6ecq0.linkforusers.com Open in urlscan Pro
66.195.197.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://content.indiatourizm.org/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__
Effective URL:
https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605
Submission: On December 01 via api (December 1st 2023, 12:58:08 pm UTC) from GB — Scanned from GB

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 17 HTTP transactions. The main IP is 66.195.197.14, located in and belongs to . The main domain is 6ecq0.linkforusers.com.
TLS certificate: Issued by R3 on November 5th 2023. Valid for: 3 months.

This is the only time 6ecq0.linkforusers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::6815:26a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.154.173.77 94.154.173.77	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1 7	66.195.197.14 66.195.197.14	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::200a	() ()
1	2606:4700:e0:... 2606:4700:e0::ac40:6e03	() ()
2	2a00:1450:400... 2a00:1450:4001:829::2003	() ()
17	7

2 2606:4700:3037::6815:26a8 (United States)

ASN13335 (CLOUDFLARENET, US)

content.indiatourizm.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.154.173.77 (Hyattsville, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

latchmetal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 66.195.197.14 (None, ) 1 redirects

ASN- ()

6ecq0.fixedtestedlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6ecq0.linkforusers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6e03 (None, )

ASN- ()

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	linkforusers.com 6ecq0.linkforusers.com	72 KB
2	gstatic.com fonts.gstatic.com	68 KB
2	indiatourizm.org content.indiatourizm.org	1 KB
1	trk-consulatu.com trk-consulatu.com event.trk-consulatu.com Failed	3 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	fixedtestedlink.com 1 redirects 6ecq0.fixedtestedlink.com	705 B
1	latchmetal.com latchmetal.com	408 B
17	7

	Domain	Requested by
6	6ecq0.linkforusers.com	latchmetal.com 6ecq0.linkforusers.com
2	fonts.gstatic.com	fonts.googleapis.com
2	content.indiatourizm.org	content.indiatourizm.org
1	trk-consulatu.com	6ecq0.linkforusers.com
1	fonts.googleapis.com	6ecq0.linkforusers.com
1	6ecq0.fixedtestedlink.com	1 redirects
1	latchmetal.com	content.indiatourizm.org
0	event.trk-consulatu.com Failed	trk-consulatu.com
17	8

This site contains no links.

Subject Issuer	Validity	Valid
indiatourizm.org GTS CA 1P5	`2023-10-16` - `2024-01-14`	3 months	crt.sh
latchmetal.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
linkforusers.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
trk-consulatu.com GTS CA 1P5	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605
Frame ID: 274ABA921559EFA8C6A667C622A98EFF
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://content.indiatourizm.org/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__ Page URL
https://content.indiatourizm.org/t/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__ Page URL
https://latchmetal.com/0/0/0/52e6085d6a5efadb9c608a63a990b1e1/9/9-95/28-22442-153 Page URL
https://6ecq0.fixedtestedlink.com/?kw=31&s2=1097162805 HTTP 302
https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-... Page URL

Page Statistics

17
Requests

76 %
HTTPS

67 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

147 kB
Transfer

174 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://content.indiatourizm.org/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__ Page URL
https://content.indiatourizm.org/t/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__ Page URL
https://latchmetal.com/0/0/0/52e6085d6a5efadb9c608a63a990b1e1/9/9-95/28-22442-153 Page URL
https://6ecq0.fixedtestedlink.com/?kw=31&s2=1097162805 HTTP 302
https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__ Show response
content.indiatourizm.org/ 457 B
863 B 311ms
66ms Document
text/html 2606:4700:3037::6815:26a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.indiatourizm.org/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:26a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fb525716a679f2e6185f92182367f3dc8ce0a2287eecf7226332d3bd30a3e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82eb7fc6dd3560db-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 12:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg6pnKRcQ0jbG7P0U27AHor1DbYJt4Uw%2BcXmfFoxT3l8Kw0dGzYbSXiNgi7LM8mC24lp48XLQ%2BSaZSHDPSvlc%2Bi2qUUeiFRNkdclMkJ%2BVH%2FPEV%2FJiAlIbq32fZ7BGTCWXry2ijgSqX7EN8ywZ2ptwHcoHhFPzww%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-address: gin_throttle_mw_7200000000_2a00:2381:5374:1a::104
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1701439080

GET
H2 200 4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__ Show response
content.indiatourizm.org/t/ 288 B
502 B 90ms
90ms Document
text/html 2606:4700:3037::6815:26a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.indiatourizm.org/t/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__
Requested by: Host: content.indiatourizm.org
URL: https://content.indiatourizm.org/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:26a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4a03aedaaf6ed0c664e939ebdf84ea73e58a84a246d231dbb6d7758e759faf

Request headers

Referer: https://content.indiatourizm.org/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82eb7fcdae7960db-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 12:58:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kle8cIGtNmEFVBLaOye%2FftgrsOxWXVW7vhU9w%2F8DUq9%2B9NQCYJ49yNoWFV6YGS8L%2BQUi6ff5sUN6UJyqAz2HnNybhngHpCNKlViLEmGHbJfIIHQYrwjXmy7BqOqqlS%2BJiZnIaQ9HIe%2B7%2FFlT3FyUBFkFGtDoVHI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-address: gin_throttle_mw_7200000000_2a00:2381:5374:1a::104
x-ratelimit-limit: 500
x-ratelimit-remaining: 498
x-ratelimit-reset: 1701439080

GET
H/1.1 200
OK 28-22442-153
latchmetal.com/0/0/0/52e6085d6a5efadb9c608a63a990b1e1/9/9-95/ 117 B
408 B 1132ms
494ms Document
text/html 94.154.173.77
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://latchmetal.com/0/0/0/52e6085d6a5efadb9c608a63a990b1e1/9/9-95/28-22442-153
Requested by: Host: content.indiatourizm.org
URL: https://content.indiatourizm.org/t/4lyICN95KUtf9ivewxoumam28ESOKXPPBJBNXGJN22442YAGK153G9__
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.154.173.77 Hyattsville, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://content.indiatourizm.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 117
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 12:58:03 GMT
server: Apache

GET
H2

200

Primary Request 44f19e2a-9049-11ee-ac58-6f0f4d163605 Show response
6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/
Redirect Chain

https://6ecq0.fixedtestedlink.com/?kw=31&s2=1097162805
https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

8 KB
4 KB

1806ms
460ms

Document
text/html

66.195.197.14

General

Check archive.org

Show headers Download Go to

Full URL

https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Requested by

Host: latchmetal.com
URL: https://latchmetal.com/0/0/0/52e6085d6a5efadb9c608a63a990b1e1/9/9-95/28-22442-153

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.14 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

c63c04b54a133e338661b5c11f363b82f0a9ddca2cc43ab77b6cf5ac35b71274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://latchmetal.com/0/0/0/52e6085d6a5efadb9c608a63a990b1e1/9/9-95/28-22442-153
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-length: 3117
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 12:58:07 GMT
server: swoole-http-server
strict-transport-security: max-age=15768000
x-redir: true

Redirect headers

cache-control: no-cache, private
content-encoding: br
content-length: 283
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 12:58:05 GMT
location: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605
server: swoole-http-server
strict-transport-security: max-age=15768000
x-redir: true

GET
H2 200 app-3da586c4.css
6ecq0.linkforusers.com/build/assets/ 37 KB
37 KB 220ms
219ms Stylesheet
text/css 66.195.197.14

General

Check archive.org

Show headers Download Go to

Full URL

https://6ecq0.linkforusers.com/build/assets/app-3da586c4.css

Requested by

Host: 6ecq0.linkforusers.com
URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.14 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

3da586c45746390cb9b5803eef31f8e1aea9105619fd6df2ce082bdf74680955

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:46:45 GMT
via: 1.1 varnish (Varnish/7.3)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 72681
x-varnish: 971254 294915
content-type: text/css
accept-ranges: bytes
content-length: 37789

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
1 KB 186ms
60ms Stylesheet
text/css 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: 6ecq0.linkforusers.com
URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

5b701241be4545d440140b6ba4aeb40d9882cff13d837ecb8b4a4a61df12df09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 12:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 12:58:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 12:58:07 GMT

GET
H2 200 300x200.jpg
6ecq0.linkforusers.com/media/template-images/iphone14multi/ 12 KB
12 KB 219ms
218ms Image
image/jpeg 66.195.197.14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6ecq0.linkforusers.com/media/template-images/iphone14multi/300x200.jpg

Requested by

Host: 6ecq0.linkforusers.com
URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.14 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd4eaa7a4e57969d67f010b68d251904835e86c2350ee441e072e57787c94a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:49:22 GMT
via: 1.1 varnish (Varnish/7.3)
strict-transport-security: max-age=15768000
last-modified: Thu, 13 Apr 2023 20:48:23 GMT
server: AmazonS3
age: 72526
etag: "adb0cdf8b3b408ce1a4f68a370ac1bcf"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
x-varnish: 193953 98428
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12201

GET
H2 200 money-bag.svg
6ecq0.linkforusers.com/templates/templates/sweepstakes_single/assets/ 3 KB
3 KB 315ms
315ms Image
image/svg+xml 66.195.197.14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6ecq0.linkforusers.com/templates/templates/sweepstakes_single/assets/money-bag.svg

Requested by

Host: 6ecq0.linkforusers.com
URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.14 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

211e57d505369d0dcb3a4919542c13fc73fd2c89c3e66cdca753f6479d8c2739

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:49:21 GMT
via: 1.1 varnish (Varnish/7.3)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 72526
x-varnish: 1793158 589910
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3407

GET
H2 200 300x200.jpg
6ecq0.linkforusers.com/media/template-images/aldi-generic/ 13 KB
13 KB 122ms
122ms Image
image/jpeg 66.195.197.14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6ecq0.linkforusers.com/media/template-images/aldi-generic/300x200.jpg

Requested by

Host: 6ecq0.linkforusers.com
URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.14 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad0150f9821553a23ed2d63bd82b2a3a8e5e53ed0c1484be2d2dfa11b2947d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:49:22 GMT
via: 1.1 varnish (Varnish/7.3)
strict-transport-security: max-age=15768000
last-modified: Fri, 23 Jun 2023 15:31:13 GMT
server: AmazonS3
age: 72526
etag: "ba79c4025ca4e159e0c3e64656debf3a"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
x-varnish: 193954 819292
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13103

GET
H2 200 oldw7nlgzn Show response
trk-consulatu.com/scripts/push/script/ 7 KB
3 KB 289ms
44ms Script
application/javascript 2606:4700:e0::ac40:6e03

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/oldw7nlgzn?url=default

Requested by

Host: 6ecq0.linkforusers.com
URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e03 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c0956218009fe6721f2afb9728dada5de28059cc6301b34b06fce2824a6321ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:58:08 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1126
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 12:39:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KD2UrnRjU%2BoBEnbeY8nnPyyS9kauucr0jznb1D7XXM1XXpxC3m%2BWln8Q5YbUsrWg9gkgGmBIKN79Vpcw6lSqG3Sz%2FoPWm18DV5vdBx%2BSRazJEY3kAVTl9wUiT%2FU9x%2BZJxCnbqz8rioDZr8XC5BXXzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 82eb7ffa089576bf-LHR
expires: 0

GET
H2 200 poly-background.svg
6ecq0.linkforusers.com/templates/templates/sweepstakes_single/assets/ 3 KB
3 KB 122ms
122ms Image
image/svg+xml 66.195.197.14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6ecq0.linkforusers.com/templates/templates/sweepstakes_single/assets/poly-background.svg

Requested by

Host: 6ecq0.linkforusers.com
URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.14 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

3dc33bba50cbca900afd367b5355f7b1d3360706756031cd939881fbd03515e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:49:21 GMT
via: 1.1 varnish (Varnish/7.3)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 72526
x-varnish: 193955 655442
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2596

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 280ms
39ms Font
font/woff2 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6ecq0.linkforusers.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 67143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:19:05 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 297ms
56ms Font
font/woff2 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6ecq0.linkforusers.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 03:53:38 GMT
x-content-type-options: nosniff
age: 32670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 03:53:38 GMT

POST lmdzxr03ek
event.trk-consulatu.com/register/event_log/ 0
0

OPTIONS lmdzxr03ek
event.trk-consulatu.com/register/event_log/ 0
0

POST lmdzxr03ek
event.trk-consulatu.com/register/event_log/ 0
0

OPTIONS lmdzxr03ek
event.trk-consulatu.com/register/event_log/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: event.trk-consulatu.com
URL: https://event.trk-consulatu.com/register/event_log/lmdzxr03ek

Domain: event.trk-consulatu.com
URL: https://event.trk-consulatu.com/register/event_log/lmdzxr03ek

Domain: event.trk-consulatu.com
URL: https://event.trk-consulatu.com/register/event_log/lmdzxr03ek

Domain: event.trk-consulatu.com
URL: https://event.trk-consulatu.com/register/event_log/lmdzxr03ek

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			latchmetal.com/	1970-01-20 17:20:27	Name: uid31 Value: 1097162805-20231201075803-51cd74691425c8c2de45052cead6d772-

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://6ecq0.linkforusers.com/t/c28fbaf92f2e/44e7ea88-9049-11ee-bebc-8d7eed8fe578/44f19e2a-9049-11ee-ac58-6f0f4d163605 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ecq0.fixedtestedlink.com
6ecq0.linkforusers.com
content.indiatourizm.org
event.trk-consulatu.com
fonts.googleapis.com
fonts.gstatic.com
latchmetal.com
trk-consulatu.com
event.trk-consulatu.com
2606:4700:3037::6815:26a8
2606:4700:e0::ac40:6e03
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
66.195.197.14
94.154.173.77
211e57d505369d0dcb3a4919542c13fc73fd2c89c3e66cdca753f6479d8c2739
2b4a03aedaaf6ed0c664e939ebdf84ea73e58a84a246d231dbb6d7758e759faf
3da586c45746390cb9b5803eef31f8e1aea9105619fd6df2ce082bdf74680955
3dc33bba50cbca900afd367b5355f7b1d3360706756031cd939881fbd03515e4
45fb525716a679f2e6185f92182367f3dc8ce0a2287eecf7226332d3bd30a3e6
5b701241be4545d440140b6ba4aeb40d9882cff13d837ecb8b4a4a61df12df09
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
ad0150f9821553a23ed2d63bd82b2a3a8e5e53ed0c1484be2d2dfa11b2947d0f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd4eaa7a4e57969d67f010b68d251904835e86c2350ee441e072e57787c94a96
c0956218009fe6721f2afb9728dada5de28059cc6301b34b06fce2824a6321ac
c63c04b54a133e338661b5c11f363b82f0a9ddca2cc43ab77b6cf5ac35b71274

6ecq0.linkforusers.com Open in urlscan Pro 66.195.197.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

76 %HTTPS

67 %IPv6

7 Domains

8 Subdomains

7 IPs

1 Countries

147 kBTransfer

174 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

6ecq0.linkforusers.com Open in urlscan Pro
66.195.197.14 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

76 %
HTTPS

67 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

147 kB
Transfer

174 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions