urlscan.io logo urlscan.io
SecurityTrails logo

lnk.to Open in urlscan Pro
46.137.44.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://lnk.to/update-us
Submission Tags: falconsandbox
Submission: On February 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main IP is 46.137.44.30, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is lnk.to. The Cisco Umbrella rank of the primary domain is 50638.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 14th 2023. Valid for: 7 months.
This is the only time lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 46.137.44.30 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 3
Apex Domain
Subdomains		 Transfer
4 lnk.to
lnk.to — Cisco Umbrella Rank: 50638
89 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
0 dedyn.io Failed
web-srvconline.dedyn.io Failed
6 3
Domain Requested by
4 lnk.to lnk.to
1 pagead2.googlesyndication.com lnk.to
0 web-srvconline.dedyn.io Failed lnk.to
6 3

This site contains no links.

Subject Issuer Validity Valid
lnk.to
Amazon RSA 2048 M02		 2023-02-14 -
2023-09-07		 7 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 1 frames:

Frame: https://web-srvconline.dedyn.io/?billingupdatex
Frame ID: EEF4A3DEC44A7FEA5D7383E0F963DC77
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

89 kB
Transfer

88 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.linkedin.com/slink?code=gbPz8Yaw HTTP 301
  • https://web-srvconline.dedyn.io/?billingupdatex

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request update-us
lnk.to/ 		88 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lnk.to/update-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.44.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-44-30.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77afb0626969bee0ee299d4221f80c305cb5a59e509b8b0f654993482ad12d59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 23 Feb 2023 23:24:45 GMT
server
nginx
x-redirector-version
redirector-v3
/
lnk.to/~/tr/pageview/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnk.to/~/tr/pageview/
Requested by
Host: lnk.to
URL: https://lnk.to/update-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.44.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-44-30.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://lnk.to/update-us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 23:24:46 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lnk.to
URL: https://lnk.to/update-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 23:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49314
x-xss-protection
0
server
cafe
etag
17635795846321183488
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Feb 2023 23:24:46 GMT
/
lnk.to/~/tr/event/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnk.to/~/tr/event/
Requested by
Host: lnk.to
URL: https://lnk.to/update-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.44.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-44-30.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://lnk.to/update-us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 23:24:46 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
interact
lnk.to/~/tr/ 		70 B
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lnk.to/~/tr/interact
Requested by
Host: lnk.to
URL: https://lnk.to/update-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.44.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-44-30.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://lnk.to/update-us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Feb 2023 23:24:46 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
/
web-srvconline.dedyn.io/
Redirect Chain
  • https://www.linkedin.com/slink?code=gbPz8Yaw
  • https://web-srvconline.dedyn.io/?billingupdatex
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web-srvconline.dedyn.io
URL
https://web-srvconline.dedyn.io/?billingupdatex

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

5 Cookies

Domain/Path Name / Value
.lnk.to/ Name: LF_session_a5b728ca4bcf622193e8bfa0a1775b3c
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&d55820d0-0246-4ae5-8375-f5348790967a"
.www.linkedin.com/ Name: bscookie
Value: "v=1&202302232324462d9d8c4a-4b2f-443e-8399-c94507340036AQHuMJrNiXz7C6-3Pny2V1JbS0Mfkow0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzcxOTQ2ODY7MjswMjGhQtEXn27fIBbzB7riqJb4adjtuPO5s3/GFrkog8L/ww==
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2848:u=1:x=1:i=1677194686:t=1677281086:v=2:sig=AQFD9aL1sDqD86fdz4X_F1fy-0WaSgA2"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lnk.to
pagead2.googlesyndication.com
web-srvconline.dedyn.io
web-srvconline.dedyn.io
2a00:1450:4001:828::2002
46.137.44.30
77afb0626969bee0ee299d4221f80c305cb5a59e509b8b0f654993482ad12d59