| cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css | 104.17.24.14 | 200 OK | 4.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65348) Hashc0be8e53226ac34833fd9b5dbc01ebc5 b81ef1b22de26af8a7a4656f565fbc91a69d7518 5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 53235
expires: Mon, 28 Apr 2025 19:58:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RF57T%2Bx3pJTyPOizzTrs6Y7Q6lQEQqRe6a%2BMNuQe0dgN9iOU8yPQk05548Y2u2TQtdaA0axIRVN%2BpxzIM50uyv2gnunv6IPTqi9p4gdCr4%2BWHtSwVrfmRi0uvQw7wvTNUlaQEuYv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880c06530e010b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.gy/assets/img/edge.png | 188.114.96.1 | 200 OK | 2.7 kB |
URL GET HTTP/3link.gy/assets/img/edge.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash2f31dee14f2287908d6e4e027592cc92 1a497f6a40537afa003631f56955f7d16ea61ae3 25a71e63bc88a0eff64f9626a25a45788dced11e2b774cd84755eca990becd1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/edge.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/png
content-length: 2693
last-modified: Thu, 30 Sep 2021 20:04:32 GMT
etag: "43c1b9b-a85-5cd3bf48755d5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owSdZgB6hrGL4DSEVa1DOJkmfbJgYt7hVwzXjsUtSjFy2lWp3Qy3nOmjFF%2FyoMMXnwk4%2B5JXztBuZ5MTDEIzyXBXgWOTL4svqZyIDOVL1pGUnj4QOvEyPK6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9d30b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/apple.png | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3link.gy/assets/img/apple.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash427302ea57306139700406ef196cb557 98f79c1588a9e739370408775e6146b5e29ec1e4 643fbc8cbc100f883541433f43b9024a9ccb3b71ccf7ac64c938195f05b6fbb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/apple.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/png
content-length: 1223
last-modified: Mon, 13 Dec 2021 05:14:00 GMT
etag: "43c1f39-4c7-5d30023f7d394"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsUqQHgO9vubp97kRtgR7G30KSY43wZra%2BKeTuFGWwolCsVS1L%2FfLoKnbbuoJk32Zrjn6JuT%2BvypOuTQJD4mRba1IOYevEN%2B8Os2Dhrp2rtM2GlBqHHMBE8x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9de0b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/windows.png | 188.114.96.1 | 200 OK | 960 B |
URL GET HTTP/3link.gy/assets/img/windows.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash40059e674004687021243582463cbd8b 5c5506c154401e037e540feda107e316b30af845 4082fc7f2bd1f830211bb61f147c7d35b045450040258d5b200333f1b553436f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/windows.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/png
content-length: 960
last-modified: Mon, 13 Dec 2021 05:13:36 GMT
etag: "43c1f38-3c0-5d30022870abf"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2nFzJ%2F9aKGbxgVezsLZeFgcuogv3myUrkZv%2BF8b1axkLDh0CdBpdve9lFIj5qV3ztxQYwJXmmZ5jj%2Bg6OOt5sSOYHtOZh2iDTfbmiGcSsTwk5R%2FJZthi7uV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9db0b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/chrome.png | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3link.gy/assets/img/chrome.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hash015efa31739f4fbbd34558066131abd6 311447b250f3be0efd2a6ad75d96f13e5c8ce79e 8e7e9abbf542663afb706198c040f77f837a2d85475b39a724c652a6c559f8fa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/chrome.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/png
content-length: 2288
last-modified: Thu, 30 Sep 2021 20:04:49 GMT
etag: "43c1b99-8f0-5cd3bf58a0e22"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7awVNKE0qNdmXKuy%2F1KfvFXSg0UUkNrTnwpN2NX22HMmZM5nmNh4yl057bKvsaBI49Pm%2BKwE3kfQ9PEGr1IFWSsFx2ZZAYs6QSFIaznRbKwRdil%2BxYw9dZD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9d50b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/logo-colored-transparent.png | 188.114.96.1 | 200 OK | 13 kB |
URL GET HTTP/3link.gy/assets/img/logo-colored-transparent.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 372 x 342, 8-bit/color RGBA, non-interlaced Hash424b27b61b1c020f6d7ba64c918de7cb f31598fc64599bbe3c0ed5abb35bed52256aa02d 7bf839e45c85df9f537f6fac9ba04e9bb3108974ef0b3852e8d691d268569e58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/logo-colored-transparent.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/png
content-length: 12620
last-modified: Wed, 22 Sep 2021 17:09:15 GMT
etag: "43c1a94-314c-5cc9892e7e8d9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5KdKiWnybnvS838SDUwC80KO6AP2%2BZ2LdIXrLu3Tq%2FL5%2Fxf1zCBiUB4LTRlaz%2BsyHLyJLhgOJ728Bv9rAdEIL8rAwOms17ycVr%2BnrHD6Oy3buLJnDizIY9nF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9d00b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/app-logo.png | 188.114.96.1 | 200 OK | 9.9 kB |
URL GET HTTP/3link.gy/assets/img/app-logo.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 372 x 342, 8-bit/color RGBA, non-interlaced Hashe995d5c165a6e7bb7be4430717977b7d e728ab836f693fa9f6f6da52957287aa0f6ea809 837ae4c951763d9479dddd880597a1159e19b35ec9347127b07930e7d222d60b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/app-logo.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/png
content-length: 9918
last-modified: Sun, 19 Sep 2021 01:36:53 GMT
etag: "43c0097-26be-5cc4f32fdd48c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddUZ3xL72vp4YtyKveKRlRV72Y1u0QDy%2F95Nqf3sUpxasNujCWOup00A7WX6SNsg4CQa9z%2BSCNNE%2BmOjaKIIsojmNmLX4HqsFa9zEs3oeUhPBQ96I4a%2Bp4Pb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9b60b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/css/swipe.css | 188.114.96.1 | 200 OK | 89 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (562) Hash234e156661a196bef2e7c94771e042d4 a5782f988bf738235413764695797f8c1b8ffcf4 5f94613ccd1343b1bb7f46210e1b48a5c06846a9aa05f29145694f507f485048
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/swipe.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: text/css
last-modified: Thu, 17 Feb 2022 21:12:41 GMT
etag: W/"4481980-ce842-5d83d3a0b1db4-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rckahdqPEyhEQtzxd%2FB6h9rFz95diUD6n87nZQ3%2B74oFnfOLc56knvNyLH9wEAxL%2FmY7v0F1laoUfEG%2BR%2BL9O6QIqg9EnrV8CfN5nsoLLbL4wOOHZt9Uoj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0652d9ab0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 | 216.58.207.227 | 200 OK | 32 kB |
URL GET HTTP/2fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32040, version 1.0 Hasha5f5335530ef43143612bb95c6326c94 828ff43b4460721f9dafd8de28f7634a601a87df fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af
GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 582437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 | 216.58.207.227 | 200 OK | 32 kB |
URL GET HTTP/2fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32040, version 1.0 Hasha5f5335530ef43143612bb95c6326c94 828ff43b4460721f9dafd8de28f7634a601a87df fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af
GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 582437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 | 216.58.207.227 | 200 OK | 32 kB |
URL GET HTTP/2fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32040, version 1.0 Hasha5f5335530ef43143612bb95c6326c94 828ff43b4460721f9dafd8de28f7634a601a87df fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af
GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 582437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 188.114.96.1 | 200 OK | 17 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (31157) Hashf19981a1206589b428491b57f9a8e88a 6411bc69fc781b865cb793bc3978960741de6912 65dd7585094ae8573ca13b7f61ce951edaf3c55561f327a6c1f7552a3b57f136
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: LINK.GY
set-cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52; path=/; domain=.link.gy
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcCN5mY9ErPDeNMiKG6ombLLDFIgU9L3SG%2BTlbVEA5wIyV0kKi4mnFXCFpEe53B%2ByEafV0%2Fb7ueiJuIvNWVzHlscFftyalVm%2FTJ%2BVnkUzL4AB38RmU29yw%2BQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c06504cf9b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.gy/assets/img/dashboard/profile-spacex.png | 188.114.96.1 | 200 OK | 592 kB |
URL GET HTTP/3link.gy/assets/img/dashboard/profile-spacex.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typePNG image data, 1267 x 669, 8-bit/color RGB, non-interlaced Size592 kB (592176 bytes) Hash0a5c57606d32838ddbb0211bab901620 bbd17454d05366c4a9519fa8ce9f6997d0fdd9e3 255944e4a4272ae7c24507db072653143862400ddeab5c505e6c279e093f2d40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/dashboard/profile-spacex.png HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/png
content-length: 592176
last-modified: Sun, 19 Sep 2021 13:42:29 GMT
etag: "44c1ece-90930-5cc5955ee9bb7"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1a3RnsaRYX8Sn7qsU2uxEEYlh6Bzczg7wJ0fOZEI%2Fc%2Bth0eaqLW1f3oTprVA1%2BwxJyKhK2dnyuPI1LAnDqqcdfy5ul709WI1drFlv3RShr0KZ77A2UD9Qg4M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0655ae490b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js | 104.17.24.14 | 200 OK | 2.9 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10553) Hash3f3688138a1b9fc4ef669ce9056b6674 eb41c0e88206dda6f0fd8dfbbeefdc0829a9d13d 99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
GET /ajax/libs/clipboard.js/2.0.0/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 2905
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e29-29a6"
last-modified: Mon, 04 May 2020 16:09:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5926
expires: Mon, 28 Apr 2025 19:58:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrTPbzLfpmFfd0jDtUMw2KhcTDfeV7Ogu2zFAkd3i5kb96CnxgYo0bCuU6CVFLXaA8kawCP9GKYc74aoLbrY5428yQvOmyaIqAQklsnMFPyh5SFFKdFuOQxFdgpdiuivQndPM1wt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880c06575d5db4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js | 142.250.74.106 | 200 OK | 64 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32173) Hash7403b37e7918413f5a43131b95c86abb 0c72ced078c45968712838ac683f09d0980dd0e8 c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
GET /ajax/libs/jqueryui/1.11.3/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:25 GMT
expires: Fri, 02 May 2025 01:56:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 583324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| buttons.github.io/buttons.js | 185.199.111.153 | 200 OK | 6.7 kB |
URL GET HTTP/2buttons.github.io/buttons.js IP185.199.111.153:443
CertificateIssuerDigiCert Inc Subject*.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (19342) Hashf19bf64dce0ae2233aa9c9467786d996 2ebcd1cb60fa93c7f25e3e16d4298b5bae3d657e d40cfb662c22c7374f5e76627bef0d97195cd7f3f80fac24eafb45aeec6ff69f
GET /buttons.js HTTP/1.1
Host: buttons.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Tue, 07 May 2024 07:42:39 GMT
access-control-allow-origin: *
etag: W/"6639db6f-4be0"
expires: Tue, 07 May 2024 07:52:39 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 6030:2A16A1:214708F:2233BBC:6639DC26
accept-ranges: bytes
date: Wed, 08 May 2024 19:58:29 GMT
via: 1.1 varnish
age: 325
x-served-by: cache-hel1410025-HEL
x-cache: HIT
x-cache-hits: 8
x-timer: S1715198309.076997,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 16eceb6ac5d027077dc75690dd15c27ff0a9c068
content-length: 6736
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.194.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:443
CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 19:58:29 GMT
age: 1054489
x-served-by: cache-lga21931-LGA, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 834039
x-timer: S1715198309.072675,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 | 216.58.207.227 | 200 OK | 32 kB |
URL GET HTTP/2fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32040, version 1.0 Hasha5f5335530ef43143612bb95c6326c94 828ff43b4460721f9dafd8de28f7634a601a87df fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af
GET /s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:11:11 GMT
expires: Fri, 02 May 2025 02:11:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
content-type: font/woff2
age: 582438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| link.gy/cdn-cgi/rum? | 188.114.96.1 | 204 No Content | 0 B |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1026
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 08 May 2024 19:58:29 GMT
access-control-allow-origin: https://link.gy
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 880c0659bd170b45-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js | 104.22.24.131 | 200 OK | 4.6 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (2306), with no line terminators Hashd1dc816c161b3a7313b3d42f478f140a 66e30073ff65f5b96fed00992224f97dd93453bc cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f
GET /_s/v4/app/6625f366c87/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"d1dc816c161b3a7313b3d42f478f140a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 98829
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065b0a5d0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 | 188.114.96.1 | 200 OK | 82 kB |
URL GET HTTP/3link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75728, version 330.32636 Hash22e533a13a05d190ad526cc43ff74bd0 5274d7ef897d68c608404a50f6f259e207037ac2 bef7bb2c33fe410fec5ede1b31e47f16a2486c0307214b4a22c3ec7e1a8e7e28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: font/woff2
last-modified: Sun, 19 Sep 2021 01:32:26 GMT
etag: W/"4681436-127d0-5cc4f2315b65f-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFASZVCI6ncKuBd5PJ9gVlWcKsSQQPii%2Bb4bcnOBc%2BLkZE%2BVyRjmF49OfgN4wE7Zid7F547V%2B70PWOkGCQFqh2JkRVnxobyHFp%2Bo5PcJYVU8GBy7fPEeadMp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0655ce7a0b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js | 104.22.24.131 | 200 OK | 54 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65458) Hash5ff5b56dd253d3fd717915b2773593d3 3fcb89abd877241f130e2712b54233763d0d2b03 162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260
GET /_s/v4/app/6625f366c87/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"5ff5b56dd253d3fd717915b2773593d3"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 98829
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065b0a510b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.gy/assets/js/stack_typing.min.js | 188.114.96.1 | 200 OK | 9.2 kB |
URL GET HTTP/3link.gy/assets/js/stack_typing.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (3553), with no line terminators Hash86df4feb9e7bd74fd4ba3929f94f56aa 0ade4b2db9b8cc6514c907e8aec151364ab508f8 2df51b35e8e16bed5adfcde01c2220500289a39c404c912e47b69d498ff69e59
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/stack_typing.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Mon, 20 Sep 2021 22:27:51 GMT
etag: W/"43c1cd1-de1-5cc74caa77f92-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uAs2vwJa4Bb%2B8UoQ6obD%2FBIfkWGQW9H3xxPvAiiTVLklKDpOak43oXweGNP5iFZ6Tvp7Oj7y8PSnH0vGZyTHpQ%2F3BMyU6YkzP5bJtxrFsRWJ2jZ2OUEUpJJ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c065728b40b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js | 142.250.74.35 | 200 OK | 204 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size204 kB (204445 bytes) Hashadd520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 186355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| va.tawk.to/v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null | 104.22.24.131 | 200 OK | 30 kB |
URL GET HTTP/3va.tawk.to/v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Hash5b2ac0fb02ef56dad75d54740b15532f 6bda7cac5aee8b9645b43e24227bd69a464fef01 04312461b92423ae7b69e1b4234c2d8c56789d1de589ea247631029def29a9b0
GET /v1/widget-settings?propertyId=601d8a78c31c9117cb76441c&widgetId=1etpm9q8i&sv=null HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-t9sb
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-4-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065e29ba0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| va.tawk.to/v1/session/start | 104.22.24.131 | 200 OK | 204 kB |
URL POST HTTP/3va.tawk.to/v1/session/start IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Size204 kB (204446 bytes) Hash40d5efe3a861844c24632fe15b8c41b3 f9b4fab849044d0d29f678190ac261e1388f3fbd f7268079a97199c6b279d4c8237522e4b8f918ded7bcaff29b71dedcddc2cc08
OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link.gy/
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-bvn7
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, s-maxage=600, max-age=600
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065e49f20b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 444446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js | 104.22.24.131 | 200 OK | 13 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (18963), with no line terminators Hash4f773fe8050dcfd8fd096e061eed08a7 0921110716284e797a40855b98b113b683fadb51 29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018
GET /_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"4f773fe8050dcfd8fd096e061eed08a7"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 700311
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06629a9b56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q | 142.250.74.164 | 200 OK | 2.3 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashc6706c47fb76abfef475b22947d327c1 fb80906ec3634f828b62d6545ad9bd62fb937ac4 bb43b0c7e62a11decbc66d012ab27a3dbb95aac8266fd51637d84d7355197ea8
GET /recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 08 May 2024 19:58:30 GMT
date: Wed, 08 May 2024 19:58:30 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js | 142.250.74.35 | 200 OK | 204 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size204 kB (204445 bytes) Hashadd520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 186356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css | 104.22.24.131 | 200 OK | 56 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashaa429d098305efeb3d236b3872f2da79 e0d6e416eb7c1c8f10ec76f835eda23d5c1d0ab0 5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c
GET /_s/v4/app/6625f366c87/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:31 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=78232
access-control-allow-origin: *
etag: W/"05d886069cda40a8e20243d226b04764"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: STALE
cf-cache-status: HIT
age: 690388
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06646dd156aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js | 151.101.193.229 | 200 OK | 41 kB |
URL GET HTTP/2cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js IP151.101.193.229:443
CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (32014) Hash7bb7aac0cac89a90304af1c72eb4f50d 729f6f8ca5787d89743b0ed7eb27fd76406bf985 f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Wed, 08 May 2024 19:58:31 GMT
age: 10746962
x-served-by: cache-fra-eddf8230136-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2
|
|
| vsa52.tawk.to/s/?k=663bd966bfcd9379976f593c&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtQmN6c0c5T3oxSUJxaVJrUDJqbDN4Iiwic2lkIjoiNjYzYmQ5NjZiZmNkOTM3OTk3NmY1OTNjIiwiaWF0IjoxNzE1MTk4MzEwLCJleHAiOjE3MTUyMDAxMTAsImp0aSI6Ilo1eUFzckhHTzJZTS1CWjdsQk94NyJ9.ybT_ZQGePR-nYIMceiM4eP81GYC8-mO6r-a_A52WzZ4zZupseHJPZQDRgDJhQaZfT5zEhagk0nG4tyTmfO69tQ&EIO=3&transport=websocket&__t=OzPoJcO | 172.67.38.66 | | 0 B |
URL vsa52.tawk.to/s/?k=663bd966bfcd9379976f593c&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtQmN6c0c5T3oxSUJxaVJrUDJqbDN4Iiwic2lkIjoiNjYzYmQ5NjZiZmNkOTM3OTk3NmY1OTNjIiwiaWF0IjoxNzE1MTk4MzEwLCJleHAiOjE3MTUyMDAxMTAsImp0aSI6Ilo1eUFzckhHTzJZTS1CWjdsQk94NyJ9.ybT_ZQGePR-nYIMceiM4eP81GYC8-mO6r-a_A52WzZ4zZupseHJPZQDRgDJhQaZfT5zEhagk0nG4tyTmfO69tQ&EIO=3&transport=websocket&__t=OzPoJcO IP172.67.38.66:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/?k=663bd966bfcd9379976f593c&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtQmN6c0c5T3oxSUJxaVJrUDJqbDN4Iiwic2lkIjoiNjYzYmQ5NjZiZmNkOTM3OTk3NmY1OTNjIiwiaWF0IjoxNzE1MTk4MzEwLCJleHAiOjE3MTUyMDAxMTAsImp0aSI6Ilo1eUFzckhHTzJZTS1CWjdsQk94NyJ9.ybT_ZQGePR-nYIMceiM4eP81GYC8-mO6r-a_A52WzZ4zZupseHJPZQDRgDJhQaZfT5zEhagk0nG4tyTmfO69tQ&EIO=3&transport=websocket&__t=OzPoJcO HTTP/1.1
Host: vsa52.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://link.gy
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O+bqi4Dd/cKmRzqGJMoarA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 19:58:31 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: bQuLeNM+yovELbzquQt157OfAJg=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 880c06632bd8569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css | 142.250.74.35 | 200 OK | 25 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:34:32 GMT
expires: Tue, 06 May 2025 19:34:32 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 174239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js | 142.250.74.35 | 200 OK | 204 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size204 kB (204445 bytes) Hashadd520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 186357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| link.gy/api/links | 188.114.96.1 | 200 OK | 6.1 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
Hashc06e90968187793624b28a21a32d37b2 0cd4e244237ef7fd8ebdc38919bcd81a25c83c25 bb2fa9ddece3b7f13cfba793b47ae98b7a00dee3e6b6a34fcd8dd40d88db9d2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/links HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-credentials: true
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: LINK.GY API V3
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhAAHs92tlAQJxJ1LDQbjegliEEUMx7R%2FHhlbJvCq3gkWt79m2KLGwd2cfSqUDgx2oNAQRJzS0F%2FUlPqXfjhMpfB%2BsYR0PKlQZvOH1r95nJdIOqrixemeNyQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c06597cb10b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css | 104.22.24.131 | 200 OK | 15 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with very long lines (40772), with no line terminators Hash96be1f6983c01fe07004e163e0c6ce8a 46334521ca7c554fb7608e4e93cba4c6fac72f77 26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f
GET /_s/v4/app/6625f366c87/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:31 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=40905
access-control-allow-origin: *
etag: W/"7060c2e317491c949f29253a1286dad2"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 704445
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06646dc256aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/vendor/popper.js/dist/umd/popper.min.js | 188.114.96.1 | 200 OK | 7.7 kB |
URL GET HTTP/3link.gy/vendor/popper.js/dist/umd/popper.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (21084) Hash84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/popper.js/dist/umd/popper.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:33 GMT
etag: W/"4702aa1-5309-5cc4f238516df-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sCrudCbykXMt7JOzfevA3Tak9xVFFucYgRHA1KDiZDst6gQtv3F8DtmSSwb3Ur%2FbgfaKzzBOHlkXcXIofnitdb6SMPaRzb15w2SR09S89H%2FU5ZGWqyZ3fNtp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0657691f0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js | 104.22.24.131 | 200 OK | 151 B |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with no line terminators Hash04a9862af6efaf787bc8fb8e99ba6987 a57bb8f258eb1a60dc3b288a608ad8ef9fbecef3 ecc74c329a700e3e6ca29aed5ffe3c166cf39670c8b11573fa7f837f79a71b5c
GET /_s/v4/app/6625f366c87/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065b0a620b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js | 104.22.24.131 | 200 OK | 699 B |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (725), with no line terminators Hash7c2c957f3cf80dadfd0cbb7c677a0869 30e8962bf64cc7349c9e61b40b8bab5aa598c63c 606127d882e34faee4895ad2cbf8a94d805fac37792c2cc2b9bc05ca3de743b1
GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"838903127a65ec440893b4945c40ca4a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 704444
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06628a9156aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js | 104.22.24.131 | 200 OK | 113 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65464) Size113 kB (113121 bytes) Hash44934d48f839e3143311bc044e6e0d89 a96c3d95be19a80330977acead67fd9b92ac6e4b 500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6
GET /_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"44934d48f839e3143311bc044e6e0d89"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: STALE
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 700316
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c0662aacf56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:54:07 GMT
expires: Thu, 09 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 579863
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| link.gy/vendor/bootstrap/dist/js/bootstrap.min.js | 188.114.96.1 | 200 OK | 64 kB |
URL GET HTTP/3link.gy/vendor/bootstrap/dist/js/bootstrap.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (63164) Hashcbbb855a6fcc5b4cd44184735e5cd773 afa27badfdb17186df0eb0a0f626eedbaa22074f bbe43f79021ee8fe705382bc99a8a124e42486a05b7fb2b534debc1b04e9373d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:31 GMT
etag: W/"46e0970-f7da-5cc4f2364b595-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2BJNL6B7guWz9phSX%2BVk4vYn81RC0Qtt%2FX4qTf%2BpxmicOXL4jrWohTf5k03WNrdWRRMytsrnerlhp1bj66HAT50G0it3NA3wwFL72NntU5TMAoCw2SLpYfIw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0657691b0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/img/illustrations/scene-3.svg | 188.114.96.1 | 200 OK | 67 kB |
URL GET HTTP/3link.gy/assets/img/illustrations/scene-3.svg IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeSVG Scalable Vector Graphics image Hash38a8a22928f4241b3704a335108fd4e8 ca0a20ca419602e199087fb3c2184b41a2fea001 e2289ae022be8c418d8f68108176285a8964cf9852feb18fc4a00c0448a6dcac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/illustrations/scene-3.svg HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/svg+xml
last-modified: Sun, 19 Sep 2021 01:36:58 GMT
etag: W/"44a0543-10702-5cc4f3345367c-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leFcGzraIpiq1Xm7YHjMd5sxbzJgabix1g%2BhJ8GmFLv37yNTgFQ7DLlo3py5Wmg4PKuZJ37uvRsX7Ux7z39CY%2BNQN7MEP17yY9%2BH2MR0DOmrJHZmnKTTraem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0652e9d70b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js | 104.22.24.131 | 200 OK | 83 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/6625f366c87/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065b0a4b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B | 142.250.74.164 | 200 OK | 7.4 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (7675), with no line terminators Hashb49aabda1b30a552c75cae61b2735105 309271ba517128a805e75d7f2504a1f630fbf013 23a7f33755c2b0cc3812db01416d21129992b97b159945e6966c56ad9cdffb55
GET /recaptcha/api2/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 19:58:31 GMT
content-security-policy: script-src 'nonce-F5pUX-LZ7OSK9rSolZFHHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css | 188.114.96.1 | 200 OK | 57 kB |
URL GET HTTP/3link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (56656) Hash41d394990448b2c2b1afe840e837dc8e 29250ef1fa6bfbda364a1112a86b2fb7157dd44b f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/@fortawesome/fontawesome-free/css/all.min.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: text/css
last-modified: Sun, 19 Sep 2021 01:32:16 GMT
etag: W/"4641c0e-de0a-5cc4f227a9a40-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BGAYlo0lE77aVtYE0DO%2BoTusRBAcO8Eg2uo1H5RG6Rkkm8lIG8a2Wfb5kHjRM9O7YxyExZEj4g4HFWf3x4IIW8BjRLdckuq0ku12EZXxnOWPdgg4m6g6%2B71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0652d9a20b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js | 104.22.24.131 | 200 OK | 121 B |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with no line terminators Hash3b41342f7e3be590563e8e3b5ff770c7 c9ca54d23ea78b320f080b76e22bb6b4e704d55f ef04d89daeed55613a63a4af62c147ce86e4a7f22c8ce700dd6bdb11ab187e43
GET /_s/v4/app/6625f366c87/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 98829
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065afa460b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g | 142.250.74.164 | 200 OK | 48 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (39141) Hash21dda615aadff89e3a0e3935ff781e3e 3a4da36bdbfd76c49c79b095ebafe246dd13e10e 5ab86f0d62dec01ae073d5808d1c41b1b8ce54afaafc9fcc13d0985a227fbfa5
GET /recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 19:58:30 GMT
content-security-policy: script-src 'nonce-FZ_FD9GJirmBWYq8-KWr2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js | 142.250.74.164 | 200 OK | 18 kB |
URL GET HTTP/3www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (17624) Hash1b84878b10f495c0906cf29733630286 f0253a2a4155c4b073f72bb19d81f6a065b3671a 475e7c98ff87111f1c17ed96d5de19b3703ef37d3db768817fdad7c6c9ae18e6
GET /js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTJWkUAAAAALN1cZzv8_rjw_t2zP_19rxSus1B&co=aHR0cHM6Ly9saW5rLmd5OjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=68l037l4sz8g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7467
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:25 GMT
expires: Sat, 03 May 2025 03:22:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 491765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| link.gy/vendor/headroom.js/dist/headroom.min.js | 188.114.96.1 | 200 OK | 4.4 kB |
URL GET HTTP/3link.gy/vendor/headroom.js/dist/headroom.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (4497), with no line terminators Hash451043ecb5829647d15e028ab074dc83 d1ab378b797e57f6c502cbc3538c4497668783b7 7d2ec3872eb478545d05ed1c2627c0bd7515f4bb39c8781cac07439780d974cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/headroom.js/dist/headroom.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:31:39 GMT
etag: W/"45c1b77-1133-5cc4f2046ca43-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxO8sedtESTrKu3LuBot%2F5Wq5Caavbp0HSq0IDr6STwKFP5Q5dh4ClHWDrERgAkYjUswn%2BC339ROaRpmP5Oz2h0hbRfXvtvSqeOZ1P41PY7IoetqKMXmiYUQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0657691a0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i | 104.22.24.131 | 200 OK | 2.1 kB |
URL GET HTTP/2embed.tawk.to/601d8a78c31c9117cb76441c/1etpm9q8i IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (2310), with no line terminators Hashc75043f47b4279e3beb2c62ca946f55c b5dd9fb69ee5df80aa4a5453437fe37014264ea4 82ece2723adef3f60aaaf5604f350345439121dbe679311e302b2751a94adbc2
GET /601d8a78c31c9117cb76441c/1etpm9q8i HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-6625f366c87"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c0659b8550b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js | 104.22.24.131 | 200 OK | 9.9 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (10730), with no line terminators Hash2ed46b3171b0456fda29f3bfda5f846e 0c4834c6f96e8640bcdd46c48396a1f1f7d287b2 0c9f49f27e34e05a7e4159648875b32880d3d986ee2d70d78d6138df5e9f1654
GET /_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"70aec2dd89cac4933594c25b71d61f46"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 704444
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06628a7456aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Spartan:wght@200;300;400;500;700&display=swap | 142.250.74.106 | 200 OK | 3.9 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Spartan:wght@200;300;400;500;700&display=swap IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (3995), with no line terminators Hash6e657e8b47cb07649221e2c413d11f26 73acc4e9618334dbcbfbfca0232896b07e3bcbd9 d31c1a28bd5b235731891ed3fe5eafce13394ac574077861d23e01f64be52f2b
GET /css2?family=Spartan:wght@200;300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:58:28 GMT
date: Wed, 08 May 2024 19:58:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| link.gy/app/vendor/jquery-confirm.min.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3link.gy/app/vendor/jquery-confirm.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (27931) Hash1d6ae7e6b82dd230033595eac215ac28 4feda8ad306195d129c2d9bc918150979c68a726 29af286f1b07342cfa1fd851a65f17e105775e68715b2a81a64fc4a476328fd9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /app/vendor/jquery-confirm.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Fri, 17 Sep 2021 02:50:08 GMT
etag: W/"5981b3d-6e3e-5cc27fd46fe00-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTkboUTNHDe%2B7x5vAIhIDz5U3dxXKRjuCBDS2%2F7sV2w7EAtAQ1FHSnvhkCfGikCt7yALulm50zuSt%2FvYWccbe3GXweGLF0WGzbBul6KVnaTy%2BfZ4yrIVahlM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c065728b80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js | 104.22.24.131 | 200 OK | 217 kB |
URL GET HTTP/2embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Size217 kB (217197 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/6625f366c87/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c73b4eb89bbe24ecf154b671ddbcafc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 98829
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c065b0a4e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js | 104.22.24.131 | 200 OK | 906 B |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (956), with no line terminators Hash7b31fafdf609238b7f4574e44057af5b f4f849145e5beaff38b9e47e3c5c3e7e4945d70a 2b7dfb20a5ee49b709a4adc3412bd7d5e00539c1ef93a1a58c4ec58816c81ed3
GET /_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 704444
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06629abe56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| va.tawk.to/log-performance/v3 | 104.22.24.131 | 200 OK | 0 B |
URL OPTIONS HTTP/3va.tawk.to/log-performance/v3 IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link.gy/
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:31 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-hrlv
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, s-maxage=600, max-age=600
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06675add56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | 200 OK | 850 B |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeJavaScript source, ASCII text, with very long lines (850), with no line terminators Hashcc9da74bc51547f7da14aea584e7bd4e cb70339c904703d3a88777889e63b867a04ab2d1 9d640e16608a79d4f95372f1dd9c1edf1322993b6f0d6ec224ff0f01d2053d64
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 08 May 2024 19:58:29 GMT
date: Wed, 08 May 2024 19:58:29 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js | 188.114.96.1 | 200 OK | 6.6 kB |
URL GET HTTP/3link.gy/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (6694), with no line terminators Hash34e0c1da506da6de524abcf885706dee d9f81f2001b7d7732376ce122c6673f0a9e700a5 a6551f72006f0fc7ccd4d9063cde030b15e5894ac5e00530448e67118a78f643
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:32:12 GMT
etag: W/"460095c-19a3-5cc4f22391843-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZ%2BTqWvVrlVGO5QNg7ze3gFJr3CVotRCShSOu7e8zuoynuSs8wQKoPd61HNFYbSurz1PUqpzk1p4UEg6yyuK67rL%2Bxs5kwCyjH4l2lUjFVUAfh6jCReDooj5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0657690b0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/favicon.ico | 188.114.96.1 | 200 OK | 109 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeMS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel Size109 kB (109246 bytes) Hash964d85fa4a90877d53fa64a085192095 d308baac6767f521b3cff79852c3cc3f625eb97f 39833111d346589cc720b9d7b0378fa45bb85911ad975b58aec64a94aef1efb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: image/x-icon
last-modified: Fri, 24 Sep 2021 16:06:50 GMT
etag: W/"43c1a7c-1aabe-5ccbfef5ff023-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mB3WDNWhhFly4YBQLk7aARsKxQhWDi%2Bt26E9L48NCXRpkLEYQ1rbRw0Vbk%2Ff6xuOob8I%2FJDFbhfIQnlaa11kUEOgID3atF69NCkDY4YCjxnfjp6gXWwQD5w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c06590bff0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js | 104.22.24.131 | 200 OK | 535 B |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (557), with no line terminators Hash3f4a6312d60391bda06462d7321ffcdc 9f09295297840a36d2ac95344b39b0af1a729f82 28d61df22c079e51c45b6f87db516f03cb85cf3f2c3a970be369944c3f91bcf1
GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"c506281367048d4a134c9affbc68c8c6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 696017
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c0662aacd56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/app/vendor/jquery-confirm.min.css | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3link.gy/app/vendor/jquery-confirm.min.css IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeASCII text, with very long lines (22251) Hashe47bfc7a0414aa5040e865f835c569ad 44904abb8572c8fce2c405f88dfac60a6ea1df43 5719579e9912f14030ddd2679498fc22321f9485a60d45506d70fd82b617afdf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /app/vendor/jquery-confirm.min.css HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: text/css
last-modified: Fri, 17 Sep 2021 02:50:07 GMT
etag: W/"5981b3c-580a-5cc27fd3c7a85-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZkakUWmne96Ma2V%2FEAOUIIZzUfikD4Dh%2BuO%2FTBcJlA3H3RL6KrOjyuqvGWhHCkGUziy0bfzUshaR4VqDxqCZgMjAtIcP%2BbpesLlURvzOj2hv%2FMr28THGzeg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0652d9ad0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.79.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.79.73:443
CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com FingerprintCE:62:08:77:7A:C9:4F:2B:EB:19:EA:54:43:3D:9F:10:06:33:69:E8 ValidityWed, 08 May 2024 03:07:03 GMT - Tue, 06 Aug 2024 03:07:02 GMT
File typeJavaScript source, ASCII text, with very long lines (19189), with no line terminators Hash4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c065319be1c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css | 104.22.24.131 | 200 OK | 25 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with very long lines (24751), with no line terminators Hashd4f9ad34fae3ba64cbc48057dc47e968 f8d0d55dc6e9b5d53f74b0b8bfc5e2edbdb0618d 2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
GET /_s/v4/app/6625f366c87/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:31 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24831
access-control-allow-origin: *
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 700313
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06639c7756aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3link.gy/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 18:04:18 GMT
etag: W/"66352722-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEzicUvW2NVXbg0UqOcqV2amPNRR4KxZPSNP3x6u6g9mlC7zmDD2jJ7kKJduHBLPKMKWn%2FqRUulw48zIQtVjEGeNF79Vx8j648WVCmjxd%2Bah%2BZWQomzVyNO3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9e10b45-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 10 May 2024 19:58:28 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| link.gy/assets/img/illustrations/scene-4.svg | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3link.gy/assets/img/illustrations/scene-4.svg IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeSVG Scalable Vector Graphics image Hash9ef818f78907ba93182d2a732e6c2b3d 85019bccd4f058740c8f371b061fb335e0ff7f13 1538e5a606602f2f008d769dc6a6b43e727d15f2a8b934a0b5e743f59d1e3565
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/illustrations/scene-4.svg HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: image/svg+xml
last-modified: Sun, 19 Sep 2021 01:36:58 GMT
etag: W/"44a0544-4ad1-5cc4f3345367c-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBEK0WVro0NnM8VoJaNSReTekVkMKHADmhSLfK6ohF6TG48zsUIxczTbr6QXVsLQxBweFMNVzikbIuV1jKx4QmM0Bq9cb%2FoJX50bVKYPi%2FT%2FgZ1X7YzkVnmX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c0652e9da0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3link.gy/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (12331) Hash88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 18:04:18 GMT
etag: W/"66352722-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCDUfx38O1iTJBB8wFdb%2BYsr%2FxbTI17ziOG%2ByJY9ybAtt%2BWeYgYCVJe2iZoA88rsMz2S0zdNnr9OADfhu7apHlsg6bqVOw3TKBZb4YCfre62qe%2BNl73W9DYx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c0652e9e40b45-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 10 May 2024 19:58:28 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2 | 188.114.96.1 | 200 OK | 75 kB |
URL GET HTTP/3link.gy/vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75336, version 330.32636 Hashcccc9d29470e879e40eb70249d9a2705 5fe986cda635681b4b6bbd6111df2f26d7fca286 d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://link.gy/vendor/@fortawesome/fontawesome-free/css/all.min.css
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:28 GMT
content-type: font/woff2
last-modified: Sun, 19 Sep 2021 01:32:23 GMT
etag: W/"468142a-12648-5cc4f22ec3ce5-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wl4daqSKjQTHmTADztCLx96cYfrTLIKVavyNOhVwZxuhUM8uxzTiKAe4jW06Wa60a3BnzaKqD55B0x%2FczLhAnaymYcJNOl6rIxqipVHkzZuP4e7Ci2%2F6lr05"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c06561f070b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js | 104.22.24.131 | 200 OK | 17 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with CRLF, LF line terminators Hash7f37a030886ec7fce1d065ec482789ee 661ad608ac1513e2ccdec4cd55eb552a8604c8f6 75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
GET /_s/v4/app/6625f366c87/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"7f37a030886ec7fce1d065ec482789ee"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 704436
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06607ea056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js | 104.22.24.131 | 200 OK | 18 kB |
URL GET HTTP/3embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeJavaScript source, ASCII text, with very long lines (18229), with no line terminators Hash6bf62c737dec7d16542425992be5986c 7f5ec461a46e4526fcf8ed0a24f758bd0168e5b0 2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e
GET /_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
etag: W/"6bf62c737dec7d16542425992be5986c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 704444
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06628a8056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| vsa52.tawk.to/s/?k=663bd966bfcd9379976f593c&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtQmN6c0c5T3oxSUJxaVJrUDJqbDN4Iiwic2lkIjoiNjYzYmQ5NjZiZmNkOTM3OTk3NmY1OTNjIiwiaWF0IjoxNzE1MTk4MzEwLCJleHAiOjE3MTUyMDAxMTAsImp0aSI6Ilo1eUFzckhHTzJZTS1CWjdsQk94NyJ9.ybT_ZQGePR-nYIMceiM4eP81GYC8-mO6r-a_A52WzZ4zZupseHJPZQDRgDJhQaZfT5zEhagk0nG4tyTmfO69tQ&EIO=3&transport=websocket&__t=OzPoJcO | 172.67.38.66 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1vsa52.tawk.to/s/?k=663bd966bfcd9379976f593c&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtQmN6c0c5T3oxSUJxaVJrUDJqbDN4Iiwic2lkIjoiNjYzYmQ5NjZiZmNkOTM3OTk3NmY1OTNjIiwiaWF0IjoxNzE1MTk4MzEwLCJleHAiOjE3MTUyMDAxMTAsImp0aSI6Ilo1eUFzckhHTzJZTS1CWjdsQk94NyJ9.ybT_ZQGePR-nYIMceiM4eP81GYC8-mO6r-a_A52WzZ4zZupseHJPZQDRgDJhQaZfT5zEhagk0nG4tyTmfO69tQ&EIO=3&transport=websocket&__t=OzPoJcO IP172.67.38.66:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/?k=663bd966bfcd9379976f593c&cver=0&pop=false&asver=641&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMiLCJ2aWQiOiI2MDFkOGE3OGMzMWM5MTE3Y2I3NjQ0MWMtQmN6c0c5T3oxSUJxaVJrUDJqbDN4Iiwic2lkIjoiNjYzYmQ5NjZiZmNkOTM3OTk3NmY1OTNjIiwiaWF0IjoxNzE1MTk4MzEwLCJleHAiOjE3MTUyMDAxMTAsImp0aSI6Ilo1eUFzckhHTzJZTS1CWjdsQk94NyJ9.ybT_ZQGePR-nYIMceiM4eP81GYC8-mO6r-a_A52WzZ4zZupseHJPZQDRgDJhQaZfT5zEhagk0nG4tyTmfO69tQ&EIO=3&transport=websocket&__t=OzPoJcO HTTP/1.1
Host: vsa52.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://link.gy
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O+bqi4Dd/cKmRzqGJMoarA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 19:58:31 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: bQuLeNM+yovELbzquQt157OfAJg=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 880c06632bd8569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| va.tawk.to/log-performance/v3 | 104.22.24.131 | 200 OK | 5 B |
URL POST HTTP/3va.tawk.to/log-performance/v3 IP104.22.24.131:443
CertificateIssuerGoogle Trust Services LLC Subjecttawk.to Fingerprint83:4E:6B:81:26:A0:67:FF:06:8D:D3:DC:E5:70:3F:A3:4B:08:C5:F5 ValidityThu, 28 Mar 2024 00:13:59 GMT - Wed, 26 Jun 2024 00:13:58 GMT
File typeASCII text, with no line terminators Hash38a8a3e3b4b6a6e4f295b2e0f899b1f0 474f5fac3d23afbaf16c5a31c98dfcd956e4c186 7652c7891ed06bce4174ab00a6ee9721daf6a4286929213ecb7daf42cd866615
POST /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.gy/
Content-Type: application/json; charset=utf-8
Content-Length: 94
Origin: https://link.gy
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:31 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-7pnh
access-control-allow-origin: https://link.gy
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880c06685c7556aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/assets/js/app.js | 188.114.96.1 | 200 OK | 30 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/app.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Sun, 20 Feb 2022 12:46:06 GMT
etag: W/"43c00ad-74e3-5d8727fdb85d1-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svmiwcEh%2BE%2B%2BKDjA4LADsDMXOEPRiR5GvScInSe0WJF9YVgxY04GltuldKEBMIOWnRHjGEwpL8BcwyQCZ3ETAykL9UI1KYdEduBF40rqBYHIvZ1AU2JhI57n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c065728b70b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| link.gy/vendor/onscreen/dist/on-screen.umd.min.js | 188.114.96.1 | 200 OK | 6.7 kB |
URL GET HTTP/3link.gy/vendor/onscreen/dist/on-screen.umd.min.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectlink.gy FingerprintE2:1A:88:00:F3:6D:6F:80:29:C5:C2:90:B7:14:AF:74:E6:84:63:21 ValidityWed, 27 Mar 2024 01:51:34 GMT - Tue, 25 Jun 2024 01:51:33 GMT
File typeJavaScript source, ASCII text, with very long lines (6789), with no line terminators Hashcec0fbb69079b9a224a16b297cbda3e2 3174681ef5858dc21b4e25728742cc581ff0e393 6d2d96235dfb1aa8dc96e569c0df71673f8b376f62ae2e2196fb25490a09c6dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vendor/onscreen/dist/on-screen.umd.min.js HTTP/1.1
Host: link.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.gy/
Cookie: LINKGY=fn7vr2ngv5rrbufdus2esrnn52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 19:58:29 GMT
content-type: text/javascript
last-modified: Sun, 19 Sep 2021 01:31:40 GMT
etag: W/"45e1fbd-1a3a-5cc4f205b38e0-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSIHGuODXcjYCYse6jrZe3Lm%2BGoGJ8RhNNa3ulSMgLVEEmV2Vyxr7ZqJrGjkXJNmzMkBuHWYkWc2nOAnqWHGECVx08vyUunnUndf4%2B2%2Fm3m%2Fv1ODgVRODVtm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c065769170b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|