Report - llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc

Report Overview

Submitted URL
llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
IP
34.149.73.226
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2024-04-25 11:11:43
Access
public
Website Title
Redirecting...
Final URL
llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	866 B	8.1 kB	142.250.74.74
llink.to	521484	unknown	2015-08-27	2024-04-17	1.0 kB	9.9 kB	34.149.73.226
track.salesflare.com	unknown	2014-05-17	2015-09-02	2024-04-16	828 B	37 kB	172.66.40.106
storage.googleapis.com	420	2005-01-25	2012-08-06	2024-04-24	1.0 kB	28 kB	142.250.74.27
api.salesflare.com	751035	2014-05-17	2015-09-02	2024-04-16	2.7 kB	2.9 kB	35.186.254.174
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-24	481 B	22 kB	151.101.65.229
ceentek.com	unknown	2008-05-23	2016-02-25	2024-02-15	496 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-13	medium	llink.to/	Generic/Spear Phishing
2024-04-13	medium	llink.to/	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	track.salesflare.com/flareprovider.js	31 kB	2023-03-07	2024-04-25
Pretty URL track.salesflare.com/flareprovider.js IP 172.66.40.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:11 Last Seen2024-04-25 13:11:44 Times Seen241 Hash 23a5555e953d2d0ceed3103c542b04ed fd2a70c7925bf62dd1794dee526c94421bc5df1b 0ba6c1f976443df2baca2263f0d2145543d9622285091ba07efd10506845a895 Loading...

	track.salesflare.com/flare.js	1.7 kB	2023-12-26	2024-04-25
Pretty URL track.salesflare.com/flare.js IP 172.66.40.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-26 16:35:30 Last Seen2024-04-25 13:11:44 Times Seen74 Hash 1c626c158f9e37f87de454c266a04a9b d7f0feb84146583e0e0d4fb054af7af8f1d117f7 9c71dfde01f10e0d90d04e306947871cf27dd2a27c492b4167102fcb3013ba98 Loading...

	llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc	0 B	2023-03-07	2024-05-05
Pretty URL llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc IP 34.149.73.226 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 01:28:35 Times Seen37351369 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	storage.googleapis.com/track.salesflare.com/actual_flare.js	26 kB	2023-12-22	2024-04-25
Pretty URL storage.googleapis.com/track.salesflare.com/actual_flare.js IP 142.250.74.27 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 21:46:22 Last Seen2024-04-25 13:11:44 Times Seen762 Hash ed22a0c2b5f81cca1d1a9ae8968cc5ef 08e13f464077687253e6b3aa9c8302ce0c071533 56ebd0138aee6ae1718e9423404acdac69f3ad997abca9161cbea7f3c781ad43 Loading...

	cdn.jsdelivr.net/npm/@sentry/browser@5.29.2/build/bundle.min.js	65 kB	2023-03-07	2024-04-25
Pretty URL cdn.jsdelivr.net/npm/@sentry/browser@5.29.2/build/bundle.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:11 Last Seen2024-04-25 13:11:44 Times Seen1123 Hash 4af9488c82dd6c35a5824b5f445b4650 b6a097bc57092484c2a0822aabbeb31eebd4af14 921c1d956fb29a553a69185344a6d58aa553143e22400146222c9851d633a4b2 Loading...

	storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2668&xdm_p=1	350 B	2023-05-06	2024-04-25
Pretty URL storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2668&xdm_p=1 IP 142.250.74.27 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 00:07:58 Last Seen2024-04-25 13:11:44 Times Seen121 Hash f5d9a9f05468e208e1584a4186c03204 231fe86a34c9a5fde9fe9b5b252536ce4f3b44c7 a00e66887bcb1dc61307bc2dae95f785fabcee337923df746040d218e57fbfcb Loading...

HTTP Transactions (15)

URL IP Response Size

llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc

34.149.73.226

200 OK

6.4 kB

URL User Request GET HTTP/2
llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
IP
34.149.73.226:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerGoogle Trust Services LLC
Subjectllink.to
FingerprintDB:49:FD:C3:14:EE:3F:66:5A:F6:BC:0D:3E:C1:9E:B3:C8:84:39:79
ValidityThu, 29 Feb 2024 18:33:09 GMT - Wed, 29 May 2024 19:29:04 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
6.4 kB (6443 bytes)
Hash
78877e3ed39845f745b02a119900ec49
ce05005be81c7b86f23d9ca6723e98b923891a9c
c5cf0f3ad9be72d3e23c30fefbe544063157d47cd316c74fb012c241a9be824a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc HTTP/1.1
Host: llink.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPpabRVc4o_DQGM1yavovfnC5LfNn491gUohawjU7OtB1Se8CokmlXpAMXo8EPCcdEQaUA8
expires: Thu, 25 Apr 2024 12:11:18 GMT
date: Thu, 25 Apr 2024 11:11:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 14 Mar 2024 11:03:28 GMT
etag: "78877e3ed39845f745b02a119900ec49"
x-goog-generation: 1710414208832466
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6443
content-type: text/html
x-goog-hash: crc32c=tv1Ghg==, md5=eId+PtOYRfdFsCoRmQDsSQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 6443
server: UploadServer
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

llink.to/favicon.ico

34.149.73.226

404 Not Found

2.0 kB

URL GET HTTP/3
llink.to/favicon.ico
IP
34.149.73.226:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectllink.to
FingerprintDB:49:FD:C3:14:EE:3F:66:5A:F6:BC:0D:3E:C1:9E:B3:C8:84:39:79
ValidityThu, 29 Feb 2024 18:33:09 GMT - Wed, 29 May 2024 19:29:04 GMT

File type
HTML document, ASCII text
Size
2.0 kB (2016 bytes)
Hash
35b50977890c59dd87536447601ff3d9
6355a570e07cb6494b490056356da53c58aa7e0d
5336ac0de29405d1261215f148b2f7e6157a041a835485af261718d3d8c034d2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: llink.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
x-guploader-uploadid: ABPtcPo7aD3-pjtPoZ2hdSn2mC55rliVfDXAq9I1yYxaqmtFmhzaOTR_Z0C0T8ooInV1bgcLCUI
x-goog-generation: 1710414209111052
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2016
x-goog-hash: crc32c=Xo/u5A==, md5=NbUJd4kMWd2HU2RHYB/z2Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2016
server: UploadServer
via: 1.1 google
date: Thu, 25 Apr 2024 11:11:19 GMT
expires: Thu, 25 Apr 2024 12:11:19 GMT
cache-control: public, max-age=3600
last-modified: Thu, 14 Mar 2024 11:03:29 GMT
etag: "35b50977890c59dd87536447601ff3d9"
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

track.salesflare.com/flare.js

172.66.40.106

200 OK

11 kB

URL GET HTTP/2
track.salesflare.com/flare.js
IP
172.66.40.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerLet's Encrypt
Subjectsalesflare.com
Fingerprint74:30:DE:96:73:5D:71:FF:73:BD:05:57:BE:D6:70:FE:C6:75:0D:A8
ValidityWed, 17 Apr 2024 03:22:52 GMT - Tue, 16 Jul 2024 03:22:51 GMT

File type
data
Size
11 kB (10613 bytes)
Hash
42d26e3a6acdc0d43036243572c37cf0
a71bb5a28799ca295851f2fbc1d3a72a1f8cd223
024ca90c52b691591c1a253abde0f78ab0f91c8485221dc31291a902ecbd4321

HTTP Headers

GET /flare.js HTTP/1.1
Host: track.salesflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 11:11:18 GMT
content-type: application/javascript
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=1728
alt-svc: h3=":443"; ma=86400
content-language: en
etag: W/"2edb00c3f20826176776f68e39fc9c7c"
expires: Thu, 25 Apr 2024 13:14:53 GMT
last-modified: Thu, 28 Dec 2023 16:12:05 GMT
vary: Accept-Encoding, Origin
x-goog-generation: 1703779925409975
x-goog-hash: crc32c=RhmufQ==, md5=LtsAw/IIJhdndvaOOfycfA==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 843
x-guploader-uploadid: ABPtcPpFECzQfvJF8kBFGlN72f3AunSOtFGj6nijktC8dow5AEHjdZpwiAdVxOCgLR9jbcctw-U
cf-cache-status: HIT
age: 6913
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJw8OOmwK4PohN40T%2FtH%2FxsLJJWZ7t8%2FxSHPh1e%2BZvZxSDp8F6FhhD3UxI3tlziKxh8XZJuosQ%2FkWg4n7i9AUV5kEf5i4BXOPbLzsjrJC%2FwNzhDFLFjMPNvio8Dhatf0%2FJ1V7mkN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 879de43f8c5c569b-OSL
content-encoding: br
X-Firefox-Spdy: h2

storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2668&xdm_p=1

142.250.74.27

200 OK

460 B

URL GET HTTP/2
storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2668&xdm_p=1
IP
142.250.74.27:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectstorage.googleapis.com
Fingerprint42:33:73:56:74:C7:8E:ED:CD:00:0D:AE:0E:4F:AF:8D:9D:61:F9:1D
ValidityMon, 18 Mar 2024 20:54:36 GMT - Mon, 10 Jun 2024 20:54:35 GMT

File type
HTML document, ASCII text, with very long lines (675), with no line terminators
Size
460 B (460 bytes)
Hash
2fc435fdccc5f434cd8ee8e1eeb8a11d
f1b7d9e62fc82783e349716279de30642123f131
3d5b058f40de73e5c230de95043f17cf5c0f3e0b627f196193538d34b9514286

HTTP Headers

GET /track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2668&xdm_p=1 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoHQdoyEDeicuZZXdE1hJDr_WN3J_3qBh305lD8LZYrSkfV5UgzOW9NVx2AxoA2Vn5w0pW2CtafqA
date: Thu, 25 Apr 2024 11:11:19 GMT
cache-control: public, max-age=14400
expires: Thu, 25 Apr 2024 15:11:19 GMT
last-modified: Thu, 28 Dec 2023 16:12:08 GMT
etag: "cd29afd6a042a50e49c74a45557302c8"
vary: Accept-Encoding, Origin
x-goog-generation: 1703779928504948
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 460
content-type: text/html
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=9Devpg==, md5=zSmv1qBCpQ5Jx0pFVXMCyA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 460
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.salesflare.com/token?email=f966887b4df2469d9ba1cd32658908fc

35.186.254.174

200 OK

66 B

URL GET HTTP/2
api.salesflare.com/token?email=f966887b4df2469d9ba1cd32658908fc
IP
35.186.254.174:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.salesflare.com
Fingerprint7B:56:81:95:60:4C:C5:19:06:42:47:80:9A:C1:1F:65:8D:A9:0B:58
ValiditySat, 23 Mar 2024 22:19:29 GMT - Fri, 21 Jun 2024 23:12:22 GMT

File type
JSON text data
Size
66 B (66 bytes)
Hash
3d3cd31807b9f9bde584fea9563dbdfb
4a2fedb628b49d2b71b07b8646dcbfaba8eaf0a4
f5f3a6dfda70768492ec4ddfb0a56e8a74a1b396d66639d6e92357e5a22e32f1

HTTP Headers

GET /token?email=f966887b4df2469d9ba1cd32658908fc HTTP/1.1
Host: api.salesflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llink.to
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
vary: origin
access-control-allow-origin: https://llink.to
access-control-allow-credentials: true
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
x-cloud-trace-context: d93a4a141a29d8a2d553245bb68dff77
date: Thu, 25 Apr 2024 11:11:19 GMT
server: Google Frontend
content-length: 66
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@sentry/browser@5.29.2/build/bundle.min.js

151.101.65.229

200 OK

21 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@sentry/browser@5.29.2/build/bundle.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2668&xdm_p=1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65182)
Size
21 kB (21035 bytes)
Hash
4af9488c82dd6c35a5824b5f445b4650
b6a097bc57092484c2a0822aabbeb31eebd4af14
921c1d956fb29a553a69185344a6d58aa553143e22400146222c9851d633a4b2

HTTP Headers

GET /npm/@sentry/browser@5.29.2/build/bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://storage.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://storage.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.29.2
x-jsd-version-type: version
etag: W/"ff1f-tqCXvFcJJITCoIIqq76zHuvUrxQ"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 11:11:19 GMT
age: 4348703
x-served-by: cache-fra-etou8220037-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21035
X-Firefox-Spdy: h2

track.salesflare.com/flareprovider.js

172.66.40.106

200 OK

24 kB

URL GET HTTP/3
track.salesflare.com/flareprovider.js
IP
172.66.40.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2668&xdm_p=1
Certificate
IssuerLet's Encrypt
Subjectsalesflare.com
Fingerprint74:30:DE:96:73:5D:71:FF:73:BD:05:57:BE:D6:70:FE:C6:75:0D:A8
ValidityWed, 17 Apr 2024 03:22:52 GMT - Tue, 16 Jul 2024 03:22:51 GMT

File type
data
Size
24 kB (23781 bytes)
Hash
cf0778c980a529cc78ebf14b19cd0183
c7bb295d1239178351ab6991945837ee49648540
56ee5d17c7f2200e049a33f80d94007bef89fe311a877039acfc056a8e19cf1c

HTTP Headers

GET /flareprovider.js HTTP/1.1
Host: track.salesflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://storage.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 11:11:19 GMT
content-type: application/javascript
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=31090
alt-svc: h3=":443"; ma=86400
content-language: en
etag: W/"212be99d58796eaf397eaa1143a98547"
expires: Thu, 25 Apr 2024 13:09:28 GMT
last-modified: Thu, 28 Dec 2023 16:12:06 GMT
vary: Accept-Encoding,Origin
x-goog-generation: 1703779926287272
x-goog-hash: crc32c=9ctKkA==, md5=ISvpnVh5bq85fqoRQ6mFRw==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10695
x-guploader-uploadid: ABPtcPpmn3UfSgdMr6_AlrqLd_LkWT6He6R2pUXQ0yJng_3IKKFa2xOGaSCi9Uz7FkTpZatc9q16LaCM2g
cf-cache-status: HIT
age: 6905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHcrZImXGUCi5ljUwjOpmsd9zeBw9RfUL463ZYJf96j%2BRyaPs2T52achaxedFpD4z5Tl1bqz5pv8Wa8dtbRt2obGVlWb5MMFGqJmPppisM48GA0z0ZyZOrOvzkDss%2F2EZCP0xn5Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 879de443aa1b569c-OSL
content-encoding: br

api.salesflare.com/devices

35.186.254.174

200 OK

0 B

URL POST HTTP/3
api.salesflare.com/devices
IP
35.186.254.174:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.salesflare.com
Fingerprint7B:56:81:95:60:4C:C5:19:06:42:47:80:9A:C1:1F:65:8D:A9:0B:58
ValiditySat, 23 Mar 2024 22:19:29 GMT - Fri, 21 Jun 2024 23:12:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /devices HTTP/1.1
Host: api.salesflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Referer: https://llink.to/
Origin: https://llink.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://llink.to
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,x-salesflare-client,x-result-count,x-salesflare-actor
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-cloud-trace-context: ff5dcce631bead0e7dd985e31c8f251b
date: Thu, 25 Apr 2024 11:11:19 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.salesflare.com/devices

35.186.254.174

200 OK

16 B

URL POST HTTP/3
api.salesflare.com/devices
IP
35.186.254.174:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.salesflare.com
Fingerprint7B:56:81:95:60:4C:C5:19:06:42:47:80:9A:C1:1F:65:8D:A9:0B:58
ValiditySat, 23 Mar 2024 22:19:29 GMT - Fri, 21 Jun 2024 23:12:22 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
4b31891c6602f9eb93e01e2c8fae6b5b
8fa81ad1dfb32f71739f245218a639f4d2d5ade9
7ffb07224919dfdd54e308472b7e1e968613a93de99fd1d3b606580d3973a744

HTTP Headers

POST /devices HTTP/1.1
Host: api.salesflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer 6UCarmwgOD4odXzDDCZ2r7QUzuCRqe6tJaxEplQipGuNy
Content-Type: text/plain;charset=UTF-8
Content-Length: 2
Origin: https://llink.to
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
vary: origin
access-control-allow-origin: https://llink.to
access-control-allow-credentials: true
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-cloud-trace-context: 55abc988fe0f2b744f961a19430b1587
date: Thu, 25 Apr 2024 11:11:19 GMT
server: Google Frontend
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.salesflare.com/interactions/forward?instant=true

35.186.254.174

200 OK

0 B

URL POST HTTP/3
api.salesflare.com/interactions/forward?instant=true
IP
35.186.254.174:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.salesflare.com
Fingerprint7B:56:81:95:60:4C:C5:19:06:42:47:80:9A:C1:1F:65:8D:A9:0B:58
ValiditySat, 23 Mar 2024 22:19:29 GMT - Fri, 21 Jun 2024 23:12:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /interactions/forward?instant=true HTTP/1.1
Host: api.salesflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Referer: https://llink.to/
Origin: https://llink.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://llink.to
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,x-salesflare-client,x-result-count,x-salesflare-actor
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-cloud-trace-context: 1181767932ac92393e49af80cbf8082b
date: Thu, 25 Apr 2024 11:11:19 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.salesflare.com/interactions/forward?instant=true

35.186.254.174

200 OK

16 B

URL POST HTTP/3
api.salesflare.com/interactions/forward?instant=true
IP
35.186.254.174:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.salesflare.com
Fingerprint7B:56:81:95:60:4C:C5:19:06:42:47:80:9A:C1:1F:65:8D:A9:0B:58
ValiditySat, 23 Mar 2024 22:19:29 GMT - Fri, 21 Jun 2024 23:12:22 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

POST /interactions/forward?instant=true HTTP/1.1
Host: api.salesflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer 6UCarmwgOD4odXzDDCZ2r7QUzuCRqe6tJaxEplQipGuNy
Content-Type: text/plain;charset=UTF-8
Content-Length: 132
Origin: https://llink.to
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
vary: origin
access-control-allow-origin: https://llink.to
access-control-allow-credentials: true
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-cloud-trace-context: add7b07546439dc1fe73d6b0aa586a43
date: Thu, 25 Apr 2024 11:11:20 GMT
server: Google Frontend
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ceentek.com/

0.0.0.0

0 B

URL User Request GET
ceentek.com/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: ceentek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Montserrat:400,700

142.250.74.74

200 OK

3.4 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Montserrat:400,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (3520), with no line terminators
Size
3.4 kB (3440 bytes)
Hash
33cc8247adb15606dc2a75a81f4437bf
0640197a8569aa0d5fd4fa3e665058602cc58534
6ac4d9219bcf5a755e4bbb88b9049421a6cf4e65a409ecf8278614d0b7abc5f0

HTTP Headers

GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 11:11:19 GMT
date: Thu, 25 Apr 2024 11:11:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Montserrat:400,700

142.250.74.74

200 OK

3.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (3520), with no line terminators
Size
3.4 kB (3440 bytes)
Hash
33cc8247adb15606dc2a75a81f4437bf
0640197a8569aa0d5fd4fa3e665058602cc58534
6ac4d9219bcf5a755e4bbb88b9049421a6cf4e65a409ecf8278614d0b7abc5f0

HTTP Headers

GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 11:11:18 GMT
date: Thu, 25 Apr 2024 11:11:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

storage.googleapis.com/track.salesflare.com/actual_flare.js

142.250.74.27

200 OK

26 kB

URL GET HTTP/2
storage.googleapis.com/track.salesflare.com/actual_flare.js
IP
142.250.74.27:443
ASN
#15169 GOOGLE

Requested by
https://llink.to/?u=https://ceentek.com/&e=f966887b4df2469d9ba1cd32658908fc
Certificate
IssuerGoogle Trust Services LLC
Subjectstorage.googleapis.com
Fingerprint42:33:73:56:74:C7:8E:ED:CD:00:0D:AE:0E:4F:AF:8D:9D:61:F9:1D
ValidityMon, 18 Mar 2024 20:54:36 GMT - Mon, 10 Jun 2024 20:54:35 GMT

File type
JavaScript source, ASCII text, with very long lines (26337)
Size
26 kB (26379 bytes)
Hash
ed22a0c2b5f81cca1d1a9ae8968cc5ef
08e13f464077687253e6b3aa9c8302ce0c071533
56ebd0138aee6ae1718e9423404acdac69f3ad997abca9161cbea7f3c781ad43

HTTP Headers

GET /track.salesflare.com/actual_flare.js HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://llink.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPo0V5yujdgU9L7oXSkOxpA1gsV4lPzjYr1Od-haOFfjA3uqHcb7GFUT6aj-HVe1K_S7J2c3mn2wQg
x-goog-generation: 1703779922325627
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9294
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=2LAbDw==, md5=pyUEW0Joy3KPpNJk93u0zw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 9294
server: UploadServer
date: Thu, 25 Apr 2024 11:11:19 GMT
expires: Thu, 25 Apr 2024 15:11:19 GMT
cache-control: public, max-age=14400
last-modified: Thu, 28 Dec 2023 16:12:02 GMT
etag: "a725045b4268cb728fa4d264f77bb4cf"
content-type: application/javascript
vary: Accept-Encoding,Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP