s.linkt-ii-faq.net Open in urlscan Pro
104.21.46.41 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3S6cnfB
Effective URL:
https://s.linkt-ii-faq.net/
Submission: On October 18 via api (October 18th 2023, 1:13:31 am UTC) from AU — Scanned from AU

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 104.21.46.41, located in and belongs to CLOUDFLARENET, US. The main domain is s.linkt-ii-faq.net.
TLS certificate: Issued by GTS CA 1P5 on October 16th 2023. Valid for: 3 months.

This is the only time s.linkt-ii-faq.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Linkt (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	104.21.46.41 104.21.46.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	45.60.48.24 45.60.48.24	19551 (INCAPSULA) (INCAPSULA)
20	2

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.21.46.41 (None, )

ASN13335 (CLOUDFLARENET, US)

s.linkt-ii-faq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.60.48.24 (United States)

ASN19551 (INCAPSULA, US)

manage.linkt.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	linkt-ii-faq.net s.linkt-ii-faq.net	1 MB
6	linkt.com.au manage.linkt.com.au	7 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6920	416 B
20	3

	Domain	Requested by
14	s.linkt-ii-faq.net	s.linkt-ii-faq.net
6	manage.linkt.com.au	s.linkt-ii-faq.net
1	bit.ly	1 redirects
20	3

This site contains no links.

Subject Issuer	Validity	Valid
linkt-ii-faq.net GTS CA 1P5	`2023-10-16` - `2024-01-14`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-07` - `2024-03-05`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://s.linkt-ii-faq.net/
Frame ID: F560F007DDFC0F10BF30995183767758
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AUS post

Page URL History Show full URLs

http://bit.ly/3S6cnfB HTTP 301
https://s.linkt-ii-faq.net/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1494 kB
Transfer

8870 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3S6cnfB HTTP 301
https://s.linkt-ii-faq.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
s.linkt-ii-faq.net/
Redirect Chain

http://bit.ly/3S6cnfB
https://s.linkt-ii-faq.net/

746 B
800 B

306ms
134ms

Document
text/html

104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1019e8ed4092ac554eb1b1066d1a4071cd5bf2bd55137fc83cd6343d67bd4ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 817ceb283e10274a-ADL
content-encoding: br
content-type: text/html
date: Wed, 18 Oct 2023 01:13:24 GMT
last-modified: Mon, 16 Oct 2023 12:30:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BF8o631fWEGYVfOsqm9hXa8rGp3tqeucmoQ9gTiF3jTkUcaBiRTWfQMAxf2Nh%2Fiaja054KULojd9oJahgRroYruZc9e65fYNxzWHngupxtjbUiS%2FTilZINCXNBZ5Up%2FlzwPfPI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Cache-Control: private, max-age=90
Content-Length: 117
Content-Security-Policy: referrer always;
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Oct 2023 01:13:24 GMT
Location: https://s.linkt-ii-faq.net/#/m
Referrer-Policy: unsafe-url
Server: nginx
Via: 1.1 google

GET
H2 200 config.js Show response
s.linkt-ii-faq.net/ 89 B
463 B 145ms
144ms Script
application/javascript 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/config.js
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d48c8f6dbd54b101cb7ece8ea6b17e2edd110d9e2a0d54ac152070cc3aaa654

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:30:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2cf1-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJh8fW18wTjUbwGntbgxXj3Kepdd8QT9QoDo8lRL%2BQXGf44dVXG4gIB3fb63Vd5hCOZyPw8KkJrCRPch4555AdJTZlx6eI0SJZZBEO%2BcUGE6Spl%2FSs8IRrva13guCO%2Fj3PXozFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 817ceb291f89274a-ADL
alt-svc: h3=":443"; ma=86400
expires: Wed, 18 Oct 2023 13:13:24 GMT

GET
H2 200 chunk-vendors.4cd11a17.js Show response
s.linkt-ii-faq.net/js/ 967 KB
261 KB 227ms
226ms Script
application/javascript 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/js/chunk-vendors.4cd11a17.js
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c4614d81d0d9395d8561502a5e66f193c305de7486bde8b4d4642461763a4e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:31:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2d0e-f1c08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDwTHLVs%2BFPG%2BVHmsx7cLF0%2BQMwuzWpHsCPGShSAT2iLMwgG4f8G2bO8ItGpfrPRTc%2B5tjtpwZgNXEFgqmYoLBu7xWEhN5pxvjPCBu%2Fy1eQRyy6PRYCbwJrtsn7TCQUPAkdlyL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 817ceb291f92274a-ADL
alt-svc: h3=":443"; ma=86400
expires: Wed, 18 Oct 2023 13:13:24 GMT

GET
H2 200 app.55a9f5bf.js Show response
s.linkt-ii-faq.net/js/ 79 KB
21 KB 235ms
234ms Script
application/javascript 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/js/app.55a9f5bf.js
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd896d0d15a75dc5d82c08bd6de8344734f45cf9727281b45c5d07e897a508a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:31:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2d0e-13cd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1q9q9zc3Oz2zUy7RoS2ygWtWKYPMOGjbLiz0GWeIJabQAbMO0ni7qwCQLksTcAxcu4GgG3ee6r5wS2GCGgRdLYWVzhjoT%2FboLF2ZWCa1EkjB0ovtDWUhQoUGMjMWA8cGMTnEZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 817ceb29f90f274a-ADL
alt-svc: h3=":443"; ma=86400
expires: Wed, 18 Oct 2023 13:13:24 GMT

GET
H2 200 chunk-vendors.ab49d789.css
s.linkt-ii-faq.net/css/ 206 KB
35 KB 171ms
170ms Stylesheet
text/css 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/css/chunk-vendors.ab49d789.css
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d8d865d09c3f3038ff963dd211432085a0939a8495eda8864f6b2b4b916ba70

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2cf8-337ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj4pqW8zbIJD9NN%2FdYi5h%2Fm5YxWHcbhOwe6m4Z753S0xWB%2F1Usitj6zJvyn7Elb1pAuK5RmkX08FMqMviDWPOSDworFfUyCaBfXSOgJ2W0qKAwCiTq%2B346rNb9yWWScfy2oZ8S8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 817ceb291f8b274a-ADL
alt-svc: h3=":443"; ma=86400
expires: Wed, 18 Oct 2023 13:13:24 GMT

GET
H2 200 app.d616cf06.css
s.linkt-ii-faq.net/css/ 1 MB
149 KB 315ms
315ms Stylesheet
text/css 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/css/app.d616cf06.css
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ca3e701b519f9032c31b5d4cc1f9c04648d1c1579c44c215c991732625144d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:30:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2cf7-11dfac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svXs6c5y0yVeuGrM8hBjiiKBrRbl9pA%2BsGoa5L%2BU6b55eEGPrYapR3T0jgmqu7AGYNykw5mL9hV4T%2B27hZYdSqgYE2SOhzZDhGaLOP%2FhSFp84iex6o9Gd84xvga%2Fj1FQBiY9OEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 817ceb291f90274a-ADL
alt-svc: h3=":443"; ma=86400
expires: Wed, 18 Oct 2023 13:13:24 GMT

GET
H3 200 about.8fac49b4.css
s.linkt-ii-faq.net/css/ 6 MB
869 KB 189ms
188ms Stylesheet
text/css 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/css/about.8fac49b4.css
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/js/app.55a9f5bf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50c87a7cbf2f9b0d83bb8a645054b4d2f8a1aa8edef3e92830a8a1e55f0b3aa7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:30:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2cf7-601883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLNJ8mAH7ZMHZcWVcJ7W%2FKKxv07emj9dkmI8%2F3YAWyLjNw2zi5Gp5kGT8nTvOW98d5ucreG52JnJDl1PRXusSMRd%2BGNh0hq8rYYE0x8qqsBhvMTsyIE4n1notmodO6vuavMHH4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 817ceb2c2e6c3e6a-ADL
alt-svc: h3=":443"; ma=86400
expires: Wed, 18 Oct 2023 13:13:25 GMT

GET
H3 200 about.2891354c.js Show response
s.linkt-ii-faq.net/js/ 265 KB
93 KB 735ms
734ms Script
application/javascript 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/js/about.2891354c.js
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/js/app.55a9f5bf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2403f0d16e402210e7582e5c9a7fc691acfc7262e5a256d3d2fd9d7e72bf896e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:31:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2d0d-42525"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLQrLKf3wbReHpsYsdzEwAH0wUsMJ%2FG8V1GuHmgWfYBT6atLGSb1WSOSgMjNYAsKs5H5LrpRi1A7TJjMg9DGOqwCNaMPoatfYUfR%2BmHz7S9YYLPWzHVPy4fwhFpZNRDcE12BXPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 817ceb2c2e6d3e6a-ADL
alt-svc: h3=":443"; ma=86400
expires: Wed, 18 Oct 2023 13:13:25 GMT

GET
H3 200 checkIp Show response
s.linkt-ii-faq.net/api/card/fish/ 217 B
691 B 786ms
785ms XHR
application/json 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/api/card/fish/checkIp?key=mrnvznuiuojcvys2
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/js/chunk-vendors.4cd11a17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52b8283be8a9e38906e230468cc43a47377f199d7fdfe0c00ef81189eb2b86db

Request headers

Accept: application/json, text/plain, */*
Referer: https://s.linkt-ii-faq.net/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2F6%2FVP7hVZ0to98PU0yLQb%2Bs1VUpbQaN%2BIShf5R9Ua%2BjWpkw5P4Qa%2B2xig55sUfhwwOtAiLu3xAGgUtz88vrJq9XAEYIfBLMfZAZ%2BtXM%2F7taaa5M90de8MKMOYNIfhB86y%2B4wvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 817ceb2c3e723e6a-ADL
alt-svc: h3=":443"; ma=86400

GET
H3 200 user Show response
s.linkt-ii-faq.net/api/card/websocket-domain/ 113 B
548 B 109ms
108ms XHR
application/json 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/api/card/websocket-domain/user
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/js/chunk-vendors.4cd11a17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9165f171fcb7be4b764ab740adf2d2e6d6287a8cec06621bf741f2915c56fc8

Request headers

Accept: application/json, text/plain, */*
Referer: https://s.linkt-ii-faq.net/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXh%2FVoaXyY0zJKaoEQ1GP1K8QoQ4IM8rdPb0O8RhS9u2Q%2BbBeWjsWhSF4EVwO4XnS82dfNKsRF0MV%2FI%2BajVQLL9Akp1eGNzoqXpdnzvpYQeABa7Dbab5vSyL%2FQEX%2BOnx08gbiZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 817ceb31fd743e6a-ADL
alt-svc: h3=":443"; ma=86400

GET
H3 200 visits Show response
s.linkt-ii-faq.net/api/num/record/ 41 B
492 B 421ms
420ms XHR
application/json 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/api/num/record/visits
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/js/chunk-vendors.4cd11a17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d26fb4550d79ddd00ed695c52e9f888abac94e0d3bc3ed161dffbe8b07d9bdb

Request headers

Accept: application/json, text/plain, */*
Referer: https://s.linkt-ii-faq.net/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftCtNHO7Ro%2FiADz5QuoU%2BsHFZmObXoWhrpV320lAX4n8fapHxx%2FbyRFGdm%2BOAIDyoBX9B%2F8cTYcTk86nQ2pfD9kggu9nQ89q%2FJFxz%2BmYm73agdaGxIhYXb%2BfBKYBGMYqla7UN0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 817ceb323dc33e6a-ADL
alt-svc: h3=":443"; ma=86400

GET
H3 200 linkt_logo.93d970a4.svg
s.linkt-ii-faq.net/img/ 2 KB
1 KB 137ms
136ms Image
image/svg+xml 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.linkt-ii-faq.net/img/linkt_logo.93d970a4.svg
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661d91e8d56409f4525f8f58265c356c204e9fde3eda57a61d1a8594483bc1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:31:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d2d05-836"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyX0sTA10mhbYeXo%2ByLV31%2BBtt4MOohmx09q1IgwtGmi08LIh7w03Nm6w37aQjOQee3OcwDu0lwzN6uRdrMtgi4W6dh4q%2B26PjM5jFmxlA6cYTPnyfLmGqqCGQymMNVGbhTLm4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 817ceb323dc73e6a-ADL
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo-Transurban.cc5a7e14.png
s.linkt-ii-faq.net/img/ 25 KB
26 KB 129ms
127ms Image
image/png 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.linkt-ii-faq.net/img/logo-Transurban.cc5a7e14.png
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cdaa21c8d06fc4322303a35cea7cd1acdfa9695ad1882598fd107cf3d17522

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:31:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652d2d06-6496"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9G4A0Xm39FHSOle6%2Ff9TmBBJsKP44ZHTw%2B25vPzCjZiMtTDIxfKK8GAOkHuvfn5jJAf60kXFpDaG7BzSEwNZOpq87R%2BAm0L0vzmMrUgQNZflf2qpKVabvw%2FEk36UFMPrICjgPjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 817ceb323dca3e6a-ADL
alt-svc: h3=":443"; ma=86400
content-length: 25750
expires: Fri, 17 Nov 2023 01:13:26 GMT

GET
H2 200 icon-twitter.png
manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/ 545 B
1 KB 637ms
400ms Image
image/png 45.60.48.24
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/icon-twitter.png

Requested by

Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.48.24 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

TUHardened /

Resource Hash

55249775ca508b84f9ae864910450bd7d3f884f6a0b4fb9c8a4383e09961181f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
via: 1.1 0f7e4995783c21b04a0e0537b8737dde.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
x-iinfo: 15-19820529-19820543 NNNN CT(1 8 0) RT(1697591605835 107) q(0 0 0 0) r(0 3) U24
content-length: 545
pragma: no-cache
last-modified: Fri, 17 Mar 2023 04:06:32 GMT
server: TUHardened
content-type: image/png;charset=UTF-8
cache-control: max-age=604800, must-revalidate
x-incap-sess-cookie-hdr: l6v+LhrvbRU4is4TOXK0FTYxL2UAAAAAA7BD36+N4XDct9WxRA42SQ==
x-amz-cf-id: Ut7RItNKQ40Zu1mklzd-U9srbzXx_03rQLzSIHq3t5Il7Hu8kGSZwQ==
expires: Wed, 25 Oct 2023 01:13:26 GMT

GET
H2 200 facebook-icon.png
manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/ 494 B
2 KB 634ms
397ms Image
image/png 45.60.48.24
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/facebook-icon.png

Requested by

Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.48.24 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

TUHardened /

Resource Hash

794e4bb51b9f1f7efeadab401b75b6f8c65038238b9f9bd694f0a451962a88bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
via: 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
x-iinfo: 15-19820529-19820540 NNNN CT(4 5 0) RT(1697591605835 102) q(0 0 0 1) r(0 3) U24
content-length: 494
pragma: no-cache
last-modified: Fri, 17 Mar 2023 04:06:32 GMT
server: TUHardened
content-type: image/png;charset=UTF-8
cache-control: max-age=604800, must-revalidate
x-incap-sess-cookie-hdr: AU8EIk/n/mM4is4TOXK0FTYxL2UAAAAAfpYEWdnWPw/OsyrdVWPtLw==
x-amz-cf-id: UtWu_aA3GABYALmgKKiooMrQZGiiQHh_Ym9JMhgP12YwDGygeJxiVQ==
expires: Wed, 25 Oct 2023 01:13:26 GMT

GET
H2 200 icon-youtube.png
manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/ 424 B
1 KB 662ms
425ms Image
image/png 45.60.48.24
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/icon-youtube.png

Requested by

Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.48.24 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

TUHardened /

Resource Hash

67c5e1a39cce0c03cd5f194e9daa6f4c805ede1b6852258158bdfe87f6b3edad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
via: 1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
x-iinfo: 15-19820529-19820541 NNNN CT(2 9 0) RT(1697591605835 102) q(0 0 0 2) r(0 3) U24
content-length: 424
pragma: no-cache
last-modified: Fri, 17 Mar 2023 04:06:32 GMT
server: TUHardened
content-type: image/png;charset=UTF-8
cache-control: max-age=604800, must-revalidate
x-incap-sess-cookie-hdr: n6cBEIH/5y84is4TOXK0FTYxL2UAAAAArl1A3g2OkGZAbpEqNAGS1g==
x-amz-cf-id: dd1mGiGYhj5hzDLHAyEfbNl37QVbVkb5Cv6AkjjhiJjT_iYNwV1vRw==
expires: Wed, 25 Oct 2023 01:13:26 GMT

GET
H3 200 element-icons.ff18efd1.woff
s.linkt-ii-faq.net/fonts/ 28 KB
28 KB 136ms
135ms Font
font/woff 104.21.46.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.linkt-ii-faq.net/fonts/element-icons.ff18efd1.woff
Requested by: Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/css/chunk-vendors.ab49d789.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.46.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17

Request headers

Referer: https://s.linkt-ii-faq.net/css/chunk-vendors.ab49d789.css
Origin: https://s.linkt-ii-faq.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:26 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 12:30:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652d2cf9-6e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7hIPkusBATzcpUgKkIC%2BXgjP5157zTX6jSVJyUzlw6UdIKibsY0Q6HRHMcDZxW6TLnmdsz0cY9f99V%2BlOSzBbFKsHD7ep5n3HvwKVm5jsM%2Fq%2FyrDhPwAXsBhDTQunGhhr2kUGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817ceb324de63e6a-ADL
alt-svc: h3=":443"; ma=86400
content-length: 28200

GET
H2 200 icon-twitter.png
manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/ 545 B
1 KB 387ms
387ms Image
image/png 45.60.48.24
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/icon-twitter.png

Requested by

Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.48.24 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

TUHardened /

Resource Hash

55249775ca508b84f9ae864910450bd7d3f884f6a0b4fb9c8a4383e09961181f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:27 GMT
via: 1.1 0f7e4995783c21b04a0e0537b8737dde.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
x-iinfo: 15-19820529-19820543 PNNN RT(1697591605835 504) q(0 0 0 -1) r(3 3) U24
content-length: 545
pragma: no-cache
last-modified: Fri, 17 Mar 2023 04:06:32 GMT
server: TUHardened
content-type: image/png;charset=UTF-8
cache-control: max-age=604800, must-revalidate
x-incap-sess-cookie-hdr: VaZOKZAHrU04is4TOXK0FTYxL2UAAAAAM1FrLPAIVxbDnNzL99tkzw==
x-amz-cf-id: p_oOQHAIotnx2meZ2DTdyJ4VXfe1OSjf9eT71quqSJAAY3Kok9As_g==
expires: Wed, 25 Oct 2023 01:13:27 GMT

GET
H2 200 facebook-icon.png
manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/ 494 B
1 KB 409ms
409ms Image
image/png 45.60.48.24
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/facebook-icon.png

Requested by

Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.48.24 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

TUHardened /

Resource Hash

794e4bb51b9f1f7efeadab401b75b6f8c65038238b9f9bd694f0a451962a88bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:27 GMT
via: 1.1 8b193b33626543d66ce5f5750c8af41a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
x-iinfo: 15-19820529-19820576 NNNY CT(1 10 0) RT(1697591605835 507) q(0 0 0 -1) r(0 3) U24
content-length: 494
pragma: no-cache
last-modified: Fri, 17 Mar 2023 04:06:32 GMT
server: TUHardened
content-type: image/png;charset=UTF-8
cache-control: max-age=604800, must-revalidate
x-incap-sess-cookie-hdr: rE4qPXnCaAU4is4TOXK0FTYxL2UAAAAARYGCFQyFR9OPZ1hwD/7Pog==
x-amz-cf-id: lwMCeHHTHrhD1eM6FaOmrx3UI6vOgSb1U-FuDu4iVQNuaoX-ovSmkg==
expires: Wed, 25 Oct 2023 01:13:27 GMT

GET
H2 200 icon-youtube.png
manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/ 424 B
928 B 383ms
383ms Image
image/png 45.60.48.24
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://manage.linkt.com.au/retailweb/resources/retailer/linkt/img/icons/icon-youtube.png

Requested by

Host: s.linkt-ii-faq.net
URL: https://s.linkt-ii-faq.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.48.24 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

TUHardened /

Resource Hash

67c5e1a39cce0c03cd5f194e9daa6f4c805ede1b6852258158bdfe87f6b3edad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.linkt-ii-faq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:13:27 GMT
via: 1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
x-iinfo: 15-19820529-19820541 PNNN RT(1697591605835 529) q(0 0 0 -1) r(3 3) U24
content-length: 424
pragma: no-cache
last-modified: Fri, 17 Mar 2023 04:06:32 GMT
server: TUHardened
content-type: image/png;charset=UTF-8
cache-control: max-age=604800, must-revalidate
x-incap-sess-cookie-hdr: jiMnEkI5Hiw4is4TOXK0FTYxL2UAAAAAmLWoxC6W4Rk3cn1/0trCrw==
x-amz-cf-id: TL02g09eHgMIPF4h0-70Mkvu8N8bseKlWXHEm2mMJm-hWC81bdy8Lw==
expires: Wed, 25 Oct 2023 01:13:27 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Linkt (Transportation)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.linkt-ii-faq.net/api	1969-12-31 23:59:59	Name: JSESSIONID Value: F443F7EA8A4FAF8B429B557411C49FB3
.bit.ly/	1970-01-20 19:52:23	Name: _bit Value: n9i1do-9ddf4b2f627929b648-00n
s.linkt-ii-faq.net/	1970-01-20 15:33:15	Name: token Value: eyJhbGdzIjoiSFMyNTYiLCJ0eXAiOiJKV1QiLCJ0eXBlIjoiSldUIiwiYWxnIjoiSFMyNTYifQ.eyJyZXFJcCI6IjEwMy4xMDcuMTk3LjEwOSIsImV4cCI6MTY5NzU5MzQwNX0.ozltpYgqchBJRV0wkb_T4Prrcgn0qzeZm9KHWm0PHw4
s.linkt-ii-faq.net/	1970-01-20 15:33:15	Name: domainName Value: wss%3A%2F%2Fcz.tolls.site%2Fapi%2Fapprove%2F
s.linkt-ii-faq.net/	1970-01-20 15:34:38	Name: userIp Value: 103.107.197.109
.linkt.com.au/	1970-01-21 00:18:15	Name: visid_incap_1644040 Value: RRk/kOlET1ufHvbyTrnlwTUxL2UAAAAAQUIPAAAAAADheSnA6hLXocH9tE36GHZ9
.linkt.com.au/	1969-12-31 23:59:59	Name: nlbi_1644040 Value: rRweB6RoKzAv1J2R4XKpuwAAAABr1ZJl4GysZ7hEKGAGRLE+
.linkt.com.au/	1969-12-31 23:59:59	Name: incap_ses_1564_1644040 Value: fGoJMfy2Xgs4is4TOXK0FTYxL2UAAAAAMm6sEw82xbP9pvXnQqzdNw==
manage.linkt.com.au/	1970-01-20 15:43:16	Name: AWSALBCORS Value: hd/AjtWkTV0Ak9bmTl8Ya+8/ro+zHnEjtTeu6Snz/iAqCJz2QRm7yjXWn72HbChlmYbEujGL5TnkJRJ+AqI42WIpxQCEEw8rLySEumFjWhpwTu9pFjImqZAV+5mx

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
manage.linkt.com.au
s.linkt-ii-faq.net
104.21.46.41
45.60.48.24
67.199.248.11
0d8d865d09c3f3038ff963dd211432085a0939a8495eda8864f6b2b4b916ba70
1d26fb4550d79ddd00ed695c52e9f888abac94e0d3bc3ed161dffbe8b07d9bdb
1d48c8f6dbd54b101cb7ece8ea6b17e2edd110d9e2a0d54ac152070cc3aaa654
2403f0d16e402210e7582e5c9a7fc691acfc7262e5a256d3d2fd9d7e72bf896e
50c87a7cbf2f9b0d83bb8a645054b4d2f8a1aa8edef3e92830a8a1e55f0b3aa7
52b8283be8a9e38906e230468cc43a47377f199d7fdfe0c00ef81189eb2b86db
55249775ca508b84f9ae864910450bd7d3f884f6a0b4fb9c8a4383e09961181f
67c5e1a39cce0c03cd5f194e9daa6f4c805ede1b6852258158bdfe87f6b3edad
794e4bb51b9f1f7efeadab401b75b6f8c65038238b9f9bd694f0a451962a88bd
85cdaa21c8d06fc4322303a35cea7cd1acdfa9695ad1882598fd107cf3d17522
a1019e8ed4092ac554eb1b1066d1a4071cd5bf2bd55137fc83cd6343d67bd4ca
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
b0c4614d81d0d9395d8561502a5e66f193c305de7486bde8b4d4642461763a4e
d5661d91e8d56409f4525f8f58265c356c204e9fde3eda57a61d1a8594483bc1
d9165f171fcb7be4b764ab740adf2d2e6d6287a8cec06621bf741f2915c56fc8
ecd896d0d15a75dc5d82c08bd6de8344734f45cf9727281b45c5d07e897a508a
f2ca3e701b519f9032c31b5d4cc1f9c04648d1c1579c44c215c991732625144d

s.linkt-ii-faq.net Open in urlscan Pro 104.21.46.41 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

1494 kBTransfer

8870 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

9 Cookies

Indicators

s.linkt-ii-faq.net Open in urlscan Pro
104.21.46.41 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1494 kB
Transfer

8870 kB
Size

9
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!