urlscan.io logo urlscan.io
SecurityTrails logo

katex.vip Open in urlscan Pro
2001:67c:2070:c868::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://katex.vip/
Effective URL: https://katex.vip/
Submission: On October 25 via manual from EG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 2 HTTP transactions. The main IP is 2001:67c:2070:c868::1, located in Kyiv, Ukraine and belongs to UKRAINE-AS, UA. The main domain is katex.vip.
TLS certificate: Issued by R10 on October 1st 2024. Valid for: 3 months.
This is the only time katex.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2001:67c:2070... 200000 (UKRAINE-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
2 lnkpth.com
go.lnkpth.com
1 KB
1 bigdi.top
15os.bigdi.top
1 KB
1 scpooj.com
scpooj.com
961 B
1 katex.vip
katex.vip
335 B
2 4
Domain Requested by
2 go.lnkpth.com 1 redirects katex.vip
1 15os.bigdi.top 1 redirects
1 scpooj.com 1 redirects
1 katex.vip
2 4

This site contains no links.

Subject Issuer Validity Valid
katex.vip
R10		 2024-10-01 -
2024-12-30		 3 months crt.sh
lnkpth.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://katex.vip/
Frame ID: 1678E59B4671426BC1569056466C8BAF
Requests: 1 HTTP requests in this frame

Frame: https://go.lnkpth.com/cl?offer_id=8295&aff_id=49222&url_id=0&aff_sub5=network&click_id=64709g5zwvca6bld11&aff_sub=4998&source=4998&bofc=aff_c
Frame ID: EB7025FE1C0E7EA7B04307719202424A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://katex.vip/ HTTP 307
    https://katex.vip/ Page URL

Page Statistics

2
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

0 kB
Transfer

0 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://katex.vip/ HTTP 307
    https://katex.vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://scpooj.com/click?o=2&a=4998&sub_id1=Eugene HTTP 302
  • https://15os.bigdi.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=d8bd62e73232e9e86ea4e7b9361485ba&a=4998&landing=&sub_id1=Eugene&scGeo=DE HTTP 302
  • https://go.lnkpth.com/aff_c?offer_id=8295&aff_id=49222&url_id=0&aff_sub5=network&click_id=64709g5zwvca6bld11&aff_sub=4998&source=4998 HTTP 302
  • https://go.lnkpth.com/cl?offer_id=8295&aff_id=49222&url_id=0&aff_sub5=network&click_id=64709g5zwvca6bld11&aff_sub=4998&source=4998&bofc=aff_c

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
katex.vip/
Redirect Chain
  • http://katex.vip/
  • https://katex.vip/
478 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://katex.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:2070:c868::1 Kyiv, Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
121307b3aaeafde0b98dfdfafb508eb979765d81cc76fa698ddb815c16dd54f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 25 Oct 2024 00:59:10 GMT
server
nginx
x-ray
dhs633:0.000/wa633:D=4076

Redirect headers

Location
https://katex.vip/
Non-Authoritative-Reason
HttpsUpgrades
cl
go.lnkpth.com/ Frame EB70
Redirect Chain
  • https://scpooj.com/click?o=2&a=4998&sub_id1=Eugene
  • https://15os.bigdi.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=d8bd62e73232e9e86ea4e7b9361485ba&a=4998&landing=&sub_id1=Eugene&scGeo=DE
  • https://go.lnkpth.com/aff_c?offer_id=8295&aff_id=49222&url_id=0&aff_sub5=network&click_id=64709g5zwvca6bld11&aff_sub=4998&source=4998
  • https://go.lnkpth.com/cl?offer_id=8295&aff_id=49222&url_id=0&aff_sub5=network&click_id=64709g5zwvca6bld11&aff_sub=4998&source=4998&bofc=aff_c
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://go.lnkpth.com/cl?offer_id=8295&aff_id=49222&url_id=0&aff_sub5=network&click_id=64709g5zwvca6bld11&aff_sub=4998&source=4998&bofc=aff_c
Requested by
Host: katex.vip
URL: https://katex.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:81ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
8d7e4335aeff040f-CDG
content-encoding
br
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 25 Oct 2024 00:59:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
priority
u=0,i
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVCod%2BtZrFI1ssDZByUDW6a9hYHJX1bMuaH2f5R4%2Fw4zxEVCwtq1B2sKpdOUZFKDEKiwYmq03pZ32R0XyI4UD1uBd5M4zsL6ZiBzBcSp8K73U4fApKhjCCCPJsRWPZWTIZCE%2BFYypP81r7Fp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46999&sent=16&recv=12&lost=0&retrans=0&sent_bytes=5795&recv_bytes=5022&delivery_rate=27560&cwnd=12000&unsent_bytes=0&cid=f3a70a2c660885ed&ts=234&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
8d7e4334fecc040f-CDG
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 25 Oct 2024 00:59:11 GMT
location
https://go.lnkpth.com/cl?offer_id=8295&aff_id=49222&url_id=0&aff_sub5=network&click_id=64709g5zwvca6bld11&aff_sub=4998&source=4998&bofc=aff_c
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
priority
u=0,i
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTBKlW2xEf%2BETFehmO8bbPS9WQz9KX4PLZy2jcawxZ%2FO5KXL4n4yTURhU4eUQLAbcIoiuzRB10GTl65TobF5ibA%2F%2FUaDVHJPq6HA9t3rxFnW38O4nF4%2BB%2Fy0o2ZKAtaZqxFYFZSTtU2icvz1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=45850&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4130&recv_bytes=4378&delivery_rate=69874&cwnd=12000&unsent_bytes=0&cid=f3a70a2c660885ed&ts=94&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

4 Cookies

Domain/Path Name / Value
scpooj.com/ Name: U-c81e728d9d4c2f636f067f89cc14862c
Value: unique
scpooj.com/ Name: o_c81e728d9d4c2f636f067f89cc14862c
Value: 470e6997-b206-4f87-87b3-061017828d4b
15os.bigdi.top/ Name: uclick
Value: g5zwvca6vr
15os.bigdi.top/ Name: uclickhash
Value: g5zwvca6vr-g5zwvca6bl-vr-xsgx-fnj2-4kd5i4-4kj60-1bead1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15os.bigdi.top
go.lnkpth.com
katex.vip
scpooj.com
2001:67c:2070:c868::1
2606:4700:3030::6815:37a
2606:4700:3032::ac43:9117
2606:4700:3036::ac43:81ca
121307b3aaeafde0b98dfdfafb508eb979765d81cc76fa698ddb815c16dd54f4