urlscan.io logo urlscan.io
SecurityTrails logo

link-to.app Open in urlscan Pro
65.9.83.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/macsapp1
Effective URL: https://link-to.app/Hx6bI6aC
Submission: On January 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 6 HTTP transactions. The main IP is 65.9.83.32, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is link-to.app.
TLS certificate: Issued by Amazon on April 4th 2020. Valid for: a year.
This is the only time link-to.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 1 13.225.80.46 16509 (AMAZON-02)
1 65.9.83.32 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 195.201.128.178 24940 (HETZNER-AS)
2 18.198.68.141 16509 (AMAZON-02)
6 5
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    13.225.80.46 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-46.fra2.r.cloudfront.net
qrs.ly
1    65.9.83.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
link-to.app
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    195.201.128.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.128.201.195.clients.your-server.de
api.qrserver.com
2    18.198.68.141 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-68-141.eu-central-1.compute.amazonaws.com
one-badge.com
Domain Requested by
2 one-badge.com link-to.app
1 api.qrserver.com link-to.app
1 lh3.googleusercontent.com link-to.app
1 cdnjs.cloudflare.com link-to.app
1 link-to.app
1 qrs.ly 1 redirects
1 bit.ly 1 redirects
6 7

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
Subject Issuer Validity Valid
link-to.app
Amazon		 2020-04-04 -
2021-05-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
api.qrserver.com
R3		 2020-12-07 -
2021-03-07		 3 months crt.sh
*.one-badge.com
R3		 2020-12-13 -
2021-03-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://link-to.app/Hx6bI6aC
Frame ID: 283197CC71DA2912B5B8EF57B6D1A84D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/macsapp1 HTTP 301
    https://qrs.ly/vfbzkph HTTP 302
    https://link-to.app/Hx6bI6aC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

6
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

236 kB
Transfer

263 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/macsapp1 HTTP 301
    https://qrs.ly/vfbzkph HTTP 302
    https://link-to.app/Hx6bI6aC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Hx6bI6aC
link-to.app/
Redirect Chain
  • https://bit.ly/macsapp1
  • https://qrs.ly/vfbzkph
  • https://link-to.app/Hx6bI6aC
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://link-to.app/Hx6bI6aC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.83.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
093648f066bb2d430fc9aef34831d646ea91f4cfa215740aaa676d5821111ea0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
link-to.app
:scheme
https
:path
/Hx6bI6aC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
content-length
8926
date
Tue, 12 Jan 2021 16:42:19 GMT
x-amzn-requestid
c661a98b-3e4a-4c46-8849-d591d84b8502
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
x-content-type
nosniff
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains
x-frame-options
SAMEORIGIN
x-amzn-remapped-content-length
8926
x-amzn-remapped-connection
close
x-download-options
noopen
x-amz-apigw-id
ZC2o3HoAIAMFfwg=
x-content-type-options
nosniff
etag
W/"22de-0hBZn6WiS7GC0E4sjRvNTp0i4zo"
x-amzn-trace-id
Root=1-5ffdd16b-1eb6220879ed4eb00a50aaea;Sampled=0
x-amzn-remapped-date
Tue, 12 Jan 2021 16:42:19 GMT
x-cache
Miss from cloudfront
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
xn-hZXF6pm5VoiJFkcV85h9Oezu4H8Vr8js1enc1JzyXF3ijf6kXEQ==

Redirect headers

content-type
text/html; charset=UTF-8
location
https://link-to.app/Hx6bI6aC
date
Tue, 12 Jan 2021 16:42:19 GMT
server
Apache/2.4.46 (Unix)
x-powered-by
PHP/7.4.13
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=7fa9ffb0497dde3e04ee91302e9c192e; path=/; HttpOnly
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
vLxB7c8RGQ7jzXS5Zp--cCiWYSgVrQU1-GrZ3w8aXGzfkAofvIvYzQ==
bootstrap-grid.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-beta.2/css/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-beta.2/css/bootstrap-grid.min.css
Requested by
Host: link-to.app
URL: https://link-to.app/Hx6bI6aC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8279af208c3b3299c1fe975468e6e9b538fa197c5391cd8822973ea696a90fb7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://link-to.app/Hx6bI6aC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:42:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1511490
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
1753
cf-request-id
07991325db00002b956ea4c000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-5e62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hW1A2gork5A7mPE7ZmGbmFdxbpopnVfruA1ATlMvzoExSx9qj8mI7tgFLV9CdNnCMPQIMSdc4fGq40cN5%2FZtJ6n51CewHmHplgmOE8%2FGSoOqHeUFDzHct4MasTL83P0idw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
61085482fceb2b95-FRA
expires
Sun, 02 Jan 2022 16:42:20 GMT
H4YPwzHDNqvk2Vho8OvGSivEAGwxkRmESGBHryL_E6hrwBcJ7TiCklrKYiw4KWQPig
lh3.googleusercontent.com/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/H4YPwzHDNqvk2Vho8OvGSivEAGwxkRmESGBHryL_E6hrwBcJ7TiCklrKYiw4KWQPig
Requested by
Host: link-to.app
URL: https://link-to.app/Hx6bI6aC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e1149fd46d5ed1601b434e253808adc065746dc4c02246666dcbbef3ee056c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://link-to.app/Hx6bI6aC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:42:20 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223235
x-xss-protection
0
expires
Wed, 13 Jan 2021 16:42:20 GMT
/
api.qrserver.com/v1/create-qr-code/ 		434 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.qrserver.com/v1/create-qr-code/?size=150x150&margin=8&data=https://link-to.app/Hx6bI6aC?via_qrcode=1
Requested by
Host: link-to.app
URL: https://link-to.app/Hx6bI6aC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.128.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.128.201.195.clients.your-server.de
Software
Apache/2 / PHP/5.4.16
Resource Hash
d1d8ecfa039a634324ac363034e38b5800b9c82cdd5b0290cb226e82f21355cf

Request headers

Referer
https://link-to.app/Hx6bI6aC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 16:42:20 GMT
Server
Apache/2
X-Powered-By
PHP/5.4.16
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
close
Access-Control-Allow-Headers
Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
Content-Length
434
appstore.svg
one-badge.com/b/apple/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one-badge.com/b/apple/appstore.svg
Requested by
Host: link-to.app
URL: https://link-to.app/Hx6bI6aC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.198.68.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-68-141.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
e6c0d157e3b6586313c607342872a9a348ca40ec7861b14265272678ce419b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://link-to.app/Hx6bI6aC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id
abb34a6c-a6d7-499b-9f57-8180b2a74935-4339176
date
Tue, 12 Jan 2021 16:42:20 GMT
content-encoding
br
server
Netlify
age
0
etag
"5f4d327f01b6995d684807c72b5887e9-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
playstore.svg
one-badge.com/b/google/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one-badge.com/b/google/playstore.svg
Requested by
Host: link-to.app
URL: https://link-to.app/Hx6bI6aC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.198.68.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-68-141.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
754044429df1daff851767440ed9cb879fdde199dd2a5b4cc09076901fa4d50f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://link-to.app/Hx6bI6aC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id
abb34a6c-a6d7-499b-9f57-8180b2a74935-4339177
date
Sun, 10 Jan 2021 18:24:55 GMT
content-encoding
br
server
Netlify
age
166645
etag
"60613c8c47836e123900f09eec848eda-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1834

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| getContrastYIQ function| rgbToHex object| panelDef

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block