go.lnkpth.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 172.255.232.140, located in Netherlands and belongs to SERVERS-COM, US. The main domain is go.lnkpth.com. The Cisco Umbrella rank of the primary domain is 857905.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.

This is the only time go.lnkpth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
1 2	172.255.232.140 172.255.232.140	7979 (SERVERS-COM) (SERVERS-COM)
4	3

4 193.84.85.178 (Russian Federation) 2 redirects

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.255.232.140 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

go.lnkpth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	s.id 2 redirects s.id — Cisco Umbrella Rank: 107023	27 KB
2	lnkpth.com 1 redirects go.lnkpth.com — Cisco Umbrella Rank: 857905	2 KB
0	niceukrainian.com Failed www.niceukrainian.com Failed
4	3

	Domain	Requested by
4	s.id	2 redirects
2	go.lnkpth.com	1 redirects s.id
0	www.niceukrainian.com Failed	go.lnkpth.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid
s.id R11	`2024-06-12` - `2024-09-10`	3 months	crt.sh
track.cpamatica.com R3	`2024-04-23` - `2024-07-22`	3 months	crt.sh

This page contains 1 frames:

Frame: https://www.niceukrainian.com/qa/register01.php?aid=2621&oid=CP231375&qpid_offer_id=NUK_235084TSUSI&qpid_subid=37119&qpid_clickid=33_37119_11109_642402fec6ac1000fb0c262a4109462d&source_tag=O007
Frame ID: FE881B5B09B9C507CB7974B4744C2B09
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.id/280rp Page URL
https://s.id/280rp HTTP 302
https://s.id/280rp HTTP 302
https://go.lnkpth.com/aff_c?offer_id=11109&aff_id=37119&url_id=0&aff_sub5=email&source=O007 HTTP 302
https://go.lnkpth.com/rd.html?go=https%3A%2F%2Fwww.NiceUkrainian.com%2Findex.php%2Fpromote%2Fclick... Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

27 kB
Transfer

33 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/280rp Page URL
https://s.id/280rp HTTP 302
https://s.id/280rp HTTP 302
https://go.lnkpth.com/aff_c?offer_id=11109&aff_id=37119&url_id=0&aff_sub5=email&source=O007 HTTP 302
https://go.lnkpth.com/rd.html?go=https%3A%2F%2Fwww.NiceUkrainian.com%2Findex.php%2Fpromote%2Fclick%3Faid%3D2621%26oid%3DCP231375%26qpid_offer_id%3DNUK_235084TSUSI%26qpid_subid%3D37119%26qpid_clickid%3D33_37119_11109_642402fec6ac1000fb0c262a4109462d%26source_tag%3DO007 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.niceukrainian.com/index.php/promote/click?aid=2621&oid=CP231375&qpid_offer_id=NUK_235084TSUSI&qpid_subid=37119&qpid_clickid=33_37119_11109_642402fec6ac1000fb0c262a4109462d&source_tag=O007 HTTP 302
https://www.niceukrainian.com/qa/register01.php?aid=2621&oid=CP231375&qpid_offer_id=NUK_235084TSUSI&qpid_subid=37119&qpid_clickid=33_37119_11109_642402fec6ac1000fb0c262a4109462d&source_tag=O007

4 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	280rp Show response s.id/	13 KB 13 KB	1378ms 288ms	Document text/html	193.84.85.178 STORMWALL-AS
General Check archive.org Show headers Download Go to Full URL https://s.id/280rp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK), Reverse DNS Software nginx / Resource Hash `1baac7f9b53a2fb054936c450c995e30c76ebac8bb5225e04de5661ba95064d4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-cache content-length 13510 content-type text/html; charset=utf-8 date Fri, 12 Jul 2024 07:01:21 GMT server nginx
GET DATA	200 OK	truncated /	7 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	favicon.ico s.id/	13 KB 13 KB	289ms 289ms	Other text/html	193.84.85.178 STORMWALL-AS
General Check archive.org Show headers Download Go to Full URL https://s.id/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK), Reverse DNS Software nginx / Resource Hash `1baac7f9b53a2fb054936c450c995e30c76ebac8bb5225e04de5661ba95064d4` Request headers Referer https://s.id/280rp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 07:01:22 GMT cache-control no-cache server nginx content-length 13510 content-type text/html; charset=utf-8
GET H/1.1	200 OK	Primary Request rd.html Show response go.lnkpth.com/ Redirect Chain https://s.id/280rp https://s.id/280rp https://go.lnkpth.com/aff_c?offer_id=11109&aff_id=37119&url_id=0&aff_sub5=email&source=O007 https://go.lnkpth.com/rd.html?go=https%3A%2F%2Fwww.NiceUkrainian.com%2Findex.php%2Fpromote%2Fclick%3Faid%3D2621%26oid%3DCP231375%26qpid_offer_id%3DNUK_235084TSUSI%26qpid_subid%3D37119%26qpid_clicki...	329 B 566 B	49ms 48ms	Document text/html	172.255.232.140 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://go.lnkpth.com/rd.html?go=https%3A%2F%2Fwww.NiceUkrainian.com%2Findex.php%2Fpromote%2Fclick%3Faid%3D2621%26oid%3DCP231375%26qpid_offer_id%3DNUK_235084TSUSI%26qpid_subid%3D37119%26qpid_clickid%3D33_37119_11109_642402fec6ac1000fb0c262a4109462d%26source_tag%3DO007 Requested by Host: s.id URL: https://s.id/280rp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 172.255.232.140 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash `e2efe220662dd9a54582aa6ab3f6d9fcaf0341710d0b01aa051fc09258ff9e6e` Request headers Referer https://s.id/280rp Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 12 Jul 2024 07:01:23 GMT ETag W/"61168831-149" Last-Modified Fri, 13 Aug 2021 14:56:49 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Cache-Control no-store, no-cache Connection keep-alive Content-Length 538 Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type text/html; charset=utf-8 Cross-Origin-Opener-Policy same-origin Cross-Origin-Resource-Policy same-origin Date Fri, 12 Jul 2024 07:01:23 GMT Location /rd.html?go=https%3A%2F%2Fwww.NiceUkrainian.com%2Findex.php%2Fpromote%2Fclick%3Faid%3D2621%26oid%3DCP231375%26qpid_offer_id%3DNUK_235084TSUSI%26qpid_subid%3D37119%26qpid_clickid%3D33_37119_11109_642402fec6ac1000fb0c262a4109462d%26source_tag%3DO007 Origin-Agent-Cluster ?1 Referrer-Policy no-referrer Server nginx Strict-Transport-Security max-age=15552000; includeSubDomains Vary Accept X-Content-Type-Options nosniff X-DNS-Prefetch-Control off X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-XSS-Protection 0
GET		register01.php www.niceukrainian.com/qa/ Redirect Chain https://www.niceukrainian.com/index.php/promote/click?aid=2621&oid=CP231375&qpid_offer_id=NUK_235084TSUSI&qpid_subid=37119&qpid_clickid=33_37119_11109_642402fec6ac1000fb0c262a4109462d&source_tag=O007 https://www.niceukrainian.com/qa/register01.php?aid=2621&oid=CP231375&qpid_offer_id=NUK_235084TSUSI&qpid_subid=37119&qpid_clickid=33_37119_11109_642402fec6ac1000fb0c262a4109462d&source_tag=O007	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.niceukrainian.com
URL: https://www.niceukrainian.com/qa/register01.php?aid=2621&oid=CP231375&qpid_offer_id=NUK_235084TSUSI&qpid_subid=37119&qpid_clickid=33_37119_11109_642402fec6ac1000fb0c262a4109462d&source_tag=O007

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regex object| results

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.id/	1969-12-31 23:59:59	Name: __js_p_ Value: 682,1800,0,0,0
s.id/	1970-01-20 21:59:29	Name: __jhash_ Value: 942
s.id/	1970-01-20 21:59:29	Name: __jua_ Value: Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36
.s.id/	1970-01-20 21:59:29	Name: __hash_ Value: 19378d3815aa0f6b27787a79b1b34d94
s.id/	1970-01-20 22:09:32	Name: __lhash_ Value: 11b4fdb6eaa14ce848c5ddf615c90eb1
.go.lnkpth.com/	1970-01-20 22:42:39	Name: language Value: en
.go.lnkpth.com/	1970-01-20 22:42:39	Name: 11109 Value: 33_37119_11109_642402fec6ac1000fb0c262a4109462d
.go.lnkpth.com/	1970-01-20 22:42:39	Name: op_11109 Value: 0
.go.lnkpth.com/	1970-01-21 07:35:27	Name: user_id Value: 4eb3e446-ca72-4bce-a9ea-0e9f9480c1a5_ac4c17bcc268e64d4a2d22e1e8605f1b
www.niceukrainian.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jinm9ga9m0ubgvntdt4p85b9k2
www.niceukrainian.com/	1970-01-21 00:09:03	Name: owner_id Value: CP231375
www.niceukrainian.com/	1970-01-21 00:09:03	Name: adv_id Value: 2621
www.niceukrainian.com/	1970-01-21 00:09:03	Name: adv_type Value: 1
www.niceukrainian.com/	1970-01-21 00:09:03	Name: subaffid Value: 37119
www.niceukrainian.com/	1970-01-21 00:09:03	Name: source_id Value: O007
www.niceukrainian.com/	1970-01-21 00:09:03	Name: adv_ldp_id Value: CD3026001
www.niceukrainian.com/	1970-01-21 00:09:03	Name: qpid_offer_id Value: NUK_235084TSUSI
www.niceukrainian.com/	1970-01-21 00:09:03	Name: website_id Value: 229
www.niceukrainian.com/	1970-01-21 00:09:03	Name: referer Value: https%3A%2F%2Fgo.lnkpth.com%2F
www.niceukrainian.com/	1970-01-21 00:09:03	Name: adv_click_history_id Value: 715777872
www.niceukrainian.com/	1970-01-21 00:09:03	Name: qpid_click_id Value: 33_37119_11109_642402fec6ac1000fb0c262a4109462d
www.niceukrainian.com/	1970-01-21 00:09:03	Name: owner_argv Value: a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222621%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP231375%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22NUK_235084TSUSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A5%3A%2237119%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A47%3A%2233_37119_11109_642402fec6ac1000fb0c262a4109462d%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22O007%22%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.lnkpth.com
s.id
www.niceukrainian.com
www.niceukrainian.com
172.255.232.140
193.84.85.178
1baac7f9b53a2fb054936c450c995e30c76ebac8bb5225e04de5661ba95064d4
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
e2efe220662dd9a54582aa6ab3f6d9fcaf0341710d0b01aa051fc09258ff9e6e

go.lnkpth.com Open in urlscan Pro 172.255.232.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

75 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

27 kBTransfer

33 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

22 Cookies

Indicators

go.lnkpth.com Open in urlscan Pro
172.255.232.140 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

27 kB
Transfer

33 kB
Size

22
Cookies

4 HTTP transactions
1 data transactions