct 2020 16:18:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Set-Cookie: tms=a%3A1%3A%7Bi%3A0%3Ba%3A6%3A%7Bi%3A0%3Bs%3A5%3A%22apaWI%22%3Bi%3A1%3Bs%3A5%3A%22FcfjP%22%3Bi%3A2%3Bs%3A7%3A%22BGxTx4o%22%3Bi%3A3%3Bs%3A4%3A%22a62b%22%3Bi%3A4%3Bs%3A6%3A%22SSQaya%22%3Bi%3A5%3Bs%3A5%3A%22yNAD3%22%3B%7D%7D; expires=Tue, 19-Oct-2021 00:00:00 GMT; Max-Age=31477262; path=/; domain=getresponse.com tmc=a%3A1%3A%7Bi%3A0%3Ba%3A4%3A%7Bi%3A0%3Bs%3A5%3A%22apaWI%22%3Bi%3A1%3Bs%3A7%3A%22BGxTx4o%22%3Bi%3A2%3Bs%3A6%3A%22SSQaya%22%3Bi%3A3%3Bs%3A4%3A%22a62b%22%3B%7D%7D; expires=Tue, 19-Oct-2021 00:00:00 GMT; Max-Age=31477262; path=/; domain=getresponse.com xsid=a62b_BGxTx4o; expires=Tue, 19-Oct-2021 00:00:00 GMT; Max-Age=31477262; path=/; domain=getresponse.com; secure; HttpOnly; SameSite=None
Location: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=
Content-Security-Policy-Report-Only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://ls.getresponse.com/log/csp_report?source=app-gr

GET
H2 200 d4570def6f69417c429cc11699f1d239cb15bac8_CSS.af1f508a.chunk.css
linktr.ee/_next/static/css/ 20 KB
4 KB 26ms
18ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/css/d4570def6f69417c429cc11699f1d239cb15bac8_CSS.af1f508a.chunk.css

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

451b489942ea58e3313b63249dc2bd34aae2015ceba0df9b9a6c29ae33016715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321170
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 5798113770293776432
content-length: 3482
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.749558,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"5045-1752e7fa270"
x-datadog-trace-id: 5798113770293776432
accept-ranges: bytes
content-type: text/css; charset=UTF-8
x-cache-hits: 1645

GET
H2 200 _app.js Show response
linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/pages/ 1 KB
1 KB 27ms
17ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/pages/_app.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1bab74432ea9c7dcb6d9b808d8d1f69adec879624473f0fd2b8928d67dddc658

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321171
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 3582246112804664172
content-length: 775
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.750240,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"515-1752e7fa270"
x-datadog-trace-id: 3582246112804664172
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1649

GET
H2 200 %5Bprofile%5D.js Show response
linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/pages/ 5 KB
2 KB 27ms
18ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/pages/%5Bprofile%5D.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

33f271fbfebc528ada30d55f75c057416f452204e06aa03c422125233f66313e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321150
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 6742569886321478064
content-length: 2163
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.750509,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"1542-1752e7fa270"
x-datadog-trace-id: 6742569886321478064
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1645

GET
H2 200 webpack-6ef28db84b4c42ad34e9.js Show response
linktr.ee/_next/static/runtime/ 1 KB
1 KB 28ms
19ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/runtime/webpack-6ef28db84b4c42ad34e9.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 562632
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 1696040646364476669
content-length: 746
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Tue, 13 Oct 2020 03:43:17 GMT
server: nginx
x-timer: S1603124339.750531,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"5fb-175200e1c08"
x-datadog-trace-id: 1696040646364476669
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 4380

GET
H2 200 framework.8293b41d86da2f0201a3.js Show response
linktr.ee/_next/static/chunks/ 137 KB
45 KB 64ms
56ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/framework.8293b41d86da2f0201a3.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9fbafe17ccf61ea39a66ffc6c9c4d1189b6bf3231dafbde36505105fbd38332f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 562632
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 6781915012521773401
content-length: 45380
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Tue, 13 Oct 2020 03:43:17 GMT
server: nginx
x-timer: S1603124339.750722,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"2242a-175200e1c08"
x-datadog-trace-id: 6781915012521773401
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 4442

GET
H2 200 commons.deb6dc4220b6b986268d.js Show response
linktr.ee/_next/static/chunks/ 416 KB
118 KB 29ms
21ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/commons.deb6dc4220b6b986268d.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c356da6194f3cf824ffaf969c34f3e416afc97d7db1c563e59e8867a46e04df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 562632
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 7772830282808936796
content-length: 120725
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Tue, 13 Oct 2020 03:43:17 GMT
server: nginx
x-timer: S1603124339.750706,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 1
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"68060-175200e1c08"
x-datadog-trace-id: 7772830282808936796
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 4712

GET
H2 200 d3e7a85a4cc105cb46904c069d3a04c5e484bc15.97e0d4e1bd5d31e3b6be.js Show response
linktr.ee/_next/static/chunks/ 31 KB
11 KB 64ms
56ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/d3e7a85a4cc105cb46904c069d3a04c5e484bc15.97e0d4e1bd5d31e3b6be.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

94bef842177aa04b087645dfedc14c4d5686eb440c877a56ec7ae314715bc36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321170
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 3264463900317425315
content-length: 11474
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.750712,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"7ae5-1752e7fa270"
x-datadog-trace-id: 3264463900317425315
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1646

GET
H2 200 176033e60daf096fe709f53e126825321c785736.2db2fcb1ff2bb7b50668.js Show response
linktr.ee/_next/static/chunks/ 17 KB
7 KB 62ms
55ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/176033e60daf096fe709f53e126825321c785736.2db2fcb1ff2bb7b50668.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b7f1d6825abc55efb0a47d66ec53d5b53d61eec7c81df3b4933d51eb48b65a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321169
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 2468149756777536224
content-length: 6460
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.750893,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"44ef-1752e7fa270"
x-datadog-trace-id: 2468149756777536224
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1654

GET
H2 200 main-4962f5584c4f4264ef5f.js Show response
linktr.ee/_next/static/runtime/ 17 KB
7 KB 61ms
55ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/runtime/main-4962f5584c4f4264ef5f.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

218051a81ccffed1acf55b5d3f41bd432fcf2b3964fea795413d73f5bf1c8a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 489543
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 2227065539283980074
content-length: 6356
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Tue, 13 Oct 2020 23:52:35 GMT
server: nginx
x-timer: S1603124339.750907,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 1
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"43f5-175246141b8"
x-datadog-trace-id: 2227065539283980074
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 2922

GET
H2 200 4674618e.4ad7d42d9ea6c7f2fc02.js Show response
linktr.ee/_next/static/chunks/ 76 KB
28 KB 83ms
77ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/4674618e.4ad7d42d9ea6c7f2fc02.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c7d9a30e093fafe3334b140328dfccd42719b276ab35af0c92a64f5eb40e83ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321154
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 1364107192634082971
content-length: 28224
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.766692,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"13021-1752e7fa270"
x-datadog-trace-id: 1364107192634082971
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1739

GET
H2 200 37aee9ee.54ef5ad664beb0e1dcca.js Show response
linktr.ee/_next/static/chunks/ 238 KB
58 KB 81ms
76ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/37aee9ee.54ef5ad664beb0e1dcca.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

387fe30d5a4132dd99404a0a2171bc0f86c1aed06c8a5e45eebf9f1d5187c818

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321169
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 7246718169390306918
content-length: 59599
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.766684,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"3b69e-1752e7fa270"
x-datadog-trace-id: 7246718169390306918
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1552

GET
H2 200 d4570def6f69417c429cc11699f1d239cb15bac8.34dabad5af50ca16e0dc.js Show response
linktr.ee/_next/static/chunks/ 1 MB
413 KB 89ms
84ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/d4570def6f69417c429cc11699f1d239cb15bac8.34dabad5af50ca16e0dc.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

26d520229716fa5d5f6cf197e2c21c7217617396e7d107ad323f30b8f9f5588f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321158
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 2611175956535659946
content-length: 422233
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.766676,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"125306-1752e7fa270"
x-datadog-trace-id: 2611175956535659946
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 474

GET
H2 200 d4570def6f69417c429cc11699f1d239cb15bac8_CSS.244c3afbbfc751a1196f.js Show response
linktr.ee/_next/static/chunks/ 61 B
523 B 80ms
76ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/chunks/d4570def6f69417c429cc11699f1d239cb15bac8_CSS.244c3afbbfc751a1196f.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

846bd2506ff67e6fb04c1b886fa912d325ecc49f6a5045e71e2bec59bc843341

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321168
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 6532294958298058597
content-length: 64
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.766658,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"3d-1752e7fa270"
x-datadog-trace-id: 6532294958298058597
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1645

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 55ms
53ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

fb5323b78f8c4ac3d3e67de94a47d0b48cad5d735784abce37c0e05ef5c83543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 16:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11245
x-xss-protection: 0
server: cafe
etag: 812263826817654958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Oct 2020 16:18:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
553 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Karla:wght@300;400;600;700&display=swap

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

862409dbdda018c1838c627fb61172155ceac5df50b10cfb4bd8e83297d9ed90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 16:10:20 GMT
server: ESF
date: Mon, 19 Oct 2020 16:18:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Oct 2020 16:18:58 GMT

GET
H2 200 _buildManifest.js Show response
linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/ 557 B
498 B 77ms
76ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/_buildManifest.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ae40d66e4d034d70f84b9606993c188ea0e0bc4c517017388d98de623759ae45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321166
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 6066710864306937076
content-length: 291
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.766634,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"22d-1752e7fa270"
x-datadog-trace-id: 6066710864306937076
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1650

GET
H2 200 _ssgManifest.js Show response
linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/ 76 B
519 B 75ms
74ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linktr.ee/_next/static/pS-gsu2-I1t01fLi3CmOA/_ssgManifest.js

Requested by

Host: linktr.ee
URL: https://linktr.ee/nuranjayguys?utm_medium=email&utm_source=getresponse&utm_content=asgsagasgsagasgas&utm_campaign=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://linktr.ee
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 321165
x-dns-prefetch-control: off
x-cache: HIT
status: 200
x-datadog-parent-id: 1907863444582289560
content-length: 60
x-datadog-sampled: 1
x-served-by: cache-cph20632-CPH
referrer-policy: no-referrer
last-modified: Thu, 15 Oct 2020 23:01:58 GMT
server: nginx
x-timer: S1603124339.766601,VS0,VE0
x-frame-options: SAMEORIGIN
date: Mon, 19 Oct 2020 16:18:58 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-datadog-sampling-priority: 0
x-download-options: noopen
via: 1.1 varnish
x-xss-protection: 0
cache-control: public, max-age=31536000, immutable
etag: W/"4c-1752e7fa270"
x-datadog-trace-id: 1907863444582289560
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1649

OPTIONS
H2 200 47903318
analytics.linktr.ee/api/links/ 0
0 596ms
506ms Other
application/json 99.86.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.linktr.ee/api/links/47903318
Protocol: H2
Server: 99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-127.mxp64.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://linktr.ee
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 1
date: Mon, 19 Oct 2020 16:18:59 GMT
x-amzn-requestid: 9544acac-bc0d-4c6a-9ef5-87e420243eae
access-control-allow-origin: https://linktr.ee
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: UqpiDF0BPHcF9Gw=
access-control-allow-methods: OPTIONS,POST
x-amzn-trace-id: Root=1-5f8dbc73-125d7a4376db3d5d42b410af
x-cache: Miss from cloudfront
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amz-cf-id: 5yb57fb68YhAiNKRSFHBk9DuXcS8q7RJC0dJiYOdcGu8Byc5Rd9vgg==

POST
H2 200 47903318
analytics.linktr.ee/api/links/ 16 B
403 B 563ms
562ms XHR
application/body 99.86.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.linktr.ee/api/links/47903318
Requested by: Host: linktr.ee
URL: https://linktr.ee/_next/static/chunks/d3e7a85a4cc105cb46904c069d3a04c5e484bc15.97e0d4e1bd5d31e3b6be.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-127.mxp64.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 19 Oct 2020 16:19:00 GMT
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amzn-requestid: a7d9decc-4f50-4e99-8efb-2a8167397c6e
status: 200
x-cache: Miss from cloudfront
content-type: application/body
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f8dbc73-348f1c3813ae50f930dcd87a
access-control-allow-credentials: true
x-amz-apigw-id: UqpiIFqavHcFhqQ=
content-length: 16
x-amz-cf-id: aO5ti4OsnOr1WIA0Q5liMDL-4bzcnLtLPlKrj4GzAnZ0xKfE3mLfFQ==

POST
H2 200 6b91c293babd40bc97240dc78286e9993387655c Show response
analytics.linktr.ee/api/ 4 B
390 B 535ms
535ms XHR
application/body 99.86.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.linktr.ee/api/6b91c293babd40bc97240dc78286e9993387655c
Requested by: Host: linktr.ee
URL: https://linktr.ee/_next/static/chunks/d3e7a85a4cc105cb46904c069d3a04c5e484bc15.97e0d4e1bd5d31e3b6be.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-127.mxp64.r.cloudfront.net
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 19 Oct 2020 16:19:00 GMT
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amzn-requestid: c4e27dff-836d-47d9-829a-0917117d8761
status: 200
x-cache: Miss from cloudfront
content-type: application/body
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f8dbc73-7c524eb440ea91cb4ee2e706
access-control-allow-credentials: true
x-amz-apigw-id: UqpiIHvSPHcFpVg=
content-length: 4
x-amz-cf-id: SM3NTlANtoTp-HPeFP_i9f5RHQVs6mfKo5eptk9F-Mm26CZGkZXogw==

OPTIONS
H2 200 6b91c293babd40bc97240dc78286e9993387655c
analytics.linktr.ee/api/ 0
0 582ms
498ms Other
application/json 99.86.154.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.linktr.ee/api/6b91c293babd40bc97240dc78286e9993387655c
Protocol: H2
Server: 99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-127.mxp64.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://linktr.ee
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 1
date: Mon, 19 Oct 2020 16:18:59 GMT
x-amzn-requestid: 5971c992-d5ec-4da5-b04e-fb13365c5667
access-control-allow-origin: https://linktr.ee
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: UqpiDFqbvHcFpEA=
access-control-allow-methods: OPTIONS,POST
x-amzn-trace-id: Root=1-5f8dbc73-226c7c600a7c19312679758f
x-cache: Miss from cloudfront
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amz-cf-id: uT_zK6u14IelaRlwCRj2W-OVUAVjwkVw4U6DQwiX7ZCRFtnd-9-wrw==

OPTIONS
H2 200 xnby97bf32bv
i.linktr.ee/api/ 0
0 286ms
196ms Other
application/json 99.86.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.linktr.ee/api/xnby97bf32bv
Protocol: H2
Server: 99.86.154.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-12.mxp64.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://linktr.ee
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 0
date: Mon, 19 Oct 2020 16:19:00 GMT
x-amzn-requestid: 90f27e97-98eb-4693-99fc-bf600bde89e7
access-control-allow-origin: https://linktr.ee
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: UqpiKFVDPHcFsoQ=
access-control-allow-methods: OPTIONS,POST
x-amzn-trace-id: Root=1-5f8dbc74-31a9e9bc3a430f600b96d4ee
x-cache: Miss from cloudfront
via: 1.1 eaa8104a21ab5f25827e5678acfcc3cd.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amz-cf-id: 2h6fcVALREE5Goi5F1Qwc6kjwqhmIVsp6vXVDj8ucKa-Zw-ByhzC5w==

POST
H2 200 xnby97bf32bv
i.linktr.ee/api/ 78 B
465 B 289ms
288ms XHR
application/body 99.86.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.linktr.ee/api/xnby97bf32bv
Requested by: Host: linktr.ee
URL: https://linktr.ee/_next/static/chunks/d3e7a85a4cc105cb46904c069d3a04c5e484bc15.97e0d4e1bd5d31e3b6be.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.154.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-12.mxp64.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Oct 2020 16:19:00 GMT
via: 1.1 eaa8104a21ab5f25827e5678acfcc3cd.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amzn-requestid: f63afb2d-c3c3-4de1-9374-8cfc2a5a40b5
status: 200
x-cache: Miss from cloudfront
content-type: application/body
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f8dbc74-73f418731546f08a13672fbb
access-control-allow-credentials: true
x-amz-apigw-id: UqpiMH1dvHcFSZg=
content-length: 78
x-amz-cf-id: nMfYgiv73PrRiIMYZRmfL1ODF25Whkzl8AapdtyolMxgVUiCqxdDGg==

GET
H/1.1 200
OK Cookie set /
authorized-signinapps-scamdedek.duckdns.org/ 121 B
568 B 1794ms
1364ms Document
text/html 23.100.27.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://authorized-signinapps-scamdedek.duckdns.org/?asu

Requested by

Host: linktr.ee
URL: https://linktr.ee/_next/static/chunks/d4570def6f69417c429cc11699f1d239cb15bac8.34dabad5af50ca16e0dc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

23.100.27.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: authorized-signinapps-scamdedek.duckdns.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 16:19:00 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=ee313b7ec14d8eb5a18262f6a525450e; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H2 200 xnby97bf32bv
i.linktr.ee/api/ 18 B
403 B 757ms
757ms XHR
application/body 99.86.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.linktr.ee/api/xnby97bf32bv
Requested by: Host: linktr.ee
URL: https://linktr.ee/_next/static/chunks/d3e7a85a4cc105cb46904c069d3a04c5e484bc15.97e0d4e1bd5d31e3b6be.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.154.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-12.mxp64.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Oct 2020 16:19:01 GMT
via: 1.1 eaa8104a21ab5f25827e5678acfcc3cd.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amzn-requestid: ee9d5289-602c-45d5-b1e1-853c4bba10a2
status: 200
x-cache: Miss from cloudfront
content-type: application/body
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f8dbc75-0f9e180e611a245400bce7cb
access-control-allow-credentials: true
x-amz-apigw-id: UqpiUEJ4PHcF7YQ=
content-length: 18
x-amz-cf-id: 8nBBXEuccWcNUbS157fPsUDlSgCsJdi3o6cqDsmYi_oBg7JJ-feTNA==

OPTIONS
H2 200 xnby97bf32bv
i.linktr.ee/api/ 0
0 207ms
207ms Other
application/json 99.86.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.linktr.ee/api/xnby97bf32bv
Protocol: H2
Server: 99.86.154.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-154-12.mxp64.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://linktr.ee
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 0
date: Mon, 19 Oct 2020 16:19:00 GMT
x-amzn-requestid: 46842636-c2f1-44b8-a266-66778b4f7d06
access-control-allow-origin: https://linktr.ee
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: UqpiPHWMvHcF5UQ=
access-control-allow-methods: OPTIONS,POST
x-amzn-trace-id: Root=1-5f8dbc74-60b1e9672528ebe67bfce223
x-cache: Miss from cloudfront
via: 1.1 eaa8104a21ab5f25827e5678acfcc3cd.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
x-amz-cf-id: b_X7d0hAp-47yOO1oQo2tpydq_0iLPBtXSxJALrUAi-QcAKJFN0U8w==

GET
H/1.1 200
OK Primary Request signin Show response
authorized-signinapps-scamdedek.duckdns.org/ap/ 7 KB
8 KB 931ms
930ms Document
text/html 23.100.27.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://authorized-signinapps-scamdedek.duckdns.org/ap/signin?session=3a27eedcc46191330a86a37f1867770fc7ca618b

Requested by

Host: authorized-signinapps-scamdedek.duckdns.org
URL: https://authorized-signinapps-scamdedek.duckdns.org/?asu

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

23.100.27.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

00cc03089aec68794cf5761d9ddf97fe3afb86d6e80a4e727f4873e54453a12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: authorized-signinapps-scamdedek.duckdns.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://authorized-signinapps-scamdedek.duckdns.org/?asu
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=ee313b7ec14d8eb5a18262f6a525450e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://authorized-signinapps-scamdedek.duckdns.org/?asu

Response headers

Date: Mon, 19 Oct 2020 16:19:02 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK main.css
authorized-signinapps-scamdedek.duckdns.org/assets/css/ 173 KB
174 KB 155ms
155ms Stylesheet
text/css 23.100.27.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://authorized-signinapps-scamdedek.duckdns.org/assets/css/main.css

Requested by

Host: authorized-signinapps-scamdedek.duckdns.org
URL: https://authorized-signinapps-scamdedek.duckdns.org/ap/signin?session=3a27eedcc46191330a86a37f1867770fc7ca618b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

23.100.27.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

c53294daa2b521e9c969be5ad264b0c281463b9a9f0fbe341b802d6485a24d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authorized-signinapps-scamdedek.duckdns.org/ap/signin?session=3a27eedcc46191330a86a37f1867770fc7ca618b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 16:19:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Feb 2019 08:33:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 177536
X-XSS-Protection: 1; mode=block

GET
H2 200 AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ 27 KB
28 KB 122ms
42ms Image
image/png 54.192.205.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
Requested by: Host: authorized-signinapps-scamdedek.duckdns.org
URL: https://authorized-signinapps-scamdedek.duckdns.org/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.205.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-205-222.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

Referer: https://authorized-signinapps-scamdedek.duckdns.org/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 23 Aug 2020 06:58:41 GMT
via: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
age: 5020117
edge-cache-tag: x-cache-365,/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013
status: 200
x-cache: Hit from cloudfront
content-length: 27972
surrogate-key: x-cache-365 /images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013
last-modified: Fri, 22 Sep 2017 00:23:19 GMT
server: Server
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 76bd8a3e-2947-4659-9847-66c0d6a3c7e1
x-amz-cf-pop: HAM50-C3
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: ZGmOUnSuLbVHlyIYBFMrsaiE-KmnqsV3uHaKe-a6cVjkdXFeIYjv1w==
expires: Fri, 17 Aug 2040 13:50:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://linktr.ee/_next/static/chunks/d4570def6f69417c429cc11699f1d239cb15bac8.34dabad5af50ca16e0dc.js(Line 1) Message: CEP:: watcher attached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.linktr.ee
app.getresponse.com
authorized-signinapps-scamdedek.duckdns.org
fonts.googleapis.com
i.linktr.ee
linktr.ee
m.media-amazon.com
www.googleadservices.com
104.160.64.9
151.101.66.133
172.217.18.98
23.100.27.171
2a00:1450:4001:801::200a
54.192.205.222
99.86.154.12
99.86.154.127
00cc03089aec68794cf5761d9ddf97fe3afb86d6e80a4e727f4873e54453a12c
1bab74432ea9c7dcb6d9b808d8d1f69adec879624473f0fd2b8928d67dddc658
218051a81ccffed1acf55b5d3f41bd432fcf2b3964fea795413d73f5bf1c8a3c
26d520229716fa5d5f6cf197e2c21c7217617396e7d107ad323f30b8f9f5588f
29c23045f8847c2ebfb8d22ba1c9c02ec1c35ac7bc8662c52ea0c9fffe25f73f
33f271fbfebc528ada30d55f75c057416f452204e06aa03c422125233f66313e
387fe30d5a4132dd99404a0a2171bc0f86c1aed06c8a5e45eebf9f1d5187c818
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
451b489942ea58e3313b63249dc2bd34aae2015ceba0df9b9a6c29ae33016715
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
846bd2506ff67e6fb04c1b886fa912d325ecc49f6a5045e71e2bec59bc843341
862409dbdda018c1838c627fb61172155ceac5df50b10cfb4bd8e83297d9ed90
94bef842177aa04b087645dfedc14c4d5686eb440c877a56ec7ae314715bc36c
9fbafe17ccf61ea39a66ffc6c9c4d1189b6bf3231dafbde36505105fbd38332f
ae40d66e4d034d70f84b9606993c188ea0e0bc4c517017388d98de623759ae45
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7f1d6825abc55efb0a47d66ec53d5b53d61eec7c81df3b4933d51eb48b65a55
c356da6194f3cf824ffaf969c34f3e416afc97d7db1c563e59e8867a46e04df7
c53294daa2b521e9c969be5ad264b0c281463b9a9f0fbe341b802d6485a24d19
c7d9a30e093fafe3334b140328dfccd42719b276ab35af0c92a64f5eb40e83ed
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
fb5323b78f8c4ac3d3e67de94a47d0b48cad5d735784abce37c0e05ef5c83543

authorized-signinapps-scamdedek.duckdns.org Open in urlscan Pro 23.100.27.171 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

13 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

926 kBTransfer

2395 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

authorized-signinapps-scamdedek.duckdns.org Open in urlscan Pro
23.100.27.171 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

926 kB
Transfer

2395 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!