link2.tr1net.com Open in urlscan Pro
2606:4700:3033::6815:4fb0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://i.tr1net.com/l9Hb9S
Effective URL:
https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&r...
Submission: On September 21 via api (September 21st 2022, 6:08:56 am UTC) from BE — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3033::6815:4fb0, located in United States and belongs to CLOUDFLARENET, US. The main domain is link2.tr1net.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 2nd 2022. Valid for: a year.

This is the only time link2.tr1net.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3033::6815:4fb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400a:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
12	3

8 2606:4700:3033::6815:4fb0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i.tr1net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link2.tr1net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:808::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	tr1net.com 1 redirects i.tr1net.com link2.tr1net.com	998 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
12	3

	Domain	Requested by
7	link2.tr1net.com	link2.tr1net.com
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	link2.tr1net.com
1	i.tr1net.com	1 redirects
12	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-02` - `2023-02-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
Frame ID: 72C3EE3BA10B3B29771B0B85A6B891E4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dating Site ONLINE

Page URL History Show full URLs

https://i.tr1net.com/l9Hb9S HTTP 302
https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&a... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

1046 kB
Transfer

1123 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://i.tr1net.com/l9Hb9S HTTP 302
https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request c.php Show response
link2.tr1net.com/
Redirect Chain

https://i.tr1net.com/l9Hb9S
https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=

11 KB
2 KB

71ms
61ms

Document
text/html

2606:4700:3033::6815:4fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21453d3f8e341ac3a05d330ef5bf0175016333fc2296fefc92c6fae0b3d2a887

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74e0a0ebda75bbaf-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 06:08:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXzaLzuQ0nXzGUNsC%2BGEI9M2fzqBgsatWdh9wtyqJ9IcbkblwJutuJDOVVR13xDQAxnKKmw37%2FOu9DMQAxne9AygEsTCcnt7dMsO21e9QdC7ZuAFLmwBnJtnmyATHpo714mbCvDQWOV0o1446zya"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74e0a0eb8a15bbaf-FRA
content-length: 0
date: Wed, 21 Sep 2022 06:08:50 GMT
location: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB%2B%2BKA%2BR5hkIOw0SX%2BK4Ou2aAvuZ0%2BlZ2HCwQjdnjDbKdbGLzJEkD2fh8VwBflgBAsZSgBrDvLECe%2BslJdDL3zRR3FSEvWoKxL4NHq0vSG5HPucpj8zBoUMGMh1oB5O3iCvK5OJXj3MLNDU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 webPushMotivationPopupSmall.css
link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/ 5 KB
2 KB 38ms
37ms Stylesheet
text/css 2606:4700:3033::6815:4fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/webPushMotivationPopupSmall.css
Requested by: Host: link2.tr1net.com
URL: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 06:08:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2022 20:38:47 GMT
server: cloudflare
etag: W/"622a61d7-1340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuXetlMFRbK0ZuX62yJOCFi87y3WsYqHEEhBLEyiT7P1ofH6m5Box61UFpZTM50oo70ZAS2x6dTizMzIYbClyPgLVxICjhbjUIhrUhFaKZ9fIHeXir%2FIvaZeYpfXHnRS5LJ5m9x%2F7FPFdpzgmPhb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74e0a0ec3b3bbbaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 script.js Show response
link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/js/ 88 KB
32 KB 43ms
43ms Script
application/javascript 2606:4700:3033::6815:4fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/js/script.js?22
Requested by: Host: link2.tr1net.com
URL: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe661aa17a16a45bf78cdbe6f023397357efbebcdf4411aae62275349e9615a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 06:08:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 25 Mar 2022 11:15:54 GMT
server: cloudflare
etag: W/"623da46a-16027"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpG%2FBNLkKn1jvEpFhEGw1FAsFD9MExo1LaHsw3tJqKFd9a2vyFvj01bGLi4lohJcr50B9ODYUF1QEry25AVogC7LCu%2Fc%2FFJsCchB8eCIgCRKW%2BT5c70n7%2F7Cyo270h0Pam33VmIgrNsSRGYOL7x9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74e0a0ec3b3ebbaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/ 9 KB
2 KB 39ms
39ms Stylesheet
text/css 2606:4700:3033::6815:4fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css
Requested by: Host: link2.tr1net.com
URL: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 766ca630c8e187f174fbb02be71db4b95445d7b68733551c416368d7b645e10d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 06:08:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2022 20:38:47 GMT
server: cloudflare
etag: W/"622a61d7-2273"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdxlxemhVRXWO2t5P7%2BB%2BzCR8buuwXcbXX8OTunM%2BRsoEgRrR26deMofccPEVA3dvmlAaHMaRoI5ZGm3uQiglSXU3C5YABCtlw12%2BFUTKMe2aEegm7HY%2BZx2m5KmYnweHA3ohjg%2BZrcSMGZHwmcj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74e0a0ec3b3dbbaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 1 KB
925 B 72ms
28ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant

Requested by

Host: link2.tr1net.com
URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/webPushMotivationPopupSmall.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90181e87560d5e4a2f339c6d8e660a3046801cc5a29107a984bec620ac6d3578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 05:22:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 06:08:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 06:08:50 GMT

GET
H3 200 css
fonts.googleapis.com/ 6 KB
672 B 61ms
29ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: link2.tr1net.com
URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 05:03:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 06:08:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 06:08:50 GMT

GET
H3 200 shapes.png
link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/images/ 3 KB
4 KB 45ms
45ms Image
image/png 2606:4700:3033::6815:4fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/images/shapes.png
Requested by: Host: link2.tr1net.com
URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacbf7948643d205b2cf2c6e5f07dce8b00a43544df6e243d15b90e5643496ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 06:08:50 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2022 20:38:47 GMT
server: cloudflare
etag: "622a61d7-caf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLYx%2BKFQaSE56olP%2BulSJ5gJJL4KkrUChnL8m9BYN7kEzb910PdEvRY8PSZZmhd9QuflNn1ebbyyDGUAWpVyxhXR7O86ldJIgLzMfZjyxy7yT8Oz2t%2Bg49Mq4YknP%2BtQFIxJyWwLetptjb0BhOgZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74e0a0ed69f0bb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3247

GET
H3 200 photo1.png
link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/images/ 444 KB
445 KB 37ms
37ms Image
image/png 2606:4700:3033::6815:4fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/images/photo1.png
Requested by: Host: link2.tr1net.com
URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73bdca3fc54caca18c94d2087865212f6bf5b69f7ad6e3ff0b47b35a08890350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 06:08:50 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2022 20:38:47 GMT
server: cloudflare
etag: "622a61d7-6f08e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGRpfwOBcql%2FfGecCSSfcLX%2FfPK8oKdK%2F5U%2BK2B20sa0VRfw6HPEvLD%2FSGOZY126TaFRTdKjvm5Uar%2BBW66AF4cBeR7ce2XDDiyQRPQ9Fg%2BgZjrLW%2B20wHjEH9wNUfQYe6cev4PTfQPWOblGJJ9U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74e0a0ed69f1bb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 454798

GET
H3 200 photo1-1.png
link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/images/ 510 KB
511 KB 45ms
44ms Image
image/png 2606:4700:3033::6815:4fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/images/photo1-1.png
Requested by: Host: link2.tr1net.com
URL: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0933cfb6c29956d3c7c7f5a4520ef9d78cdc91b4f1d491fb224af770f181d6f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link2.tr1net.com/landers/bbabf36acc/73-modif-VC-en/73-modif-VC-en/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 06:08:50 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2022 20:38:47 GMT
server: cloudflare
etag: "622a61d7-7f855"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cx4DMPdc9UM3mlIPkybcxPBvU9AeeHAdAz8x0UoCcNpYcvRSuvctt%2Fj6GqS92E%2FzkbaHUGrdKeojcezZFV6qT5kNz2Y6SXrsSkU03L58gEWXCpgOGFH0p%2BnTKqwKeuzpYRErSpMlaQqchz%2BQeXE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74e0a0ed69f2bb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 522325

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link2.tr1net.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 134638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link2.tr1net.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 405681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 13:27:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link2.tr1net.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 134945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:39:45 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.tr1net.com/	1970-01-20 14:54:36	Name: afclick Value: 632aaa7281aaea0001dde235
i.tr1net.com/	1970-01-20 14:54:36	Name: afoffers Value: {"25":1663740530}
link2.tr1net.com/	1970-01-20 06:10:26	Name: uclick Value: fngx9l4pvr
link2.tr1net.com/	1970-01-20 06:10:26	Name: uclickhash Value: fngx9l4pvr-fngx9l4pvr-1z-j6q5-2tscwj-zwa1fe-zwa0dz-4c68c3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://link2.tr1net.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=632aaa7281aaea0001dde235&affpid=53764&action_id=DEdesktop&referrer=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
i.tr1net.com
link2.tr1net.com
2606:4700:3033::6815:4fb0
2a00:1450:4001:830::2003
2a00:1450:400a:808::200a
0933cfb6c29956d3c7c7f5a4520ef9d78cdc91b4f1d491fb224af770f181d6f0
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
1fe661aa17a16a45bf78cdbe6f023397357efbebcdf4411aae62275349e9615a
21453d3f8e341ac3a05d330ef5bf0175016333fc2296fefc92c6fae0b3d2a887
73bdca3fc54caca18c94d2087865212f6bf5b69f7ad6e3ff0b47b35a08890350
766ca630c8e187f174fbb02be71db4b95445d7b68733551c416368d7b645e10d
90181e87560d5e4a2f339c6d8e660a3046801cc5a29107a984bec620ac6d3578
bacbf7948643d205b2cf2c6e5f07dce8b00a43544df6e243d15b90e5643496ec
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

link2.tr1net.com Open in urlscan Pro 2606:4700:3033::6815:4fb0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

1046 kBTransfer

1123 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

link2.tr1net.com Open in urlscan Pro
2606:4700:3033::6815:4fb0 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

1046 kB
Transfer

1123 kB
Size

4
Cookies

12 HTTP transactions
0 data transactions