urlscan.io logo urlscan.io
SecurityTrails logo

uunderbridge.com Open in urlscan Pro
195.225.173.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.linkedin.com/slink?code=esbVW5_r&code2=92ar5611fob8uhdalxif5z08hm5p8xx35f0wbj5r7xq8sv5sz5ce65cjj5...
Effective URL: https://uunderbridge.com/0/0/0/88bef8b8f794619e01e7876d8e216a1f/main100
Submission: On February 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 195.225.173.112, located in Ukraine and belongs to ASGARD-AS RadioEthernet provider, UA. The main domain is uunderbridge.com.
TLS certificate: Issued by R3 on January 16th 2022. Valid for: 3 months.
This is the only time uunderbridge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 195.225.173.112 31158 (ASGARD-AS...)
1 172.245.240.81 36352 (AS-COLOCR...)
3 3
Apex Domain
Subdomains		 Transfer
1 deskcounted.com
t9yow.deskcounted.com
341 B
1 uunderbridge.com
uunderbridge.com
446 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 411
694 B
1 linkedin.com
www.linkedin.com — Cisco Umbrella Rank: 602
2 KB
3 4
Domain Requested by
1 t9yow.deskcounted.com uunderbridge.com
1 uunderbridge.com
1 storage.googleapis.com
1 www.linkedin.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
uunderbridge.com
R3		 2022-01-16 -
2022-04-16		 3 months crt.sh
deskcounted.com
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Frame: https://t9yow.deskcounted.com/?kw=31&s2=679603495
Frame ID: FFEF6F07ABB5FF5BB6D127A427242668
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.linkedin.com/slink?code=esbVW5_r&code2=92ar5611fob8uhdalxif5z08hm5p8xx35f0wbj... HTTP 301
    https://storage.googleapis.com/95gnpui/51990259?p3qqk7owgp5/trrzlfxiqag7al_p4vou3sjtsi/teoacqs82ppl=uh0gucj... Page URL
  2. https://uunderbridge.com/0/0/0/88bef8b8f794619e01e7876d8e216a1f/main100 Page URL

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

1 kB
Transfer

0 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.linkedin.com/slink?code=esbVW5_r&code2=92ar5611fob8uhdalxif5z08hm5p8xx35f0wbj5r7xq8sv5sz5ce65cjj5er7l0a8z1y0dhbwsd7b HTTP 301
    https://storage.googleapis.com/95gnpui/51990259?p3qqk7owgp5/trrzlfxiqag7al_p4vou3sjtsi/teoacqs82ppl=uh0gucja3qx3g5/ngvfm01hlpumz0ekgq6pp85zhlt5x1v0v0sgq66syorhx8w2f19e3bmgnghqi783egvczkbowh7thnag Page URL
  2. https://uunderbridge.com/0/0/0/88bef8b8f794619e01e7876d8e216a1f/main100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.linkedin.com/slink?code=esbVW5_r&code2=92ar5611fob8uhdalxif5z08hm5p8xx35f0wbj5r7xq8sv5sz5ce65cjj5er7l0a8z1y0dhbwsd7b HTTP 301
  • https://storage.googleapis.com/95gnpui/51990259?p3qqk7owgp5/trrzlfxiqag7al_p4vou3sjtsi/teoacqs82ppl=uh0gucja3qx3g5/ngvfm01hlpumz0ekgq6pp85zhlt5x1v0v0sgq66syorhx8w2f19e3bmgnghqi783egvczkbowh7thnag

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
51990259
storage.googleapis.com/95gnpui/
Redirect Chain
  • https://www.linkedin.com/slink?code=esbVW5_r&code2=92ar5611fob8uhdalxif5z08hm5p8xx35f0wbj5r7xq8sv5sz5ce65cjj5er7l0a8z1y0dhbwsd7b
  • https://storage.googleapis.com/95gnpui/51990259?p3qqk7owgp5/trrzlfxiqag7al_p4vou3sjtsi/teoacqs82ppl=uh0gucja3qx3g5/ngvfm01hlpumz0ekgq6pp85zhlt5x1v0v0sgq66syorhx8w2f19e3bmgnghqi783egvczkbowh7thnag
118 B
694 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/95gnpui/51990259?p3qqk7owgp5/trrzlfxiqag7al_p4vou3sjtsi/teoacqs82ppl=uh0gucja3qx3g5/ngvfm01hlpumz0ekgq6pp85zhlt5x1v0v0sgq66syorhx8w2f19e3bmgnghqi783egvczkbowh7thnag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
69152a0b64804597e884c2bd987b0d9163fb75b9289113e95a6baef7f965e9cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdu-CLNNGzVSAX9cNm-6idJHBR2TtQfSS2bFmUAtL19kEER2Ilk9syvFw6YA5cYDzrAuxFyvx_wCpglfdhatcxM
x-goog-generation
1644937698912781
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
118
x-goog-hash
crc32c=wdVNiQ== md5=16Ik1+xTbjZGLIZlnBPgmQ==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
118
server
UploadServer
date
Tue, 15 Feb 2022 21:14:48 GMT
expires
Tue, 15 Feb 2022 22:14:48 GMT
cache-control
public, max-age=3600
age
1724
last-modified
Tue, 15 Feb 2022 15:08:18 GMT
etag
"d7a224d7ec536e36462c86659c13e099"
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

cache-control
no-cache, no-store
pragma
no-cache
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://storage.googleapis.com/95gnpui/51990259?p3qqk7owgp5/trrzlfxiqag7al_p4vou3sjtsi/teoacqs82ppl=uh0gucja3qx3g5/ngvfm01hlpumz0ekgq6pp85zhlt5x1v0v0sgq66syorhx8w2f19e3bmgnghqi783egvczkbowh7thnag
vary
Accept-Encoding
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
x-li-pop
afd-prod-ltx1-x
x-li-proto
http/2
x-li-uuid
AAXYFWysGrN0HMLVq34Cxg==
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 6E546BF78EE14AD4B499B19E92B5F97F Ref B: FRAEDGE1113 Ref C: 2022-02-15T21:43:32Z
date
Tue, 15 Feb 2022 21:43:32 GMT
Primary Request main100
uunderbridge.com/0/0/0/88bef8b8f794619e01e7876d8e216a1f/ 		112 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uunderbridge.com/0/0/0/88bef8b8f794619e01e7876d8e216a1f/main100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.225.173.112 , Ukraine, ASN31158 (ASGARD-AS RadioEthernet provider, UA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/

Response headers

date
Tue, 15 Feb 2022 21:43:34 GMT
content-type
text/html; charset=UTF-8
server
Apache
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding
/
t9yow.deskcounted.com/ 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t9yow.deskcounted.com/?kw=31&s2=679603495
Requested by
Host: uunderbridge.com
URL: https://uunderbridge.com/0/0/0/88bef8b8f794619e01e7876d8e216a1f/main100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.245.240.81 Elk Grove Village, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-240-81-host.colocrossing.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://uunderbridge.com/

Response headers

0
X-Reason
1
UNAVAILABLE
date
Tue, 15 Feb 2022 21:43:35 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
cache-control
no-cache, private
access-control-allow-origin
*
x-redir
true
content-encoding
gzip
strict-transport-security
max-age=15768000

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

5 Cookies

Domain/Path Name / Value
.linkedin.com/ Name: bcookie
Value: "v=2&1ac57204-4847-45c5-830d-461ebe297c05"
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022021521433262c2c3b1-d6ef-42e2-8367-1b1e984d1078AQFdcsT00iwTz3OXSN_KB2yidcMzwepY"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDQ5NjE0MTI7MjswMjEcXBKsDu6xctcRF6juoXuoclP2urenZDJxpEWx+a9erA==
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=2811:u=1:x=1:i=1644961412:t=1645047812:v=2:sig=AQFR2H5BmekdtEGFXU4VzubbWOJMZYbm"
uunderbridge.com/ Name: uid31
Value: 679603495-20220215164334-bfcb96de1f9033b5f1a519da73c06880-

1 Console Messages

Source Level URL
Text
network error URL: https://t9yow.deskcounted.com/?kw=31&s2=679603495
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

storage.googleapis.com
t9yow.deskcounted.com
uunderbridge.com
www.linkedin.com
172.245.240.81
195.225.173.112
2620:1ec:21::14
2a00:1450:4001:829::2010
69152a0b64804597e884c2bd987b0d9163fb75b9289113e95a6baef7f965e9cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855