| cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css | 104.17.24.14 | 200 OK | 4.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65348) Hashc0be8e53226ac34833fd9b5dbc01ebc5 b81ef1b22de26af8a7a4656f565fbc91a69d7518 5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 601476
expires: Sun, 27 Apr 2025 16:31:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfbXceQDUOjRKEtS%2Fuy6bKMltNBhxtk2FW9Cg7nIupTlu2e8P6rcsZL5zQJ0DKwETfFdg4Pi%2Fkj%2FAGeatmgvv2m%2FNOhHsmJQP2%2BPSjLwR22Bld7R1Uorn05tvP5D0%2B9hQ4ZNlW34"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8802997acddcb51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.gy/assets/img/logo-colored-transparent.png | 188.114.96.1 | 200 OK | 13 kB |
URL GET HTTP/3link.gy/assets/img/logo-colored-transparent.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 372 x 342, 8-bit/color RGBA, non-interlaced Hash424b27b61b1c020f6d7ba64c918de7cb f31598fc64599bbe3c0ed5abb35bed52256aa02d 7bf839e45c85df9f537f6fac9ba04e9bb3108974ef0b3852e8d691d268569e58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/logo-colored-transparent.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 12620
last-modified: Wed, 22 Sep 2021 17:09:15 GMT
etag: "43c1a94-314c-5cc9892e7e8d9"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6CjpDJkF3FrBbx3kiXxrs60diO3l6eLq0E3wNNMmbM6m85wf%2F%2FncnUpdJltaHidmzFtC5v0VgC6ucncG%2BfKDvmujdndYzlXIJSzHgdFa%2BqMpfG%2BK%2BLNzv7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ebe568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/apple.png | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3link.gy/assets/img/apple.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash427302ea57306139700406ef196cb557 98f79c1588a9e739370408775e6146b5e29ec1e4 643fbc8cbc100f883541433f43b9024a9ccb3b71ccf7ac64c938195f05b6fbb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/apple.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 1223
last-modified: Mon, 13 Dec 2021 05:14:00 GMT
etag: "43c1f39-4c7-5d30023f7d394"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BximM5ZVmlknplGJh8YUt8nVIowUpEUvY4B6wF5yKCDOHuhakO7lNFR5oCocorpy0L4cihvoRssi1wDFNWWUYi4A8XIcNjOtqNwYCiyvyqAK551dxLQtEH1z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ed3568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/app-logo.png | 188.114.96.1 | 200 OK | 9.9 kB |
URL GET HTTP/3link.gy/assets/img/app-logo.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 372 x 342, 8-bit/color RGBA, non-interlaced Hashe995d5c165a6e7bb7be4430717977b7d e728ab836f693fa9f6f6da52957287aa0f6ea809 837ae4c951763d9479dddd880597a1159e19b35ec9347127b07930e7d222d60b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/app-logo.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 9918
last-modified: Sun, 19 Sep 2021 01:36:53 GMT
etag: "43c0097-26be-5cc4f32fdd48c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5AANKmBNO%2FiGdGSCBBxQdPYHHFDI9MADiLQTCWw79%2BpjGBmJoY0DNdfOauplTGVkdUbDyO%2Br6A%2B2fsY%2Bh%2FhSKDLNhkbscVvTd8R7F2dyE4CUNMxWoX%2BdSwG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a8e86568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/edge.png | 188.114.96.1 | 200 OK | 2.7 kB |
URL GET HTTP/3link.gy/assets/img/edge.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash2f31dee14f2287908d6e4e027592cc92 1a497f6a40537afa003631f56955f7d16ea61ae3 25a71e63bc88a0eff64f9626a25a45788dced11e2b774cd84755eca990becd1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/edge.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 2693
last-modified: Thu, 30 Sep 2021 20:04:32 GMT
etag: "43c1b9b-a85-5cd3bf48755d5"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ywE%2BCjDSqgy4xtqUPh2evR04wAkBJYp%2FT3I3KRFUWcP%2BWbN0GXXsSNmAuWroEXmNAMJwHj0jS8WsxikIXWYP9i27xkN5YbqYAbZAHRZHFOX3aBrbbyBI1JY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ec5568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.96.1 | 200 OK | 12 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (31157) Hash4a25fc9922d8483ee4eb82beb9821c9a 2c12ce102480c12f99cc8f46debd3156e49e8ed7 3c422997f1aa7d1e086eb782aec38e8f6b7760bfe4a7e7de60cd15958802508a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: LINK.GY
set-cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl; path=/; domain=.link.gy
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBjZ3s5jeopvv9YGZ6V8%2B7%2BoFuE%2FO8y6R8Md3Tbg6F8M00YzgVffvSsxLOqUcS7VhNZWn3TUdRXuUn6RpAtK85U9OfLW1l5BqOx0cV76W8KkXrObNkMjaI4w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88029977bf5a569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.gy/assets/img/windows.png | 188.114.96.1 | 200 OK | 960 B |
URL GET HTTP/3link.gy/assets/img/windows.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash40059e674004687021243582463cbd8b 5c5506c154401e037e540feda107e316b30af845 4082fc7f2bd1f830211bb61f147c7d35b045450040258d5b200333f1b553436f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/windows.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 960
last-modified: Mon, 13 Dec 2021 05:13:36 GMT
etag: "43c1f38-3c0-5d30022870abf"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BcAXtNdSDF%2BZ4L1UVWcP9h3sVxxXH%2FMDGQNP%2F836707Z7PcDkxk3fnSZOoXV9jA4NkZNEohaGwvui4M%2BBpSgrw6neKTUYmynkQyqHwIfEGxpgkEQ3yvkXpz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ecf568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/illustrations/scene-3.svg | 188.114.96.1 | 200 OK | 20 kB |
URL GET HTTP/3link.gy/assets/img/illustrations/scene-3.svg IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeSVG Scalable Vector Graphics image Hash38a8a22928f4241b3704a335108fd4e8 ca0a20ca419602e199087fb3c2184b41a2fea001 e2289ae022be8c418d8f68108176285a8964cf9852feb18fc4a00c0448a6dcac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/illustrations/scene-3.svg HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/svg+xml
last-modified: Sun, 19 Sep 2021 01:36:58 GMT
etag: W/"44a0543-10702-5cc4f3345367c-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vee0rTpsmgvMd2S%2BoZg4mtZsFggwxQvTMGs79%2BfT%2BUhk3pHEuB2hKSLP8lFs2MpuowP%2FEZs6iLmyS8JBfcsp%2F%2BUkwPa5LWcsOxrI5f3%2FKgPkyd8R4mVBIas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a9eca568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js | 104.17.24.14 | 200 OK | 2.9 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10553) Hash3f3688138a1b9fc4ef669ce9056b6674 eb41c0e88206dda6f0fd8dfbbeefdc0829a9d13d 99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
GET /ajax/libs/clipboard.js/2.0.0/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2905
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e29-29a6"
last-modified: Mon, 04 May 2020 16:09:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 605624
expires: Sun, 27 Apr 2025 16:31:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QIny06nsEucuQnxwRcOKVMwovzannwxQpBlERwrOtnt3XawAEEWsQt5EhnnCzEG1Urq3VjmjnUSU%2FAfJBr7YgjRKOQnxVGjVWiNx1HUrP4fTnjKkWRkDT8LRNPqgVV2FzUFQOLX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8802997e5f76712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 | 216.58.207.227 | 200 OK | 32 kB |
URL GET HTTP/2fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32040, version 1.0 Hasha5f5335530ef43143612bb95c6326c94 828ff43b4460721f9dafd8de28f7634a601a87df fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af
GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 483607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| link.gy/assets/img/illustrations/scene-4.svg | 188.114.96.1 | 200 OK | 38 kB |
URL GET HTTP/3link.gy/assets/img/illustrations/scene-4.svg IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeSVG Scalable Vector Graphics image Hash9ef818f78907ba93182d2a732e6c2b3d 85019bccd4f058740c8f371b061fb335e0ff7f13 1538e5a606602f2f008d769dc6a6b43e727d15f2a8b934a0b5e743f59d1e3565
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/illustrations/scene-4.svg HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/svg+xml
last-modified: Sun, 19 Sep 2021 01:36:58 GMT
etag: W/"44a0544-4ad1-5cc4f3345367c-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06qzqYuZpgYZrnUPbFNYYBOB0zdRGKyEabBNjz8zVwpbrC0KzWT4GL%2BrSlN%2FxB9HPFIrdFKQvD0X4RVlBSiikXHKYkMc6TUfhX33eoXc6gze6ZRLiFduaNVS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a9ecc568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 | 216.58.207.227 | 200 OK | 32 kB |
URL GET HTTP/2fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32040, version 1.0 Hasha5f5335530ef43143612bb95c6326c94 828ff43b4460721f9dafd8de28f7634a601a87df fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af
GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 483607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 | 216.58.207.227 | 200 OK | 32 kB |
URL GET HTTP/2fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32040, version 1.0 Hasha5f5335530ef43143612bb95c6326c94 828ff43b4460721f9dafd8de28f7634a601a87df fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af
GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 483607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js | 142.250.74.138 | 200 OK | 64 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js IP142.250.74.138:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32173) Hash7403b37e7918413f5a43131b95c86abb 0c72ced078c45968712838ac683f09d0980dd0e8 c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
GET /ajax/libs/jqueryui/1.11.3/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:25 GMT
expires: Fri, 02 May 2025 01:56:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 484493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.2.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.2.137:443
CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 07 May 2024 16:31:18 GMT
age: 955659
x-served-by: cache-lga21931-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 717726
x-timer: S1715099479.858434,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| link.gy/assets/img/dashboard/profile-spacex.png | 188.114.96.1 | 200 OK | 592 kB |
URL GET HTTP/3link.gy/assets/img/dashboard/profile-spacex.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 1267 x 669, 8-bit/color RGB, non-interlaced Size592 kB (592176 bytes) Hash0a5c57606d32838ddbb0211bab901620 bbd17454d05366c4a9519fa8ce9f6997d0fdd9e3 255944e4a4272ae7c24507db072653143862400ddeab5c505e6c279e093f2d40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/dashboard/profile-spacex.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 592176
last-modified: Sun, 19 Sep 2021 13:42:29 GMT
etag: "44c1ece-90930-5cc5955ee9bb7"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUgP93ejQsr1mM%2F2A2kfTj7YeI10%2FgfpPB06vxABV82jmfMF%2BrCOGSQV799hEROQgHs4v%2FKS30aSzhFpBKz1%2BYIPLd2vsn3UFSm8vHNPtQqpJ7sGAKWhmUdU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997d7b72568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| buttons.github.io/buttons.js | 185.199.109.153 | 200 OK | 6.7 kB |
URL GET HTTP/2buttons.github.io/buttons.js IP185.199.109.153:443
CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (19342) Hashf19bf64dce0ae2233aa9c9467786d996 2ebcd1cb60fa93c7f25e3e16d4298b5bae3d657e d40cfb662c22c7374f5e76627bef0d97195cd7f3f80fac24eafb45aeec6ff69f
GET /buttons.js HTTP/1.1
Host: buttons.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Tue, 07 May 2024 07:42:39 GMT
access-control-allow-origin: *
etag: W/"6639db6f-4be0"
expires: Tue, 07 May 2024 07:52:39 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 6030:2A16A1:214708F:2233BBC:6639DC26
accept-ranges: bytes
date: Tue, 07 May 2024 16:31:18 GMT
via: 1.1 varnish
age: 175
x-served-by: cache-hel1410031-HEL
x-cache: HIT
x-cache-hits: 7
x-timer: S1715099479.910427,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 0b1717ed88d69f19b6ea6a5fe9b2d45db01ba0d7
content-length: 6736
X-Firefox-Spdy: h2
|
|
| link.gy/vendor/bootstrap/dist/js/bootstrap.min.js | 188.114.96.1 | 200 OK | 17 kB |
URL GET HTTP/3link.gy/vendor/bootstrap/dist/js/bootstrap.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (63164) Hashcbbb855a6fcc5b4cd44184735e5cd773 afa27badfdb17186df0eb0a0f626eedbaa22074f bbe43f79021ee8fe705382bc99a8a124e42486a05b7fb2b534debc1b04e9373d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:31 GMT
etag: W/"46e0970-f7da-5cc4f2364b595-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxQCWyfAg6lwh63b220cizQB%2B5Y12RFQe2CFfqhBOUjwxsB7bbVN28N4u9DBBrtE1kH0GEXp2gwa2gS3ZvK8r81e9UQA82ntmoOVl%2BLaoNIbPM67UfhVet1x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d21568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/vendor/onscreen/dist/on-screen.umd.min.js | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3link.gy/vendor/onscreen/dist/on-screen.umd.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (6666) Hash9791bf308ecdbf193c1d9654b3e96789 51f21273d74891b2d1ee517f829ad86f92932c43 6a402a35f5b0ee9651fac0bd1530be47741274513bfa736647589582c0a7620b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/onscreen/dist/on-screen.umd.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:31:40 GMT
etag: W/"45e1fbd-1a3a-5cc4f205b38e0-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yEwBBoABFVhOgbtmgLzxEaxb7GGKojp7o28sDTkN0JORb8iEN%2FjToCawKJ1gWnnkFK5ccAvlHsDjHOJgo%2B0VBhlKbghnVdGDiN2uwjjUje5HzTACjFI53yg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d17568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/vendor/popper.js/dist/umd/popper.min.js | 188.114.96.1 | 200 OK | 7.7 kB |
URL GET HTTP/3link.gy/vendor/popper.js/dist/umd/popper.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (21084) Hash84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/popper.js/dist/umd/popper.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:33 GMT
etag: W/"4702aa1-5309-5cc4f238516df-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FsCRXEmEA9G%2FNr4QX9DPhDEk4dSTPSBHnygaVFCLXLY3S0X0YdizOXcx3rv8GURDQCWqcYPmkWsyg33ynTrXY5kgVavr%2Brs46kIild2dh7IFsPCX8CsULgK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d25568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2 | 188.114.96.1 | 200 OK | 281 kB |
URL GET HTTP/3link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75336, version 330.32636 Size281 kB (281139 bytes) Hash6ad142365cb500e443a052b4260fe5e0 543b3ee04c6423e73fefea4d48ed131a96bdcdec 4d35c05ca434fdf8fd49ea4b24a839a4bee2213873508f70a1d46ed0ab2a321a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: font/woff2
last-modified: Sun, 19 Sep 2021 01:32:23 GMT
etag: W/"468142a-12648-5cc4f22ec3ce5-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExbF1qHUSUAhN2v9e5HsQKaRdJzNaq%2FIOyALJdBqD0S9Fu8wI2P6ondHOi0shAi3uzLbqueov%2BPTZMw8GL1dB43k2ce2B8DVnyQIFSjRxL5yu2kXLskFUQpU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e1cac568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js | 104.22.25.131 | 200 OK | 1.6 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (2306), with no line terminators Hashd1dc816c161b3a7313b3d42f478f140a 66e30073ff65f5b96fed00992224f97dd93453bc cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f
GET /_s/v4/app/6625f366c87/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"d1dc816c161b3a7313b3d42f478f140a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299859d76b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.80.73 | 200 OK | 15 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.80.73:443
CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typegzip compressed data, from Unix Hash8cfbb5c267eea85551e965795a82bc57 d830b0c9b4772e80082cd11a92191168a678b4c5 b76726f41485ab0acb6f85ef9521d0a712f5365c88c938c347f2b8ead4ae67e1
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997adeab569f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i | 104.22.25.131 | 200 OK | 34 kB |
URL GET HTTP/2embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text Hashf7e0b07b11e9afd6849d71162898b11b 39c64c97af3156e39ef180345b0e2963c2974577 fad4ad07cc87584066f29c886b4dbab9fff23791c00980e0bac20be4557e7eee
GET /601d8a78c31c9117cb76441c/1etpm9q8i HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:19 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-6625f366c87"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299818debb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.99 | 200 OK | 25 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 15:37:51 GMT
expires: Tue, 06 May 2025 15:37:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 89609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.99 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 13:33:10 GMT
expires: Wed, 07 May 2025 13:33:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 10690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 345616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js | 142.250.74.164 | 200 OK | 7.5 kB |
URL GET HTTP/3www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (17588) Hash81965d03d416a0601f29281d353056f3 e3d92db7e0287b8cc16ef71877d276e7ee0030d6 a406382608bcdae48012bda3220a48d9f71b1286743116cd00db4cafd06e7487
GET /js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:50 GMT
expires: Fri, 02 May 2025 02:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 483330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.99 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:29 GMT
expires: Fri, 10 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 402831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js | 104.22.25.131 | 200 OK | 250 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65458) Size250 kB (250435 bytes) Hash5ff5b56dd253d3fd717915b2773593d3 3fcb89abd877241f130e2712b54233763d0d2b03 162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260
GET /_s/v4/app/6625f366c87/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"5ff5b56dd253d3fd717915b2773593d3"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299858d6bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.99 | 200 OK | 25 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 15:37:51 GMT
expires: Tue, 06 May 2025 15:37:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 89610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.99 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 13:33:10 GMT
expires: Wed, 07 May 2025 13:33:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 10691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css | 104.22.25.131 | 200 OK | 56 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashaa429d098305efeb3d236b3872f2da79 e0d6e416eb7c1c8f10ec76f835eda23d5c1d0ab0 5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c
GET /_s/v4/app/6625f366c87/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=78232
access-control-allow-origin: *
etag: W/"05d886069cda40a8e20243d226b04764"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: STALE
cf-cache-status: HIT
age: 591562
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a6aae40b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js | 151.101.129.229 | 200 OK | 41 kB |
URL GET HTTP/2cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js IP151.101.129.229:443
CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (32014) Hash7bb7aac0cac89a90304af1c72eb4f50d 729f6f8ca5787d89743b0ed7eb27fd76406bf985 f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 16:31:25 GMT
age: 10648136
x-served-by: cache-fra-eddf8230136-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2
|
|
| vsa118.tawk.to/s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs | 104.22.25.131 | | 0 B |
URL vsa118.tawk.to/s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs IP104.22.25.131:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs HTTP/1.1
Host: vsa118.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://link.gy
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xPG5nIaEQC4Zc13TSwZNdQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 07 May 2024 16:31:25 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: AFi+rvCXfagDxDj/C0xXhtVk1zM=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 880299a5bb60b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| va.tawk.to/log-performance/v3 | 104.22.25.131 | 200 OK | 10 kB |
URL OPTIONS HTTP/3va.tawk.to/log-performance/v3 IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with CRLF line terminators Hashfda44910deb1a460be4ac5d56d61d837 f6d0c643351580307b2eaa6a7560e76965496bc7 933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
POST /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Content-Type: application/json; charset=utf-8
Content-Length: 96
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:26 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-qvnp
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299acfa360b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/cdn-cgi/rum? | 188.114.96.1 | 204 No Content | 0 B |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 447
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl; TawkConnectionTime=0; twk_idm_key=HvW6fyoqNGAWdZYjEyq3G; twk_uuid_601d8a78c31c9117cb76441c=%7B%22uuid%22%3A%221.1Uip89zcNo60tWpVBDzVHPwMoI567GPfMV0834c9LWkIWAZIlydycP6YBGZ6OIEa6cokP2vnnIV9xLD8dg2Y7hcgn2qq3AjdMIVxsSHW137Mrgk%22%2C%22version%22%3A3%2C%22domain%22%3A%22link.gy%22%2C%22ts%22%3A1715099484902%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 16:31:44 GMT
access-control-allow-origin: https://link.gy
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 88029a21ff32568b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 | 188.114.96.1 | 200 OK | 76 kB |
URL GET HTTP/3link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75728, version 330.32636 Hash44d537ab79f921fde5a28b2c1636f397 b2879f9e1d0985a96842bf7f55a2b2cc4c636d04 3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: font/woff2
last-modified: Sun, 19 Sep 2021 01:32:26 GMT
etag: W/"4681436-127d0-5cc4f2315b65f-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8JacjVc%2F3sWe5%2Bgerg63hTU9WNEG%2BwQvxqEUoH3OUhpWjedgX8%2FYKTWKiYPv%2F4mG6TQcilKB0L9eH0aasmHe5hDjfcaaShDt6yDWg85CpkSQ2ETvW7jF0a1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997d9bac568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js | 104.22.25.131 | 200 OK | 17 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with CRLF, LF line terminators Hash7f37a030886ec7fce1d065ec482789ee 661ad608ac1513e2ccdec4cd55eb552a8604c8f6 75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
GET /_s/v4/app/6625f366c87/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:21 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"7f37a030886ec7fce1d065ec482789ee"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605607
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8802998f6c910b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css | 188.114.96.1 | 200 OK | 57 kB |
URL GET HTTP/3link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (56656) Hash41d394990448b2c2b1afe840e837dc8e 29250ef1fa6bfbda364a1112a86b2fb7157dd44b f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/@fortawesome/fontawesome-free/css/all.min.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css
last-modified: Sun, 19 Sep 2021 01:32:16 GMT
etag: W/"4641c0e-de0a-5cc4f227a9a40-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jX%2BFC9Z6vpTPIsdVwzKcJ7lEK%2BIc5qr80zXBXMseWd26lwdOgqGGPINIl9D5s7X6xgpKnKcPqowgTlvREEoEaX37Kvnw0bmX4ObpUllY5vFxQBawPB%2B8TIsV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a7e79568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (12331) Hash88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: W/"663525a8-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTbu%2B%2FLYUQ5RZmMQzB%2Bsmp2RaXmxpKJGQfCpLuBWV2nxO1a7Kon7Bkw2Ipe%2F7Q2Dsh4uiHTYbzXYRalIMEz1nPrybT9wYFvIco4J%2BqFRkcg8a8ObN9GaiiDZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ed7568b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 09 May 2024 16:31:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| link.gy/vendor/headroom.js/dist/headroom.min.js | 188.114.96.1 | 200 OK | 4.4 kB |
URL GET HTTP/3link.gy/vendor/headroom.js/dist/headroom.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (4497), with no line terminators Hash451043ecb5829647d15e028ab074dc83 d1ab378b797e57f6c502cbc3538c4497668783b7 7d2ec3872eb478545d05ed1c2627c0bd7515f4bb39c8781cac07439780d974cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/headroom.js/dist/headroom.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:31:39 GMT
etag: W/"45c1b77-1133-5cc4f2046ca43-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsy6ruERASedjTffNx0POlYY1ybtNgyNNXvGRaywyukn7NuGE%2FgnM%2B7xw61gHuGnOh7n11seYubionjYszWyO9C8QWhmWOzgcT1H3FdkILqwWsTZcu7uwSpl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d19568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js | 104.22.25.131 | 200 OK | 906 B |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (956), with no line terminators Hash7b31fafdf609238b7f4574e44057af5b f4f849145e5beaff38b9e47e3c5c3e7e4945d70a 2b7dfb20a5ee49b709a4adc3412bd7d5e00539c1ef93a1a58c4ec58816c81ed3
GET /_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4e8c20b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/app/vendor/jquery-confirm.min.css | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3link.gy/app/vendor/jquery-confirm.min.css IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (22251) Hashe47bfc7a0414aa5040e865f835c569ad 44904abb8572c8fce2c405f88dfac60a6ea1df43 5719579e9912f14030ddd2679498fc22321f9485a60d45506d70fd82b617afdf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /app/vendor/jquery-confirm.min.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css
last-modified: Fri, 17 Sep 2021 02:50:07 GMT
etag: W/"5981b3c-580a-5cc27fd3c7a85-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0pKtWaLZrkCXSmuyYckd5EYUqaU71ppoPbu7gM9gifd0u%2BPdsXeiQbhUu00Jubjkwv0JCHtJfIh%2FPhJ4bC1ZYmK651fURRQ%2FZR4xomzjr%2FYf%2F%2Bmw%2FWN78SW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a7e7f568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/favicon.ico | 188.114.96.1 | 200 OK | 109 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeMS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel Size109 kB (109246 bytes) Hash964d85fa4a90877d53fa64a085192095 d308baac6767f521b3cff79852c3cc3f625eb97f 39833111d346589cc720b9d7b0378fa45bb85911ad975b58aec64a94aef1efb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:19 GMT
content-type: image/x-icon
last-modified: Fri, 24 Sep 2021 16:06:50 GMT
etag: W/"43c1a7c-1aabe-5ccbfef5ff023-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQcB5CYsLIkTVqIaR7QRS%2BVo0BVvVTDrEJKiT%2BGck3%2Be9n3McjVAH0RK6LKhkDnr%2BIdmu1LA2wBCalFvBIhoZe9n69Zla4L84Gwzy7ELk5OruPbQR%2FGH6AWQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880299808950568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js | 104.22.25.131 | 200 OK | 9.9 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (10730), with no line terminators Hash2ed46b3171b0456fda29f3bfda5f846e 0c4834c6f96e8640bcdd46c48396a1f1f7d287b2 0c9f49f27e34e05a7e4159648875b32880d3d986ee2d70d78d6138df5e9f1654
GET /_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"70aec2dd89cac4933594c25b71d61f46"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4c89f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js | 104.22.25.131 | 200 OK | 19 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (18963), with no line terminators Hash4f773fe8050dcfd8fd096e061eed08a7 0921110716284e797a40855b98b113b683fadb51 29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018
GET /_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"4f773fe8050dcfd8fd096e061eed08a7"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 601485
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4d8b80b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: W/"663525a8-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3fFd8I6wA5HGqJKSWHM1fZdr6CcT74JIKXOtcmqyYYB7xnTPhctsmpGV4jXSGZxmTL10e3zfJU%2Fm55WN6NZKgoJ9jStlIvRUcymx5MqN%2FqyTX3zKvK1FWTk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ed6568b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 09 May 2024 16:31:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| va.tawk.to/v1/session/start | 104.22.25.131 | 200 OK | 1.0 kB |
URL POST HTTP/3va.tawk.to/v1/session/start IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1097), with no line terminators Hash75ac264360bb8456468e7f2cfbbdbcaa e22d067445d2c02f36305f81cc8d167be217290c 281ded7e16d484f4495d269a6fe8fdb450b1a8ded1380ea5dacb100969918b66
POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Content-Type: application/json; charset=utf-8
Content-Length: 169
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-t9sb
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8802998b0811b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/css/swipe.css | 188.114.96.1 | 200 OK | 846 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (562) Size846 kB (845890 bytes) Hash234e156661a196bef2e7c94771e042d4 a5782f988bf738235413764695797f8c1b8ffcf4 5f94613ccd1343b1bb7f46210e1b48a5c06846a9aa05f29145694f507f485048
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/swipe.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css
last-modified: Thu, 17 Feb 2022 21:12:41 GMT
etag: W/"4481980-ce842-5d83d3a0b1db4-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yltU8w8VZY4ZGL3sBXxhSQfwJDeg8TJxU1HBUJdTVwbdEINI5zYJlP6DQ2yfxjE5YICv7KlQKTTFp8eC68AfB0ATl1nc63ZjqUQPS6nkIlF5NV37J5VLsm4d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a7e7c568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js | 104.22.25.131 | 200 OK | 113 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65464) Size113 kB (113121 bytes) Hash44934d48f839e3143311bc044e6e0d89 a96c3d95be19a80330977acead67fd9b92ac6e4b 500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6
GET /_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"44934d48f839e3143311bc044e6e0d89"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: STALE
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 601490
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4f8d80b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/app/vendor/jquery-confirm.min.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3link.gy/app/vendor/jquery-confirm.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (27931) Hash1d6ae7e6b82dd230033595eac215ac28 4feda8ad306195d129c2d9bc918150979c68a726 29af286f1b07342cfa1fd851a65f17e105775e68715b2a81a64fc4a476328fd9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /app/vendor/jquery-confirm.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Fri, 17 Sep 2021 02:50:08 GMT
etag: W/"5981b3d-6e3e-5cc27fd46fe00-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiztZo89at1TOdfVr0%2FJ%2FuF4%2FqxiheSeUwzwu9oMRw8vTRB7ypo1ac9Oj5J7PqfYB6IfMtdb6%2Fwa6HevnireileFdW6kXvTcVCcmeDCkTMfR8VW0uZvbs3a0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d0a568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| va.tawk.to/v1/session/start | 104.22.25.131 | 200 OK | 0 B |
URL OPTIONS HTTP/3va.tawk.to/v1/session/start IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link.gy/
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-5wcg
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, s-maxage=600, max-age=600
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88029989fe16b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| vsa118.tawk.to/s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs | 104.22.25.131 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1vsa118.tawk.to/s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs HTTP/1.1
Host: vsa118.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://link.gy
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xPG5nIaEQC4Zc13TSwZNdQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 07 May 2024 16:31:25 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: AFi+rvCXfagDxDj/C0xXhtVk1zM=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 880299a5bb60b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/chrome.png | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3link.gy/assets/img/chrome.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash015efa31739f4fbbd34558066131abd6 311447b250f3be0efd2a6ad75d96f13e5c8ce79e 8e7e9abbf542663afb706198c040f77f837a2d85475b39a724c652a6c559f8fa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/chrome.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 2288
last-modified: Thu, 30 Sep 2021 20:04:49 GMT
etag: "43c1b99-8f0-5cd3bf58a0e22"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOHmK9l0wgbSeAjLfpX9SAP97vjDu6tTWiatajXzKrmx8M7qBES4iox%2FnKt0FbpKU%2F7HpE0AVlg4HPR%2BvacBnfN8VbaWSlbKXXoHKAC8YEJuufQBh9C8uWHY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ec9568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js | 104.22.25.131 | 200 OK | 18 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (18229), with no line terminators Hash6bf62c737dec7d16542425992be5986c 7f5ec461a46e4526fcf8ed0a24f758bd0168e5b0 2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e
GET /_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"6bf62c737dec7d16542425992be5986c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4c8a10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js | 104.22.25.131 | 200 OK | 699 B |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (725), with no line terminators Hash7c2c957f3cf80dadfd0cbb7c677a0869 30e8962bf64cc7349c9e61b40b8bab5aa598c63c 606127d882e34faee4895ad2cbf8a94d805fac37792c2cc2b9bc05ca3de743b1
GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"838903127a65ec440893b4945c40ca4a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4d8ad0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Spartan:wght@200;300;400;500;700&display=swap | 142.250.74.138 | 200 OK | 3.9 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Spartan:wght@200;300;400;500;700&display=swap IP142.250.74.138:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (3995), with no line terminators Hash6e657e8b47cb07649221e2c413d11f26 73acc4e9618334dbcbfbfca0232896b07e3bcbd9 d31c1a28bd5b235731891ed3fe5eafce13394ac574077861d23e01f64be52f2b
GET /css2?family=Spartan:wght@200;300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 16:31:18 GMT
date: Tue, 07 May 2024 16:31:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | 200 OK | 850 B |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeJavaScript source, ASCII text, with very long lines (850), with no line terminators Hashee87fd4035a91d937ff13613982b4170 e897502e3a58c6be2b64da98474f0d405787f5f7 7649b605b4f35666df5cbcbb03597306d9215f53f61c2a097f085fa39af9859f
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 07 May 2024 16:31:19 GMT
date: Tue, 07 May 2024 16:31:19 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js | 188.114.96.1 | 200 OK | 6.6 kB |
URL GET HTTP/3link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (6694), with no line terminators Hash34e0c1da506da6de524abcf885706dee d9f81f2001b7d7732376ce122c6673f0a9e700a5 a6551f72006f0fc7ccd4d9063cde030b15e5894ac5e00530448e67118a78f643
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:12 GMT
etag: W/"460095c-19a3-5cc4f22391843-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXYSQnwc5gvxRjTDEdVTK60iJcJjBsM1Jjqo28gKLKPYlBq2lNnLFDDXCWZIunPoxir7GN%2BbeVqIbCQUqfnJ3VJAwq8ni2QVmXdXwD5t9fq1eT2p3b%2BXavPZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d15568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/api/links | 188.114.96.1 | 200 OK | 54 B |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash21dc93b30d85707507617b2308081ba1 5ec771b94ba50d8fb5f2f43d4ba1e969302eca3f 60b92e19cca13c3a8d39fb751a791d88306eb4f893231d3441f601a76abef9a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/links HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:19 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-credentials: true
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: LINK.GY API V3
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9JE0aGLHzm0L1KCVJ3pD6k7FaTQDWBz%2FkfRWqAHB7dXV3McYhBNr9nD2TQ03hc6MsbeiDIF7JM1GY%2B6t5eFIRV7436b2metD3%2FwryIz8EnwT5mj4VJSCXmx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880299812a5a568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js | 104.22.25.131 | 200 OK | 151 B |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with no line terminators Hash04a9862af6efaf787bc8fb8e99ba6987 a57bb8f258eb1a60dc3b288a608ad8ef9fbecef3 ecc74c329a700e3e6ca29aed5ffe3c166cf39670c8b11573fa7f837f79a71b5c
GET /_s/v4/app/6625f366c87/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299859d78b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.gy/assets/js/stack_typing.min.js | 188.114.96.1 | 200 OK | 3.6 kB |
URL GET HTTP/3link.gy/assets/js/stack_typing.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (3649), with no line terminators Hasha382665eed3268bdbe90c7e084c9f68b fed3b633474b9eefcc8da3fed77b1ec68c153dbc 3aec1a629c891a35bc8b096af2caa6b21bb2bc80b060fdc062198713d85f8c5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/stack_typing.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Mon, 20 Sep 2021 22:27:51 GMT
etag: W/"43c1cd1-de1-5cc74caa77f92-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkQpr5uridYFt2eTa5J7cY2wcAinwfHoeoYBSF7jybNBHJQfMoGfgEKSgSLAvQda%2BeYRIVWR1NcggqXZufPu0A0IIdJuT98%2Bzr2iw3l1302pHbLXtdY5AxwN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e4d04568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js | 104.22.25.131 | 200 OK | 121 B |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with no line terminators Hash3b41342f7e3be590563e8e3b5ff770c7 c9ca54d23ea78b320f080b76e22bb6b4e704d55f ef04d89daeed55613a63a4af62c147ce86e4a7f22c8ce700dd6bdb11ab187e43
GET /_s/v4/app/6625f366c87/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299857d50b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js | 104.22.25.131 | 200 OK | 83 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/6625f366c87/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299858d63b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js | 104.22.25.131 | 200 OK | 217 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Size217 kB (217197 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/6625f366c87/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c73b4eb89bbe24ecf154b671ddbcafc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299858d69b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| va.tawk.to/v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null | 104.22.25.131 | 200 OK | 2.1 kB |
URL GET HTTP/3va.tawk.to/v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2455), with no line terminators Hashd5b89911b5f23b6cb9e406fdc24360ca c1884a7d3b4deaf452ad3b44f293dc9dabc6a5f6 a550938677931744e9176214c3699c73e7accc57fcd3f06b4d5651bc4782618c
GET /v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:21 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-t9sb
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-4-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299897cf2b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css | 104.22.25.131 | 200 OK | 25 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with very long lines (24751), with no line terminators Hashd4f9ad34fae3ba64cbc48057dc47e968 f8d0d55dc6e9b5d53f74b0b8bfc5e2edbdb0618d 2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
GET /_s/v4/app/6625f366c87/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24831
access-control-allow-origin: *
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 601487
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a61a640b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css | 104.22.25.131 | 200 OK | 41 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with very long lines (40772), with no line terminators Hash96be1f6983c01fe07004e163e0c6ce8a 46334521ca7c554fb7608e4e93cba4c6fac72f77 26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f
GET /_s/v4/app/6625f366c87/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=40905
access-control-allow-origin: *
etag: W/"7060c2e317491c949f29253a1286dad2"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 605619
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a69ad40b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B | 142.250.74.164 | 200 OK | 7.4 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (7675), with no line terminators Hash51595fe5438d95a996d1f7a62236c79b b28e882ee312281608c19766894a901e20b92330 0fa0311feb225078345649d81ac4a94e4ffa44304834681576bade0a1d44a815
GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 16:31:20 GMT
content-security-policy: script-src 'nonce-FFPgGJ4blc09_MnRM-KSfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| link.gy/assets/js/app.js | 188.114.96.1 | 200 OK | 30 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/app.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 20 Feb 2022 12:46:06 GMT
etag: W/"43c00ad-74e3-5d8727fdb85d1-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FSO8Ur2tlDhI846nHMrjlIfnu%2Fl9ilpzuxNh%2FGjlJn3xnRJnPUMzBaN9%2BO1VBaiwi1tm6H2Lxz4DSv%2BxEpC311CTakIeVazge9OEL9bXFgPOq7l9hqTz2Co"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d08568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc | 142.250.74.164 | 200 OK | 46 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (37085) Hash232f772286c4e269cd0a38d4e1d76884 203deb3e944f0267980af241eab3282ea876777f 20119595c0a7e838dfe3de31575b6caeb1878963390fe4e14240f12d6c4ff1ab
GET /recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 16:31:19 GMT
content-security-policy: script-src 'nonce-8I4K1d6lWAPn3h7HcxTHQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m | 142.250.74.164 | 200 OK | 102 B |
URL GET HTTP/3www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeASCII text, with no line terminators Hash284b36421a1cf446f32cb8f7987b1091 eb14d6298c9da3fb26d75b54c087ea2df9f3f05f 94ab2be973685680d0be9c08d4e1a7465f3c09053cf631126bd33f49cc2f939b
GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 May 2024 16:31:20 GMT
date: Tue, 07 May 2024 16:31:20 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js | 104.22.25.131 | 200 OK | 535 B |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js IP104.22.25.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (557), with no line terminators Hash3f4a6312d60391bda06462d7321ffcdc 9f09295297840a36d2ac95344b39b0af1a729f82 28d61df22c079e51c45b6f87db516f03cb85cf3f2c3a970be369944c3f91bcf1
GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"c506281367048d4a134c9affbc68c8c6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 597191
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4e8cc0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|