link.do
Open in
urlscan Pro
2606:4700:30::681f:4c51
Public Scan
Submission: On January 04 via automatic, source phishtank
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 27th 2018. Valid for: 6 months.
This is the only time link.do was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:30:... 2606:4700:30::681f:4c51 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 52.19.25.245 52.19.25.245 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
5 | 3 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-25-245.eu-west-1.compute.amazonaws.com
track.omgpl.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
link.do
link.do |
48 KB |
1 |
omgpl.com
track.omgpl.com |
|
0 |
guavaberryjuices.com
Failed
guavaberryjuices.com Failed |
|
5 | 3 |
Domain | Requested by | |
---|---|---|
3 | link.do |
link.do
|
1 | track.omgpl.com |
link.do
|
0 | guavaberryjuices.com Failed |
link.do
|
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni89362.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-12-27 - 2019-07-05 |
6 months | crt.sh |
*.omguk.com Amazon |
2018-10-16 - 2019-11-16 |
a year | crt.sh |
This page contains 2 frames:
Frame:
https://guavaberryjuices.com/redir.php
Frame ID: 7222B34CB5FAD16746388713840663A9
Requests: 4 HTTP requests in this frame
Frame:
https://track.omgpl.com/?AID=1276226&PID=31159&CRID=174320&WID=83351&UID=ld&UID2=ld
Frame ID: 2269A4CF9535FACB59D079EB60E2440C
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
redirect.php
link.do/ |
986 B 701 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load.gif
link.do/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
link.do/ |
95 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
track.omgpl.com/ Frame 2269 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
redir.php
guavaberryjuices.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- guavaberryjuices.com
- URL
- https://guavaberryjuices.com/redir.php
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.link.do/ | Name: __cfduid Value: d27a3192e2ad45ceff7e8d1b785bd493d1546575980 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
guavaberryjuices.com
link.do
track.omgpl.com
guavaberryjuices.com
2606:4700:30::681f:4c51
52.19.25.245
37ecf95d982a1856b207c91316685db43d0655463f1914c192c768e6a7b1217f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
b57c25e8064417efe9fd1564e986ac8bf515eb767588a3cd5b9900b92ce600d3