Report - link.gy/

Report Overview

Submitted URL
link.gy/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 16:31:47
Access
public
Website Title
LINK.GY - A Free URL Shortener, Analytics, API - No Registration!
Final URL
link.gy/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
buttons.github.io	306600	2013-03-08	2014-10-06	2024-05-03	394 B	7.5 kB	185.199.109.153
embed.tawk.to	8650	unknown	2014-03-19	2024-05-07	7.8 kB	898 kB	104.22.25.131
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-05-06	478 B	16 kB	104.16.80.73
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	890 B	9.1 kB	104.17.24.14
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-07	442 B	65 kB	142.250.74.138
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-07	401 B	32 kB	151.101.2.137
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	2.1 kB	115 kB	216.58.207.227
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-07	2.4 kB	467 kB	142.250.74.99
va.tawk.to	8297	unknown	2017-01-30	2024-05-06	2.0 kB	16 kB	104.22.25.131
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-06	420 B	42 kB	151.101.129.229
vsa118.tawk.to	unknown	unknown	2020-06-19	2024-05-03	2.1 kB	832 B	104.22.25.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	460 B	4.5 kB	142.250.74.138
link.gy	unknown	unknown	2017-02-12	2024-03-24	14 kB	2.2 MB	188.114.96.1
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	2.9 kB	65 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed
2024-05-07	medium	link.gy	Sinkholed

ThreatFox

No alerts detected

JavaScript (48)

	URL	Size	First Seen	Last Seen
	link.gy/assets/js/stack_typing.min.js	3.6 kB	2023-03-09	2024-05-08
Pretty URL link.gy/assets/js/stack_typing.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:14:27 Last Seen2024-05-08 21:59:00 Times Seen7 Hash 86df4feb9e7bd74fd4ba3929f94f56aa 0ade4b2db9b8cc6514c907e8aec151364ab508f8 2df51b35e8e16bed5adfcde01c2220500289a39c404c912e47b69d498ff69e59 Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js	518 kB	2024-04-24	2024-05-15
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:18:30 Last Seen2024-05-15 19:10:18 Times Seen9003 Hash e2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b Loading...

	link.gy/vendor/popper.js/dist/umd/popper.min.js	21 kB	2023-03-07	2024-05-19
Pretty URL link.gy/vendor/popper.js/dist/umd/popper.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-05-19 09:18:53 Times Seen10885 Hash 84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Loading...

	www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js	18 kB	2024-05-07	2024-05-16
Pretty URL www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 12:02:31 Last Seen2024-05-16 08:57:28 Times Seen767 Hash 81965d03d416a0601f29281d353056f3 e3d92db7e0287b8cc16ef71877d276e7ee0030d6 a406382608bcdae48012bda3220a48d9f71b1286743116cd00db4cafd06e7487 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js	18 kB	2024-04-23	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 09:09:34 Last Seen2024-05-19 14:39:23 Times Seen414 Hash 6bf62c737dec7d16542425992be5986c 7f5ec461a46e4526fcf8ed0a24f758bd0168e5b0 2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-19
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-19 14:38:51 Times Seen275079 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	link.gy/vendor/bootstrap/dist/js/bootstrap.min.js	64 kB	2023-03-07	2024-05-08
Pretty URL link.gy/vendor/bootstrap/dist/js/bootstrap.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:50 Last Seen2024-05-08 21:59:00 Times Seen90 Hash cbbb855a6fcc5b4cd44184735e5cd773 afa27badfdb17186df0eb0a0f626eedbaa22074f bbe43f79021ee8fe705382bc99a8a124e42486a05b7fb2b534debc1b04e9373d Loading...

	embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i	2.1 kB	2024-05-07	2024-05-08
Pretty URL embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 18:31:50 Last Seen2024-05-08 21:58:59 Times Seen3 Hash f7e0b07b11e9afd6849d71162898b11b 39c64c97af3156e39ef180345b0e2963c2974577 fad4ad07cc87584066f29c886b4dbab9fff23791c00980e0bac20be4557e7eee Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js	17 kB	2023-10-31	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 10:48:20 Last Seen2024-05-19 14:39:23 Times Seen21934 Hash 7f37a030886ec7fce1d065ec482789ee 661ad608ac1513e2ccdec4cd55eb552a8604c8f6 75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e Loading...

	cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js	303 kB	2023-04-05	2024-05-18
Pretty URL cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:38 Last Seen2024-05-18 22:06:18 Times Seen59338 Hash 7bb7aac0cac89a90304af1c72eb4f50d 729f6f8ca5787d89743b0ed7eb27fd76406bf985 f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js	151 B	2023-03-07	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-19 14:39:22 Times Seen46886 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js	83 kB	2024-03-08	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:46:53 Last Seen2024-05-19 14:39:22 Times Seen647 Hash 3b341e35b39f6195793ecaf5db7c1d63 3ef56ed9ac8bfbf5347dc4592653703f59763083 548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B	0 B	2023-03-07	2024-05-19
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 14:52:57 Times Seen37829219 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js	113 kB	2024-04-23	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 09:09:33 Last Seen2024-05-19 14:39:23 Times Seen412 Hash 44934d48f839e3143311bc044e6e0d89 a96c3d95be19a80330977acead67fd9b92ac6e4b 500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6 Loading...

	link.gy/vendor/onscreen/dist/on-screen.umd.min.js	6.7 kB	2023-03-08	2024-05-14
Pretty URL link.gy/vendor/onscreen/dist/on-screen.umd.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:42:30 Last Seen2024-05-14 07:41:22 Times Seen26 Hash 9791bf308ecdbf193c1d9654b3e96789 51f21273d74891b2d1ee517f829ad86f92932c43 6a402a35f5b0ee9651fac0bd1530be47741274513bfa736647589582c0a7620b Loading...

	link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-19
Pretty URL link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-19 14:14:27 Times Seen57666 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.google.com/recaptcha/api.js	850 B	2024-04-24	2024-05-08
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:35:35 Last Seen2024-05-08 15:55:32 Times Seen1408 Hash ee87fd4035a91d937ff13613982b4170 e897502e3a58c6be2b64da98474f0d405787f5f7 7649b605b4f35666df5cbcbb03597306d9215f53f61c2a097f085fa39af9859f Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js	906 B	2023-06-02	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 11:09:48 Last Seen2024-05-19 14:39:22 Times Seen32330 Hash 1c5ecf371149feca23bd895ba9dfec4d 6f6213ae4c63d959441572d232f0425467ed05de fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84 Loading...

	link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-19
Pretty URL link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-19 14:49:48 Times Seen44450 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	86 B	2024-05-07	2024-05-08
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-05-07 18:31:50 Last Seen2024-05-08 21:58:59 Times Seen2 Hash e30c904952f7915f673109e77f5e8ef9 5c0bdd66fe71b836beb491fea454978d1b4a3033 7c92f624a6d6090af88201232291bb798dbe6ab4f3e773e29c77c38a1c09164a Loading...

	link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js	6.6 kB	2023-03-07	2024-05-14
Pretty URL link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:39 Last Seen2024-05-14 07:41:23 Times Seen232 Hash 62676384868a18036c009fa760ec1299 16e75ac6b7958c11c19bfd1248d18340241a29c3 8273d8d03942bb8c3ee319c3c8341b9fde427ab48b9fd65bc25dd5a76ebb1058 Loading...

	link.gy/assets/js/app.js	30 kB	2023-05-21	2024-05-08
Pretty URL link.gy/assets/js/app.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 15:10:10 Last Seen2024-05-08 21:58:59 Times Seen5 Hash 997ba9ad9af78cf2b07f816b51d9452e 3bf0765e2b320ae34bc0ccf84f31f4741e989afb b428659ab53f489458c79f5f8da8ce5b9a2009a854afbfbd36bbf8b95e632d26 Loading...

	unknown	333 B	2023-03-09	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:14:27 Last Seen2024-05-08 21:58:59 Times Seen4 Hash 1a164d76b93b7674a0a6e2247e1f2635 f7dc7fa9f40c84fb224c33b70e6164d1e87dc813 456f556e83535265c36e9ddd220fc7f2a28a1f6b054c47626b9bc64623a02469 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc	69 B	2023-03-07	2024-05-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-19 14:19:50 Times Seen102536 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js	217 kB	2024-03-08	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:46:54 Last Seen2024-05-19 14:39:23 Times Seen638 Hash 1c73b4eb89bbe24ecf154b671ddbcafc 75e59ec09164b620648be5cc80048372e6c62aa5 972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js	9.9 kB	2023-12-06	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 05:31:15 Last Seen2024-05-19 14:39:23 Times Seen5103 Hash 70aec2dd89cac4933594c25b71d61f46 3dfe6f517bd57abbea46dd4da776e80270d9db5f cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js	19 kB	2024-04-23	2024-05-18
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 09:09:34 Last Seen2024-05-18 22:06:18 Times Seen361 Hash 4f773fe8050dcfd8fd096e061eed08a7 0921110716284e797a40855b98b113b683fadb51 29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018 Loading...

	link.gy/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL link.gy/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 14:50:42 Times Seen350693 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js	699 B	2023-10-20	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-20 20:17:18 Last Seen2024-05-19 14:39:22 Times Seen16578 Hash 838903127a65ec440893b4945c40ca4a 827f3e5341f56fa4473d53b788af41ec6bf21b8b 89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3 Loading...

	link.gy/vendor/headroom.js/dist/headroom.min.js	4.4 kB	2023-03-07	2024-05-08
Pretty URL link.gy/vendor/headroom.js/dist/headroom.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:16:16 Last Seen2024-05-08 21:58:59 Times Seen38 Hash 08feab06407ca54faf7adf8039438900 f893b0b90bf7c7d281e76d2d56f7952daa3b4144 0d7443c2b7bb488f39a1500dcfdd37c92791925d9501df8bfb9afbec16d74237 Loading...

	link.gy/app/vendor/jquery-confirm.min.js	28 kB	2023-03-07	2024-05-14
Pretty URL link.gy/app/vendor/jquery-confirm.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2024-05-14 13:52:24 Times Seen283 Hash 1d6ae7e6b82dd230033595eac215ac28 4feda8ad306195d129c2d9bc918150979c68a726 29af286f1b07342cfa1fd851a65f17e105775e68715b2a81a64fc4a476328fd9 Loading...

	unknown	419 B	2023-03-09	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:14:27 Last Seen2024-05-08 21:58:59 Times Seen5 Hash 5a61a8b89ecec28f418e2b63d8df3bd6 97c5591a8c301b712a95d17b923026970257cfe8 493e7635865b5e41c4c96be7e781b69b8b0d427c47a068bdbeb909b648f10f0a Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 14:50:42 Times Seen350177 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js	2.3 kB	2024-04-22	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 12:41:08 Last Seen2024-05-19 14:39:22 Times Seen277 Hash d1dc816c161b3a7313b3d42f478f140a 66e30073ff65f5b96fed00992224f97dd93453bc cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js	535 B	2023-06-02	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 11:09:48 Last Seen2024-05-19 14:39:23 Times Seen32292 Hash c506281367048d4a134c9affbc68c8c6 ffa331eb81694501d6ff64ae2d1f7e667529c3ba 7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js	226 kB	2024-04-22	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 12:41:09 Last Seen2024-05-19 14:39:23 Times Seen283 Hash 5ff5b56dd253d3fd717915b2773593d3 3fcb89abd877241f130e2712b54233763d0d2b03 162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260 Loading...

	static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387	19 kB	2024-04-24	2024-05-19
Pretty URL static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:56:41 Last Seen2024-05-19 14:38:29 Times Seen2519 Hash 4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192 Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js	240 kB	2023-03-07	2024-05-15
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:34 Last Seen2024-05-15 08:09:41 Times Seen482 Hash 7403b37e7918413f5a43131b95c86abb 0c72ced078c45968712838ac683f09d0980dd0e8 c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1 Loading...

	embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js	121 B	2023-03-07	2024-05-19
Pretty URL embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-19 14:39:23 Times Seen46207 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc	37 kB	2024-05-07	2024-05-07
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 18:31:50 Last Seen2024-05-07 18:31:50 Times Seen1 Hash e26bcb59371eaa0e74eb1fb9b8ac24c2 e6f0b6cb821e0c7dcc7bb1985df427a05033ae37 9952397b5ed68afd8d949c6c3aa968d4b2dc3b6c8698b5573c5e52773ac4bd39 Loading...

	cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js	11 kB	2023-04-06	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 14:32:39 Last Seen2024-05-19 08:23:32 Times Seen442 Hash 7c35192f6f3c8655e3d1bd927b3352b7 257a1794bad17f3ae5839a178812b5b6aaffb1b3 917c34325688477abe95a4d20090d15774bd2c98c4587e6d3f0bf5944835e86d Loading...

	buttons.github.io/buttons.js	19 kB	2024-05-02	2024-05-17
Pretty URL buttons.github.io/buttons.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 17:06:26 Last Seen2024-05-17 12:37:10 Times Seen10 Hash 1ca824207efbf0f7fd267438f502ae9e 535cd2730a2d8da5efd37cd5a82fb67484bdbf78 08a77f35b66dd4ad0cca9ff8e9a303d564d463cc100366ab439c4d4f8a78cca5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 14:52:57 Times Seen37829219 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#2 Eval - 7bcead942dac3b68faa00bd6ed838619	24 kB	2024-05-07	2024-05-15
Pretty Observations First Seen2024-05-07 18:31:50 Last Seen2024-05-15 14:21:35 Times Seen3 Hash 7bcead942dac3b68faa00bd6ed838619 f3018b6af7c9ce0e0c39b4b7a682276438dca939 54b3003db61c12fd68c42641b7ae99150dab1f1dd8f1407f316f3f072f148c9c Loading...

	#3 Eval - a6fd8118297f8a73e56e46dd09d05936	10 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 18:31:50 Last Seen2024-05-07 18:31:50 Times Seen1 Hash a6fd8118297f8a73e56e46dd09d05936 85930838a0a83a16bcbb53d88342bce03134f186 e227977cfb2acd1eb3f94734141582da4145d8df842b8165a40142282b60c183 Loading...

	#4 Eval - 03a8e908da8b7af0d06bedf78bebd913	22 B	2024-05-07	2024-05-16
Pretty Observations First Seen2024-05-07 12:02:32 Last Seen2024-05-16 08:57:27 Times Seen348 Hash 03a8e908da8b7af0d06bedf78bebd913 8d01fdacd28cb0e6553c778de217fec921264978 fc8b5a8c835bdacf05301d80b52c1fa5fe1a24c87de3b39c98daefe0126bdfc8 Loading...

	#5 Eval - c6f0f814cdcdfc9653f5424f5eb3c58e	22 B	2024-05-07	2024-05-16
Pretty Observations First Seen2024-05-07 12:02:32 Last Seen2024-05-16 08:57:27 Times Seen351 Hash c6f0f814cdcdfc9653f5424f5eb3c58e ad8462f10e492ce46cd1b2cd7ede05e5a09bfd7d 87124555723b84eeab8e508883df3ba06a7eb3b83dd71db9d0130e152756a141 Loading...

	#6 Eval - b02413d7bfb5559472a50c3756efee5d	64 B	2024-05-07	2024-05-16
Pretty Observations First Seen2024-05-07 12:02:32 Last Seen2024-05-16 08:57:27 Times Seen348 Hash b02413d7bfb5559472a50c3756efee5d 2efe43482f6f71126aef45f120ad3fdc7c46d1d8 1fe8db50764e75cc0c04f2c1714216bf368592015a606563b0db6b0a88af0ac9 Loading...

HTTP Transactions (74)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.24.14

200 OK

4.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
c0be8e53226ac34833fd9b5dbc01ebc5
b81ef1b22de26af8a7a4656f565fbc91a69d7518
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 601476
expires: Sun, 27 Apr 2025 16:31:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfbXceQDUOjRKEtS%2Fuy6bKMltNBhxtk2FW9Cg7nIupTlu2e8P6rcsZL5zQJ0DKwETfFdg4Pi%2Fkj%2FAGeatmgvv2m%2FNOhHsmJQP2%2BPSjLwR22Bld7R1Uorn05tvP5D0%2B9hQ4ZNlW34"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8802997acddcb51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

link.gy/assets/img/logo-colored-transparent.png

188.114.96.1

200 OK

13 kB

URL GET HTTP/3
link.gy/assets/img/logo-colored-transparent.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
PNG image data, 372 x 342, 8-bit/color RGBA, non-interlaced
Size
13 kB (12620 bytes)
Hash
424b27b61b1c020f6d7ba64c918de7cb
f31598fc64599bbe3c0ed5abb35bed52256aa02d
7bf839e45c85df9f537f6fac9ba04e9bb3108974ef0b3852e8d691d268569e58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/logo-colored-transparent.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 12620
last-modified: Wed, 22 Sep 2021 17:09:15 GMT
etag: "43c1a94-314c-5cc9892e7e8d9"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6CjpDJkF3FrBbx3kiXxrs60diO3l6eLq0E3wNNMmbM6m85wf%2F%2FncnUpdJltaHidmzFtC5v0VgC6ucncG%2BfKDvmujdndYzlXIJSzHgdFa%2BqMpfG%2BK%2BLNzv7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ebe568b-OSL
alt-svc: h3=":443"; ma=86400

link.gy/assets/img/apple.png

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
link.gy/assets/img/apple.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1223 bytes)
Hash
427302ea57306139700406ef196cb557
98f79c1588a9e739370408775e6146b5e29ec1e4
643fbc8cbc100f883541433f43b9024a9ccb3b71ccf7ac64c938195f05b6fbb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/apple.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 1223
last-modified: Mon, 13 Dec 2021 05:14:00 GMT
etag: "43c1f39-4c7-5d30023f7d394"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BximM5ZVmlknplGJh8YUt8nVIowUpEUvY4B6wF5yKCDOHuhakO7lNFR5oCocorpy0L4cihvoRssi1wDFNWWUYi4A8XIcNjOtqNwYCiyvyqAK551dxLQtEH1z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ed3568b-OSL
alt-svc: h3=":443"; ma=86400

link.gy/assets/img/app-logo.png

188.114.96.1

200 OK

9.9 kB

URL GET HTTP/3
link.gy/assets/img/app-logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
PNG image data, 372 x 342, 8-bit/color RGBA, non-interlaced
Size
9.9 kB (9918 bytes)
Hash
e995d5c165a6e7bb7be4430717977b7d
e728ab836f693fa9f6f6da52957287aa0f6ea809
837ae4c951763d9479dddd880597a1159e19b35ec9347127b07930e7d222d60b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/app-logo.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 9918
last-modified: Sun, 19 Sep 2021 01:36:53 GMT
etag: "43c0097-26be-5cc4f32fdd48c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5AANKmBNO%2FiGdGSCBBxQdPYHHFDI9MADiLQTCWw79%2BpjGBmJoY0DNdfOauplTGVkdUbDyO%2Br6A%2B2fsY%2Bh%2FhSKDLNhkbscVvTd8R7F2dyE4CUNMxWoX%2BdSwG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a8e86568b-OSL
alt-svc: h3=":443"; ma=86400

link.gy/assets/img/edge.png

188.114.96.1

200 OK

2.7 kB

URL GET HTTP/3
link.gy/assets/img/edge.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
2.7 kB (2693 bytes)
Hash
2f31dee14f2287908d6e4e027592cc92
1a497f6a40537afa003631f56955f7d16ea61ae3
25a71e63bc88a0eff64f9626a25a45788dced11e2b774cd84755eca990becd1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/edge.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 2693
last-modified: Thu, 30 Sep 2021 20:04:32 GMT
etag: "43c1b9b-a85-5cd3bf48755d5"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ywE%2BCjDSqgy4xtqUPh2evR04wAkBJYp%2FT3I3KRFUWcP%2BWbN0GXXsSNmAuWroEXmNAMJwHj0jS8WsxikIXWYP9i27xkN5YbqYAbZAHRZHFOX3aBrbbyBI1JY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ec5568b-OSL
alt-svc: h3=":443"; ma=86400

link.gy/

188.114.96.1

200 OK

12 kB

URL User Request GET HTTP/2
link.gy/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (31157)
Size
12 kB (11811 bytes)
Hash
4a25fc9922d8483ee4eb82beb9821c9a
2c12ce102480c12f99cc8f46debd3156e49e8ed7
3c422997f1aa7d1e086eb782aec38e8f6b7760bfe4a7e7de60cd15958802508a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: LINK.GY
set-cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl; path=/; domain=.link.gy
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBjZ3s5jeopvv9YGZ6V8%2B7%2BoFuE%2FO8y6R8Md3Tbg6F8M00YzgVffvSsxLOqUcS7VhNZWn3TUdRXuUn6RpAtK85U9OfLW1l5BqOx0cV76W8KkXrObNkMjaI4w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88029977bf5a569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

link.gy/assets/img/windows.png

188.114.96.1

200 OK

960 B

URL GET HTTP/3
link.gy/assets/img/windows.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
960 B (960 bytes)
Hash
40059e674004687021243582463cbd8b
5c5506c154401e037e540feda107e316b30af845
4082fc7f2bd1f830211bb61f147c7d35b045450040258d5b200333f1b553436f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/windows.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 960
last-modified: Mon, 13 Dec 2021 05:13:36 GMT
etag: "43c1f38-3c0-5d30022870abf"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BcAXtNdSDF%2BZ4L1UVWcP9h3sVxxXH%2FMDGQNP%2F836707Z7PcDkxk3fnSZOoXV9jA4NkZNEohaGwvui4M%2BBpSgrw6neKTUYmynkQyqHwIfEGxpgkEQ3yvkXpz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ecf568b-OSL
alt-svc: h3=":443"; ma=86400

link.gy/assets/img/illustrations/scene-3.svg

188.114.96.1

200 OK

20 kB

URL GET HTTP/3
link.gy/assets/img/illustrations/scene-3.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
SVG Scalable Vector Graphics image
Size
20 kB (19991 bytes)
Hash
38a8a22928f4241b3704a335108fd4e8
ca0a20ca419602e199087fb3c2184b41a2fea001
e2289ae022be8c418d8f68108176285a8964cf9852feb18fc4a00c0448a6dcac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/illustrations/scene-3.svg HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/svg+xml
last-modified: Sun, 19 Sep 2021 01:36:58 GMT
etag: W/"44a0543-10702-5cc4f3345367c-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vee0rTpsmgvMd2S%2BoZg4mtZsFggwxQvTMGs79%2BfT%2BUhk3pHEuB2hKSLP8lFs2MpuowP%2FEZs6iLmyS8JBfcsp%2F%2BUkwPa5LWcsOxrI5f3%2FKgPkyd8R4mVBIas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a9eca568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

104.17.24.14

200 OK

2.9 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10553)
Size
2.9 kB (2905 bytes)
Hash
3f3688138a1b9fc4ef669ce9056b6674
eb41c0e88206dda6f0fd8dfbbeefdc0829a9d13d
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

HTTP Headers

GET /ajax/libs/clipboard.js/2.0.0/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2905
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e29-29a6"
last-modified: Mon, 04 May 2020 16:09:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 605624
expires: Sun, 27 Apr 2025 16:31:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QIny06nsEucuQnxwRcOKVMwovzannwxQpBlERwrOtnt3XawAEEWsQt5EhnnCzEG1Urq3VjmjnUSU%2FAfJBr7YgjRKOQnxVGjVWiNx1HUrP4fTnjKkWRkDT8LRNPqgVV2FzUFQOLX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8802997e5f76712e-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2

216.58.207.227

200 OK

32 kB

URL GET HTTP/2
fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32040, version 1.0
Size
32 kB (32040 bytes)
Hash
a5f5335530ef43143612bb95c6326c94
828ff43b4460721f9dafd8de28f7634a601a87df
fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af

HTTP Headers

GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 483607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

link.gy/assets/img/illustrations/scene-4.svg

188.114.96.1

200 OK

38 kB

URL GET HTTP/3
link.gy/assets/img/illustrations/scene-4.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
SVG Scalable Vector Graphics image
Size
38 kB (37973 bytes)
Hash
9ef818f78907ba93182d2a732e6c2b3d
85019bccd4f058740c8f371b061fb335e0ff7f13
1538e5a606602f2f008d769dc6a6b43e727d15f2a8b934a0b5e743f59d1e3565

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/illustrations/scene-4.svg HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/svg+xml
last-modified: Sun, 19 Sep 2021 01:36:58 GMT
etag: W/"44a0544-4ad1-5cc4f3345367c-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06qzqYuZpgYZrnUPbFNYYBOB0zdRGKyEabBNjz8zVwpbrC0KzWT4GL%2BrSlN%2FxB9HPFIrdFKQvD0X4RVlBSiikXHKYkMc6TUfhX33eoXc6gze6ZRLiFduaNVS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a9ecc568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2

216.58.207.227

200 OK

32 kB

URL GET HTTP/2
fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32040, version 1.0
Size
32 kB (32040 bytes)
Hash
a5f5335530ef43143612bb95c6326c94
828ff43b4460721f9dafd8de28f7634a601a87df
fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af

HTTP Headers

GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 483607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2

216.58.207.227

200 OK

32 kB

URL GET HTTP/2
fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32040, version 1.0
Size
32 kB (32040 bytes)
Hash
a5f5335530ef43143612bb95c6326c94
828ff43b4460721f9dafd8de28f7634a601a87df
fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af

HTTP Headers

GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 483607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js

142.250.74.138

200 OK

64 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32173)
Size
64 kB (64395 bytes)
Hash
7403b37e7918413f5a43131b95c86abb
0c72ced078c45968712838ac683f09d0980dd0e8
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1

HTTP Headers

GET /ajax/libs/jqueryui/1.11.3/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:25 GMT
expires: Fri, 02 May 2025 01:56:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 484493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://link.gy/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 07 May 2024 16:31:18 GMT
age: 955659
x-served-by: cache-lga21931-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 717726
x-timer: S1715099479.858434,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

link.gy/assets/img/dashboard/profile-spacex.png

188.114.96.1

200 OK

592 kB

URL GET HTTP/3
link.gy/assets/img/dashboard/profile-spacex.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
PNG image data, 1267 x 669, 8-bit/color RGB, non-interlaced
Size
592 kB (592176 bytes)
Hash
0a5c57606d32838ddbb0211bab901620
bbd17454d05366c4a9519fa8ce9f6997d0fdd9e3
255944e4a4272ae7c24507db072653143862400ddeab5c505e6c279e093f2d40

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/dashboard/profile-spacex.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 592176
last-modified: Sun, 19 Sep 2021 13:42:29 GMT
etag: "44c1ece-90930-5cc5955ee9bb7"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUgP93ejQsr1mM%2F2A2kfTj7YeI10%2FgfpPB06vxABV82jmfMF%2BrCOGSQV799hEROQgHs4v%2FKS30aSzhFpBKz1%2BYIPLd2vsn3UFSm8vHNPtQqpJ7sGAKWhmUdU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997d7b72568b-OSL
alt-svc: h3=":443"; ma=86400

buttons.github.io/buttons.js

185.199.109.153

200 OK

6.7 kB

URL GET HTTP/2
buttons.github.io/buttons.js
IP
185.199.109.153:443
ASN
#54113 FASTLY

Requested by
https://link.gy/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (19342)
Size
6.7 kB (6736 bytes)
Hash
f19bf64dce0ae2233aa9c9467786d996
2ebcd1cb60fa93c7f25e3e16d4298b5bae3d657e
d40cfb662c22c7374f5e76627bef0d97195cd7f3f80fac24eafb45aeec6ff69f

HTTP Headers

GET /buttons.js HTTP/1.1
Host: buttons.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Tue, 07 May 2024 07:42:39 GMT
access-control-allow-origin: *
etag: W/"6639db6f-4be0"
expires: Tue, 07 May 2024 07:52:39 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 6030:2A16A1:214708F:2233BBC:6639DC26
accept-ranges: bytes
date: Tue, 07 May 2024 16:31:18 GMT
via: 1.1 varnish
age: 175
x-served-by: cache-hel1410031-HEL
x-cache: HIT
x-cache-hits: 7
x-timer: S1715099479.910427,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 0b1717ed88d69f19b6ea6a5fe9b2d45db01ba0d7
content-length: 6736
X-Firefox-Spdy: h2

link.gy/vendor/bootstrap/dist/js/bootstrap.min.js

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
link.gy/vendor/bootstrap/dist/js/bootstrap.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
JavaScript source, ASCII text, with very long lines (63164)
Size
17 kB (17243 bytes)
Hash
cbbb855a6fcc5b4cd44184735e5cd773
afa27badfdb17186df0eb0a0f626eedbaa22074f
bbe43f79021ee8fe705382bc99a8a124e42486a05b7fb2b534debc1b04e9373d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:31 GMT
etag: W/"46e0970-f7da-5cc4f2364b595-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxQCWyfAg6lwh63b220cizQB%2B5Y12RFQe2CFfqhBOUjwxsB7bbVN28N4u9DBBrtE1kH0GEXp2gwa2gS3ZvK8r81e9UQA82ntmoOVl%2BLaoNIbPM67UfhVet1x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d21568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/vendor/onscreen/dist/on-screen.umd.min.js

188.114.96.1

200 OK

2.3 kB

URL GET HTTP/3
link.gy/vendor/onscreen/dist/on-screen.umd.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
JavaScript source, ASCII text, with very long lines (6666)
Size
2.3 kB (2338 bytes)
Hash
9791bf308ecdbf193c1d9654b3e96789
51f21273d74891b2d1ee517f829ad86f92932c43
6a402a35f5b0ee9651fac0bd1530be47741274513bfa736647589582c0a7620b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/onscreen/dist/on-screen.umd.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:31:40 GMT
etag: W/"45e1fbd-1a3a-5cc4f205b38e0-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yEwBBoABFVhOgbtmgLzxEaxb7GGKojp7o28sDTkN0JORb8iEN%2FjToCawKJ1gWnnkFK5ccAvlHsDjHOJgo%2B0VBhlKbghnVdGDiN2uwjjUje5HzTACjFI53yg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d17568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/vendor/popper.js/dist/umd/popper.min.js

188.114.96.1

200 OK

7.7 kB

URL GET HTTP/3
link.gy/vendor/popper.js/dist/umd/popper.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
JavaScript source, ASCII text, with very long lines (21084)
Size
7.7 kB (7681 bytes)
Hash
84415b7368fd6fc764cbe86039ce0626
62f238e73348c77eb9e865426a7d1b7de23cbb2d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/popper.js/dist/umd/popper.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:33 GMT
etag: W/"4702aa1-5309-5cc4f238516df-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FsCRXEmEA9G%2FNr4QX9DPhDEk4dSTPSBHnygaVFCLXLY3S0X0YdizOXcx3rv8GURDQCWqcYPmkWsyg33ynTrXY5kgVavr%2Brs46kIild2dh7IFsPCX8CsULgK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d25568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2

188.114.96.1

200 OK

281 kB

URL GET HTTP/3
link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 75336, version 330.32636
Size
281 kB (281139 bytes)
Hash
6ad142365cb500e443a052b4260fe5e0
543b3ee04c6423e73fefea4d48ed131a96bdcdec
4d35c05ca434fdf8fd49ea4b24a839a4bee2213873508f70a1d46ed0ab2a321a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: font/woff2
last-modified: Sun, 19 Sep 2021 01:32:23 GMT
etag: W/"468142a-12648-5cc4f22ec3ce5-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExbF1qHUSUAhN2v9e5HsQKaRdJzNaq%2FIOyALJdBqD0S9Fu8wI2P6ondHOi0shAi3uzLbqueov%2BPTZMw8GL1dB43k2ce2B8DVnyQIFSjRxL5yu2kXLskFUQpU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e1cac568b-OSL
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

104.22.25.131

200 OK

1.6 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (2306), with no line terminators
Size
1.6 kB (1643 bytes)
Hash
d1dc816c161b3a7313b3d42f478f140a
66e30073ff65f5b96fed00992224f97dd93453bc
cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"d1dc816c161b3a7313b3d42f478f140a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299859d76b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

104.16.80.73

200 OK

15 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
gzip compressed data, from Unix
Size
15 kB (15224 bytes)
Hash
8cfbb5c267eea85551e965795a82bc57
d830b0c9b4772e80082cd11a92191168a678b4c5
b76726f41485ab0acb6f85ef9521d0a712f5365c88c938c347f2b8ead4ae67e1

HTTP Headers

GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997adeab569f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i

104.22.25.131

200 OK

34 kB

URL GET HTTP/2
embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text
Size
34 kB (34407 bytes)
Hash
f7e0b07b11e9afd6849d71162898b11b
39c64c97af3156e39ef180345b0e2963c2974577
fad4ad07cc87584066f29c886b4dbab9fff23791c00980e0bac20be4557e7eee

HTTP Headers

GET /601d8a78c31c9117cb76441c/1etpm9q8i HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:19 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-6625f366c87"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299818debb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css

142.250.74.99

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 15:37:51 GMT
expires: Tue, 06 May 2025 15:37:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 89609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.99

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 13:33:10 GMT
expires: Wed, 07 May 2025 13:33:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 10690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 345616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17588)
Size
7.5 kB (7452 bytes)
Hash
81965d03d416a0601f29281d353056f3
e3d92db7e0287b8cc16ef71877d276e7ee0030d6
a406382608bcdae48012bda3220a48d9f71b1286743116cd00db4cafd06e7487

HTTP Headers

GET /js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:50 GMT
expires: Fri, 02 May 2025 02:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 483330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.99

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:29 GMT
expires: Fri, 10 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 402831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

104.22.25.131

200 OK

250 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65458)
Size
250 kB (250435 bytes)
Hash
5ff5b56dd253d3fd717915b2773593d3
3fcb89abd877241f130e2712b54233763d0d2b03
162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"5ff5b56dd253d3fd717915b2773593d3"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299858d6bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css

142.250.74.99

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 15:37:51 GMT
expires: Tue, 06 May 2025 15:37:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 89610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.99

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 13:33:10 GMT
expires: Wed, 07 May 2025 13:33:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 10691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css

104.22.25.131

200 OK

56 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
56 kB (55872 bytes)
Hash
aa429d098305efeb3d236b3872f2da79
e0d6e416eb7c1c8f10ec76f835eda23d5c1d0ab0
5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c

HTTP Headers

GET /_s/v4/app/6625f366c87/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=78232
access-control-allow-origin: *
etag: W/"05d886069cda40a8e20243d226b04764"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: STALE
cf-cache-status: HIT
age: 591562
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a6aae40b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

151.101.129.229

200 OK

41 kB

URL GET HTTP/2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://link.gy/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (32014)
Size
41 kB (41275 bytes)
Hash
7bb7aac0cac89a90304af1c72eb4f50d
729f6f8ca5787d89743b0ed7eb27fd76406bf985
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

HTTP Headers

GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 16:31:25 GMT
age: 10648136
x-served-by: cache-fra-eddf8230136-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2

vsa118.tawk.to/s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs

104.22.25.131

0 B

URL
vsa118.tawk.to/s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs HTTP/1.1
Host: vsa118.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://link.gy
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xPG5nIaEQC4Zc13TSwZNdQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 07 May 2024 16:31:25 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: AFi+rvCXfagDxDj/C0xXhtVk1zM=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 880299a5bb60b51e-OSL
alt-svc: h3=":443"; ma=86400

va.tawk.to/log-performance/v3

104.22.25.131

200 OK

10 kB

URL OPTIONS HTTP/3
va.tawk.to/log-performance/v3
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with CRLF line terminators
Size
10 kB (10206 bytes)
Hash
fda44910deb1a460be4ac5d56d61d837
f6d0c643351580307b2eaa6a7560e76965496bc7
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

HTTP Headers

POST /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Content-Type: application/json; charset=utf-8
Content-Length: 96
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:26 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-qvnp
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299acfa360b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL POST HTTP/3
link.gy/cdn-cgi/rum?
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 447
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl; TawkConnectionTime=0; twk_idm_key=HvW6fyoqNGAWdZYjEyq3G; twk_uuid_601d8a78c31c9117cb76441c=%7B%22uuid%22%3A%221.1Uip89zcNo60tWpVBDzVHPwMoI567GPfMV0834c9LWkIWAZIlydycP6YBGZ6OIEa6cokP2vnnIV9xLD8dg2Y7hcgn2qq3AjdMIVxsSHW137Mrgk%22%2C%22version%22%3A3%2C%22domain%22%3A%22link.gy%22%2C%22ts%22%3A1715099484902%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Tue, 07 May 2024 16:31:44 GMT
access-control-allow-origin: https://link.gy
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 88029a21ff32568b-OSL
x-frame-options: DENY
x-content-type-options: nosniff

link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2

188.114.96.1

200 OK

76 kB

URL GET HTTP/3
link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 75728, version 330.32636
Size
76 kB (75728 bytes)
Hash
44d537ab79f921fde5a28b2c1636f397
b2879f9e1d0985a96842bf7f55a2b2cc4c636d04
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: font/woff2
last-modified: Sun, 19 Sep 2021 01:32:26 GMT
etag: W/"4681436-127d0-5cc4f2315b65f-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8JacjVc%2F3sWe5%2Bgerg63hTU9WNEG%2BwQvxqEUoH3OUhpWjedgX8%2FYKTWKiYPv%2F4mG6TQcilKB0L9eH0aasmHe5hDjfcaaShDt6yDWg85CpkSQ2ETvW7jF0a1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997d9bac568b-OSL
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js

104.22.25.131

200 OK

17 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with CRLF, LF line terminators
Size
17 kB (17013 bytes)
Hash
7f37a030886ec7fce1d065ec482789ee
661ad608ac1513e2ccdec4cd55eb552a8604c8f6
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

HTTP Headers

GET /_s/v4/app/6625f366c87/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:21 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"7f37a030886ec7fce1d065ec482789ee"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605607
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8802998f6c910b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css

188.114.96.1

200 OK

57 kB

URL GET HTTP/3
link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
ASCII text, with very long lines (56656)
Size
57 kB (56842 bytes)
Hash
41d394990448b2c2b1afe840e837dc8e
29250ef1fa6bfbda364a1112a86b2fb7157dd44b
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/@fortawesome/fontawesome-free/css/all.min.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css
last-modified: Sun, 19 Sep 2021 01:32:16 GMT
etag: W/"4641c0e-de0a-5cc4f227a9a40-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jX%2BFC9Z6vpTPIsdVwzKcJ7lEK%2BIc5qr80zXBXMseWd26lwdOgqGGPINIl9D5s7X6xgpKnKcPqowgTlvREEoEaX37Kvnw0bmX4ObpUllY5vFxQBawPB%2B8TIsV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a7e79568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: W/"663525a8-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTbu%2B%2FLYUQ5RZmMQzB%2Bsmp2RaXmxpKJGQfCpLuBWV2nxO1a7Kon7Bkw2Ipe%2F7Q2Dsh4uiHTYbzXYRalIMEz1nPrybT9wYFvIco4J%2BqFRkcg8a8ObN9GaiiDZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ed7568b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 09 May 2024 16:31:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip

link.gy/vendor/headroom.js/dist/headroom.min.js

188.114.96.1

200 OK

4.4 kB

URL GET HTTP/3
link.gy/vendor/headroom.js/dist/headroom.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
JavaScript source, ASCII text, with very long lines (4497), with no line terminators
Size
4.4 kB (4403 bytes)
Hash
451043ecb5829647d15e028ab074dc83
d1ab378b797e57f6c502cbc3538c4497668783b7
7d2ec3872eb478545d05ed1c2627c0bd7515f4bb39c8781cac07439780d974cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/headroom.js/dist/headroom.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:31:39 GMT
etag: W/"45c1b77-1133-5cc4f2046ca43-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsy6ruERASedjTffNx0POlYY1ybtNgyNNXvGRaywyukn7NuGE%2FgnM%2B7xw61gHuGnOh7n11seYubionjYszWyO9C8QWhmWOzgcT1H3FdkILqwWsTZcu7uwSpl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d19568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js

104.22.25.131

200 OK

906 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (956), with no line terminators
Size
906 B (906 bytes)
Hash
7b31fafdf609238b7f4574e44057af5b
f4f849145e5beaff38b9e47e3c5c3e7e4945d70a
2b7dfb20a5ee49b709a4adc3412bd7d5e00539c1ef93a1a58c4ec58816c81ed3

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4e8c20b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/app/vendor/jquery-confirm.min.css

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
link.gy/app/vendor/jquery-confirm.min.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
ASCII text, with very long lines (22251)
Size
22 kB (22538 bytes)
Hash
e47bfc7a0414aa5040e865f835c569ad
44904abb8572c8fce2c405f88dfac60a6ea1df43
5719579e9912f14030ddd2679498fc22321f9485a60d45506d70fd82b617afdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/vendor/jquery-confirm.min.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css
last-modified: Fri, 17 Sep 2021 02:50:07 GMT
etag: W/"5981b3c-580a-5cc27fd3c7a85-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0pKtWaLZrkCXSmuyYckd5EYUqaU71ppoPbu7gM9gifd0u%2BPdsXeiQbhUu00Jubjkwv0JCHtJfIh%2FPhJ4bC1ZYmK651fURRQ%2FZR4xomzjr%2FYf%2F%2Bmw%2FWN78SW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a7e7f568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/favicon.ico

188.114.96.1

200 OK

109 kB

URL GET HTTP/3
link.gy/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Size
109 kB (109246 bytes)
Hash
964d85fa4a90877d53fa64a085192095
d308baac6767f521b3cff79852c3cc3f625eb97f
39833111d346589cc720b9d7b0378fa45bb85911ad975b58aec64a94aef1efb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:19 GMT
content-type: image/x-icon
last-modified: Fri, 24 Sep 2021 16:06:50 GMT
etag: W/"43c1a7c-1aabe-5ccbfef5ff023-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQcB5CYsLIkTVqIaR7QRS%2BVo0BVvVTDrEJKiT%2BGck3%2Be9n3McjVAH0RK6LKhkDnr%2BIdmu1LA2wBCalFvBIhoZe9n69Zla4L84Gwzy7ELk5OruPbQR%2FGH6AWQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880299808950568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

104.22.25.131

200 OK

9.9 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (10730), with no line terminators
Size
9.9 kB (9929 bytes)
Hash
2ed46b3171b0456fda29f3bfda5f846e
0c4834c6f96e8640bcdd46c48396a1f1f7d287b2
0c9f49f27e34e05a7e4159648875b32880d3d986ee2d70d78d6138df5e9f1654

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"70aec2dd89cac4933594c25b71d61f46"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4c89f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js

104.22.25.131

200 OK

19 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (18963), with no line terminators
Size
19 kB (18963 bytes)
Hash
4f773fe8050dcfd8fd096e061eed08a7
0921110716284e797a40855b98b113b683fadb51
29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"4f773fe8050dcfd8fd096e061eed08a7"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 601485
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4d8b80b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: W/"663525a8-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3fFd8I6wA5HGqJKSWHM1fZdr6CcT74JIKXOtcmqyYYB7xnTPhctsmpGV4jXSGZxmTL10e3zfJU%2Fm55WN6NZKgoJ9jStlIvRUcymx5MqN%2FqyTX3zKvK1FWTk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ed6568b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 09 May 2024 16:31:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip

va.tawk.to/v1/session/start

104.22.25.131

200 OK

1.0 kB

URL POST HTTP/3
va.tawk.to/v1/session/start
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1097), with no line terminators
Size
1.0 kB (1009 bytes)
Hash
75ac264360bb8456468e7f2cfbbdbcaa
e22d067445d2c02f36305f81cc8d167be217290c
281ded7e16d484f4495d269a6fe8fdb450b1a8ded1380ea5dacb100969918b66

HTTP Headers

POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Content-Type: application/json; charset=utf-8
Content-Length: 169
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-t9sb
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8802998b0811b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/css/swipe.css

188.114.96.1

200 OK

846 kB

URL GET HTTP/3
link.gy/css/swipe.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
ASCII text, with very long lines (562)
Size
846 kB (845890 bytes)
Hash
234e156661a196bef2e7c94771e042d4
a5782f988bf738235413764695797f8c1b8ffcf4
5f94613ccd1343b1bb7f46210e1b48a5c06846a9aa05f29145694f507f485048

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/swipe.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/css
last-modified: Thu, 17 Feb 2022 21:12:41 GMT
etag: W/"4481980-ce842-5d83d3a0b1db4-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yltU8w8VZY4ZGL3sBXxhSQfwJDeg8TJxU1HBUJdTVwbdEINI5zYJlP6DQ2yfxjE5YICv7KlQKTTFp8eC68AfB0ATl1nc63ZjqUQPS6nkIlF5NV37J5VLsm4d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997a7e7c568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js

104.22.25.131

200 OK

113 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65464)
Size
113 kB (113121 bytes)
Hash
44934d48f839e3143311bc044e6e0d89
a96c3d95be19a80330977acead67fd9b92ac6e4b
500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"44934d48f839e3143311bc044e6e0d89"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: STALE
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 601490
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4f8d80b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/app/vendor/jquery-confirm.min.js

188.114.96.1

200 OK

28 kB

URL GET HTTP/3
link.gy/app/vendor/jquery-confirm.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
JavaScript source, ASCII text, with very long lines (27931)
Size
28 kB (28222 bytes)
Hash
1d6ae7e6b82dd230033595eac215ac28
4feda8ad306195d129c2d9bc918150979c68a726
29af286f1b07342cfa1fd851a65f17e105775e68715b2a81a64fc4a476328fd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/vendor/jquery-confirm.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Fri, 17 Sep 2021 02:50:08 GMT
etag: W/"5981b3d-6e3e-5cc27fd46fe00-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiztZo89at1TOdfVr0%2FJ%2FuF4%2FqxiheSeUwzwu9oMRw8vTRB7ypo1ac9Oj5J7PqfYB6IfMtdb6%2Fwa6HevnireileFdW6kXvTcVCcmeDCkTMfR8VW0uZvbs3a0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d0a568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

va.tawk.to/v1/session/start

104.22.25.131

200 OK

0 B

URL OPTIONS HTTP/3
va.tawk.to/v1/session/start
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link.gy/
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-5wcg
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, s-maxage=600, max-age=600
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88029989fe16b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.22.25.131

101 Switching Protocols

0 B

URL GET HTTP/1.1
vsa118.tawk.to/s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/?k=663a575bbfcd937997221d66&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtT3MxM2J6c1NJSXVGTUFoaW43MEsxIiwic2lkIjoiNjYzYTU3NWJiZmNkOTM3OTk3MjIxZDY2IiwiaWF0IjoxNzE1MDk5NDg0LCJleHAiOjE3MTUxMDEyODQsImp0aSI6IlZsaElObWZfQjdGWkpqWVh1ZDZjaiJ9.AbWxreNuypA4QyQm5e-Zo74WSduyNJhzzc_PC3rQp6KHJgTgdVhQHczW1A3lfOmHO9VwUJFiGHKdkf4y4I34Ig&EIO=3&transport=websocket&__t=OzJvKBs HTTP/1.1
Host: vsa118.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://link.gy
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xPG5nIaEQC4Zc13TSwZNdQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 07 May 2024 16:31:25 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: AFi+rvCXfagDxDj/C0xXhtVk1zM=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 880299a5bb60b51e-OSL
alt-svc: h3=":443"; ma=86400

link.gy/assets/img/chrome.png

188.114.96.1

200 OK

2.3 kB

URL GET HTTP/3
link.gy/assets/img/chrome.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2288 bytes)
Hash
015efa31739f4fbbd34558066131abd6
311447b250f3be0efd2a6ad75d96f13e5c8ce79e
8e7e9abbf542663afb706198c040f77f837a2d85475b39a724c652a6c559f8fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/chrome.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: image/png
content-length: 2288
last-modified: Thu, 30 Sep 2021 20:04:49 GMT
etag: "43c1b99-8f0-5cd3bf58a0e22"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOHmK9l0wgbSeAjLfpX9SAP97vjDu6tTWiatajXzKrmx8M7qBES4iox%2FnKt0FbpKU%2F7HpE0AVlg4HPR%2BvacBnfN8VbaWSlbKXXoHKAC8YEJuufQBh9C8uWHY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802997a9ec9568b-OSL
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js

104.22.25.131

200 OK

18 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (18229), with no line terminators
Size
18 kB (18229 bytes)
Hash
6bf62c737dec7d16542425992be5986c
7f5ec461a46e4526fcf8ed0a24f758bd0168e5b0
2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"6bf62c737dec7d16542425992be5986c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4c8a10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js

104.22.25.131

200 OK

699 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (725), with no line terminators
Size
699 B (699 bytes)
Hash
7c2c957f3cf80dadfd0cbb7c677a0869
30e8962bf64cc7349c9e61b40b8bab5aa598c63c
606127d882e34faee4895ad2cbf8a94d805fac37792c2cc2b9bc05ca3de743b1

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"838903127a65ec440893b4945c40ca4a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 605618
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4d8ad0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Spartan:wght@200;300;400;500;700&display=swap

142.250.74.138

200 OK

3.9 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Spartan:wght@200;300;400;500;700&display=swap
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (3995), with no line terminators
Size
3.9 kB (3905 bytes)
Hash
6e657e8b47cb07649221e2c413d11f26
73acc4e9618334dbcbfbfca0232896b07e3bcbd9
d31c1a28bd5b235731891ed3fe5eafce13394ac574077861d23e01f64be52f2b

HTTP Headers

GET /css2?family=Spartan:wght@200;300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 16:31:18 GMT
date: Tue, 07 May 2024 16:31:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

850 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (850), with no line terminators
Size
850 B (850 bytes)
Hash
ee87fd4035a91d937ff13613982b4170
e897502e3a58c6be2b64da98474f0d405787f5f7
7649b605b4f35666df5cbcbb03597306d9215f53f61c2a097f085fa39af9859f

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 07 May 2024 16:31:19 GMT
date: Tue, 07 May 2024 16:31:19 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js

188.114.96.1

200 OK

6.6 kB

URL GET HTTP/3
link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
JavaScript source, ASCII text, with very long lines (6694), with no line terminators
Size
6.6 kB (6563 bytes)
Hash
34e0c1da506da6de524abcf885706dee
d9f81f2001b7d7732376ce122c6673f0a9e700a5
a6551f72006f0fc7ccd4d9063cde030b15e5894ac5e00530448e67118a78f643

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:12 GMT
etag: W/"460095c-19a3-5cc4f22391843-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXYSQnwc5gvxRjTDEdVTK60iJcJjBsM1Jjqo28gKLKPYlBq2lNnLFDDXCWZIunPoxir7GN%2BbeVqIbCQUqfnJ3VJAwq8ni2QVmXdXwD5t9fq1eT2p3b%2BXavPZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d15568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

link.gy/api/links

188.114.96.1

200 OK

54 B

URL GET HTTP/3
link.gy/api/links
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
54 B (54 bytes)
Hash
21dc93b30d85707507617b2308081ba1
5ec771b94ba50d8fb5f2f43d4ba1e969302eca3f
60b92e19cca13c3a8d39fb751a791d88306eb4f893231d3441f601a76abef9a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/links HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:19 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-credentials: true
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: LINK.GY API V3
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9JE0aGLHzm0L1KCVJ3pD6k7FaTQDWBz%2FkfRWqAHB7dXV3McYhBNr9nD2TQ03hc6MsbeiDIF7JM1GY%2B6t5eFIRV7436b2metD3%2FwryIz8EnwT5mj4VJSCXmx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880299812a5a568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js

104.22.25.131

200 OK

151 B

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with no line terminators
Size
151 B (151 bytes)
Hash
04a9862af6efaf787bc8fb8e99ba6987
a57bb8f258eb1a60dc3b288a608ad8ef9fbecef3
ecc74c329a700e3e6ca29aed5ffe3c166cf39670c8b11573fa7f837f79a71b5c

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299859d78b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

link.gy/assets/js/stack_typing.min.js

188.114.96.1

200 OK

3.6 kB

URL GET HTTP/3
link.gy/assets/js/stack_typing.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type
ASCII text, with very long lines (3649), with no line terminators
Size
3.6 kB (3553 bytes)
Hash
a382665eed3268bdbe90c7e084c9f68b
fed3b633474b9eefcc8da3fed77b1ec68c153dbc
3aec1a629c891a35bc8b096af2caa6b21bb2bc80b060fdc062198713d85f8c5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/stack_typing.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Mon, 20 Sep 2021 22:27:51 GMT
etag: W/"43c1cd1-de1-5cc74caa77f92-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkQpr5uridYFt2eTa5J7cY2wcAinwfHoeoYBSF7jybNBHJQfMoGfgEKSgSLAvQda%2BeYRIVWR1NcggqXZufPu0A0IIdJuT98%2Bzr2iw3l1302pHbLXtdY5AxwN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e4d04568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js

104.22.25.131

200 OK

121 B

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with no line terminators
Size
121 B (121 bytes)
Hash
3b41342f7e3be590563e8e3b5ff770c7
c9ca54d23ea78b320f080b76e22bb6b4e704d55f
ef04d89daeed55613a63a4af62c147ce86e4a7f22c8ce700dd6bdb11ab187e43

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299857d50b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js

104.22.25.131

200 OK

83 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
83 kB (82913 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299858d63b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js

104.22.25.131

200 OK

217 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type

Size
217 kB (217197 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:31:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c73b4eb89bbe24ecf154b671ddbcafc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299858d69b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

va.tawk.to/v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null

104.22.25.131

200 OK

2.1 kB

URL GET HTTP/3
va.tawk.to/v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2455), with no line terminators
Size
2.1 kB (2135 bytes)
Hash
d5b89911b5f23b6cb9e406fdc24360ca
c1884a7d3b4deaf452ad3b44f293dc9dabc6a5f6
a550938677931744e9176214c3699c73e7accc57fcd3f06b4d5651bc4782618c

HTTP Headers

GET /v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:21 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-t9sb
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-4-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299897cf2b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css

104.22.25.131

200 OK

25 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with very long lines (24751), with no line terminators
Size
25 kB (24751 bytes)
Hash
d4f9ad34fae3ba64cbc48057dc47e968
f8d0d55dc6e9b5d53f74b0b8bfc5e2edbdb0618d
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

HTTP Headers

GET /_s/v4/app/6625f366c87/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24831
access-control-allow-origin: *
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 601487
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a61a640b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css

104.22.25.131

200 OK

41 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
ASCII text, with very long lines (40772), with no line terminators
Size
41 kB (40772 bytes)
Hash
96be1f6983c01fe07004e163e0c6ce8a
46334521ca7c554fb7608e4e93cba4c6fac72f77
26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f

HTTP Headers

GET /_s/v4/app/6625f366c87/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=40905
access-control-allow-origin: *
etag: W/"7060c2e317491c949f29253a1286dad2"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 605619
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a69ad40b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B

142.250.74.164

200 OK

7.4 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (7675), with no line terminators
Size
7.4 kB (7444 bytes)
Hash
51595fe5438d95a996d1f7a62236c79b
b28e882ee312281608c19766894a901e20b92330
0fa0311feb225078345649d81ac4a94e4ffa44304834681576bade0a1d44a815

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 16:31:20 GMT
content-security-policy: script-src 'nonce-FFPgGJ4blc09_MnRM-KSfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

link.gy/assets/js/app.js

188.114.96.1

200 OK

30 kB

URL GET HTTP/3
link.gy/assets/js/app.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerLet's Encrypt
Subjectlink.gy
FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21
ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT

File type

Size
30 kB (29923 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/app.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=obdg56t5hmqjelqukre1h0a5vl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:18 GMT
content-type: text/javascript
last-modified: Sun, 20 Feb 2022 12:46:06 GMT
etag: W/"43c00ad-74e3-5d8727fdb85d1-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FSO8Ur2tlDhI846nHMrjlIfnu%2Fl9ilpzuxNh%2FGjlJn3xnRJnPUMzBaN9%2BO1VBaiwi1tm6H2Lxz4DSv%2BxEpC311CTakIeVazge9OEL9bXFgPOq7l9hqTz2Co"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802997e5d08568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc

142.250.74.164

200 OK

46 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (37085)
Size
46 kB (45769 bytes)
Hash
232f772286c4e269cd0a38d4e1d76884
203deb3e944f0267980af241eab3282ea876777f
20119595c0a7e838dfe3de31575b6caeb1878963390fe4e14240f12d6c4ff1ab

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 16:31:19 GMT
content-security-policy: script-src 'nonce-8I4K1d6lWAPn3h7HcxTHQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m

142.250.74.164

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
284b36421a1cf446f32cb8f7987b1091
eb14d6298c9da3fb26d75b54c087ea2df9f3f05f
94ab2be973685680d0be9c08d4e1a7465f3c09053cf631126bd33f49cc2f939b

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=b31isead5wc
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 May 2024 16:31:20 GMT
date: Tue, 07 May 2024 16:31:20 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js

104.22.25.131

200 OK

535 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://link.gy/
Certificate
IssuerGoogle Trust Services LLC
Subjecttawk.to
Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5
ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT

File type
JavaScript source, ASCII text, with very long lines (557), with no line terminators
Size
535 B (535 bytes)
Hash
3f4a6312d60391bda06462d7321ffcdc
9f09295297840a36d2ac95344b39b0af1a729f82
28d61df22c079e51c45b6f87db516f03cb85cf3f2c3a970be369944c3f91bcf1

HTTP Headers

GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 16:31:24 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"c506281367048d4a134c9affbc68c8c6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 597191
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880299a4e8cc0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML