urlscan.io logo urlscan.io
SecurityTrails logo

linkt-pay.com Open in urlscan Pro
172.67.189.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cpanel.lta-onemotoring.com/
Effective URL: https://linkt-pay.com/reactivate-suspended
Submission: On April 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 172.67.189.169, located in United States and belongs to CLOUDFLARENET, US. The main domain is linkt-pay.com.
TLS certificate: Issued by GTS CA 1P5 on March 19th 2024. Valid for: 3 months.
This is the only time linkt-pay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.221.11 13335 (CLOUDFLAR...)
1 8 172.67.189.169 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
8 linkt-pay.com
linkt-pay.com
23 KB
1 lta-onemotoring.com
cpanel.lta-onemotoring.com
494 B
7 2
Domain Requested by
8 linkt-pay.com 1 redirects linkt-pay.com
1 cpanel.lta-onemotoring.com 1 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid
linkt-pay.com
GTS CA 1P5		 2024-03-19 -
2024-06-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://linkt-pay.com/reactivate-suspended
Frame ID: A080457A54476AAA28E1536C1257A6C1
Requests: 5 HTTP requests in this frame

Frame: https://linkt-pay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 461F79C0B87C34FD2232CA19A92B5EF7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://cpanel.lta-onemotoring.com/ HTTP 301
    https://linkt-pay.com/reactivate-suspended Page URL
  2. https://linkt-pay.com/reactivate-suspended Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

22 kB
Transfer

23 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cpanel.lta-onemotoring.com/ HTTP 301
    https://linkt-pay.com/reactivate-suspended Page URL
  2. https://linkt-pay.com/reactivate-suspended Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cpanel.lta-onemotoring.com/ HTTP 301
  • https://linkt-pay.com/reactivate-suspended
Request Chain 2
  • https://linkt-pay.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://linkt-pay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
reactivate-suspended
linkt-pay.com/
Redirect Chain
  • https://cpanel.lta-onemotoring.com/
  • https://linkt-pay.com/reactivate-suspended
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://linkt-pay.com/reactivate-suspended
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4bb6fd1a83675ad1e4792aa0145f18654da2ce8b7d30b7700aa893a5bc9ca2
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
878ce8bd5f251c20-FRA
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 09:43:25 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oq%2FuPmEELRza3kbVB5Td9tEEqjWuajd2W6BA5AL%2BfRJkGhjrs54UQdRJO1R0z%2FowK%2F1D%2FtyEiIOUsWdqVvyX3jOel%2FmoFZt%2FN0ejdnsCP0EVn5ulA8HoIuFIuHVTvaZi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
max-age=3600
cf-ray
878ce8bd0fc09142-FRA
content-length
167
content-type
text/html
date
Tue, 23 Apr 2024 09:43:24 GMT
expires
Tue, 23 Apr 2024 10:43:24 GMT
location
https://linkt-pay.com/reactivate-suspended
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g78NhWJCY4IiUu4ErIUicqff%2BE5QYehwJieN5SGG9CUWiBCujEPr5RR304GMl9p9myhYpxW2NyL14R1Vm7zmNehCSx6f0XiXbOEVuRVZiYi%2B%2BSxf9jULucz6GbljP0XphcawM5dKV3nKuUT9Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
reactivate-suspended
linkt-pay.com/ 		0
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkt-pay.com/reactivate-suspended
Requested by
Host: linkt-pay.com
URL: https://linkt-pay.com/reactivate-suspended
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Requested-TimeStamp-Expire
Accept-Language
de-DE,de;q=0.9;q=0.9
G4oQquwmUYVaufk5UKQ7sqDONOw
42282446
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
StidoLX5nwFOL7Tcze3IggynS0
c8igAss5nfvLwoSw2DL4Z55Pag4
Referer
https://linkt-pay.com/reactivate-suspended
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 09:43:25 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0JWh05Pq6GY4eBlpscfBVUzA2lzLaXoE4C%2Fs1ireYV0Hilm1pkRr%2Bkii2IS8ZZx00DKKpBAx8qzh1gxX5BLWFPUR3FN3w6dCQdHjjmNS2sGbOci9Wg59%2F3y%2FyVycSDI"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
878ce8beb8cf1c20-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
linkt-pay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 461F
Redirect Chain
  • https://linkt-pay.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://linkt-pay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkt-pay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H3
Server
172.67.189.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7eccfeae069d10a125f2d92f9958442da55fa245683932e0ddf10246c32fad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Apr 2024 09:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nGdmfmicK0B%2BGvhYMQrrJ%2FlhHwe5hMK0gu%2Fry1sMBY6BJ7tMeyNwTKbAHR21huYoUrZA1a%2FQCkmMkZVFFFjwq7XEMqabpTJVVDNLQvwLPzVNw%2FDNZrvuJBW6A9Zog8u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
878ce8bec8eb1c20-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 23 Apr 2024 09:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nW4RHtvEHzOYxBIndzKRhLXB2%2F%2FNvt3t16uRp%2Fy%2FzPcEC0pzlbny3oTCufuAb6gmWRZYSe8D%2FKcaw86Qf7wfh317onJRAEvQzxAjyJgmYQv7qcspTYVlkXb1FTa2qLVZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control
max-age=300, public
cf-ray
878ce8beb8d21c20-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
linkt-pay.com/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://linkt-pay.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://linkt-pay.com/reactivate-suspended
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 09:43:25 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Imfej7Car6bp3YYFT49lnSK5bAOFggLYoSePSR51gO7ZHezg3%2F1Ll4e3CjQI59YpRWT3hEpHwbNgyNVGQ0xMcI6F5OEE0X1zpgRIeuOgS%2Bmidwkoi%2BQ%2Bvh1XjF8dfZx5"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
878ce8bec8da1c20-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
878ce8bd5f251c20
linkt-pay.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 461F 		0
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkt-pay.com/cdn-cgi/challenge-platform/h/b/jsd/r/878ce8bd5f251c20
Requested by
Host: linkt-pay.com
URL: https://linkt-pay.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Apr 2024 09:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXtnBN%2Bf5HVI9P8SufHYm4JyUGiFWWipqhvwgWDVsJ6SFAnxB87My1C5g0Jr4p8iD7EKZkuOmaqzxgpYAwUjNyVVVWSuHF2z%2Bd%2FKtpMMD303BDgNLN7brMhymEdTTI4I"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
878ce8c04a791c20-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
Primary Request reactivate-suspended
linkt-pay.com/ 		548 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://linkt-pay.com/reactivate-suspended
Requested by
Host: linkt-pay.com
URL: https://linkt-pay.com/reactivate-suspended
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://linkt-pay.com/reactivate-suspended
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
878ce8c0fb2d1c20-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Apr 2024 09:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03pT0CC%2BMTVTHdFQIW5oR%2FsMOwIaU3%2BttmRS2xlskLdyfFzo0L%2BVWyhS8zD66QCFRNBEbjjrSNsdnv%2FWaurbZ8HM72rcRKt7RYg7TtMrhlfoWoATykm93RnlSKruU9b9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
linkt-pay.com/ 		548 B
625 B 		Other
General
Check archive.org
Download Go to
Full URL
https://linkt-pay.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://linkt-pay.com/reactivate-suspended
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 23 Apr 2024 09:43:26 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FPwY%2BOB%2BHEgGmak5Tqc9wkO%2BrwlyQOtfMvZ5emcJEld1vW4JazO0k6UAiV4GDvOjxseq1JCof%2FwcsT08Ea8yNRpWCXMFr9bSgmoWrvQfOSSBK%2B%2FMzd9vw56dyppaiCxJ"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
878ce8c3ae161c20-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Domain/Path Name / Value
linkt-pay.com/ Name: hNTH4wvGYAIC3wV-u1PYaTpGv1w
Value: wga6MVEcbha0faiYy0Sld13DahE
linkt-pay.com/ Name: ZzHUIPNQ9HP5TZ8kJbVS17BqiuU
Value: -co6gzWQHsvIJ3jTooB9JHQmB8g
linkt-pay.com/ Name: 1F3fj7PQZunH1piL1X85kGQEOF8
Value: RijID0Cv5WCSpSMd5LtsiPvrox0
linkt-pay.com/ Name: q_4VsJstCx6lgW_E39dC8GXz_ig
Value: n9l9RFWkAclkyyrhlL_LoKckowE
linkt-pay.com/ Name: KP5nkWrXR4IK4XyitcK4aY5iA40
Value: 1713865404
linkt-pay.com/ Name: 29P0svqxNhhJLm3SIBfLJFxFpOQ
Value: 1713951804
linkt-pay.com/ Name: PLTu904GcQej4HcQgX20stSdljU
Value: h7Quk5I6hHNyPJqnAfxLDzGZfU0
linkt-pay.com/ Name: XaciFLvqFDal5YQDg6fNKzK9Zis
Value: _fy5IFtYTRZzp-MeeZ75ptTALmA
linkt-pay.com/ Name: Y-Lht2zpKQXevqHgO65fS4rf6XQ
Value: 1713865397
linkt-pay.com/ Name: XB1gDbAleDnJLGNjOo5ifFtEY-0
Value: 1713951797
linkt-pay.com/ Name: 3oJ7ZQagVvboBOp5v4wqic3Tgtc
Value: FRubTABJz18aZaUT6a7M-ZpITFU
.linkt-pay.com/ Name: cf_clearance
Value: SuB96YxPmMUpBYaBDxUaQj4NE7a4H4tMfO3GgrqP8ko-1713865405-1.0.1.1-EjbPBvsA5XeEdnwpEs55TBth2YoHRSPElfpfD0uC3IpGSwRv7FFiiP2w9GniOalY6ogzcyAFzybvXy_PaZRWUw

4 Console Messages

Source Level URL
Text
network error URL: https://linkt-pay.com/reactivate-suspended
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://linkt-pay.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://linkt-pay.com/reactivate-suspended
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://linkt-pay.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cpanel.lta-onemotoring.com
linkt-pay.com
172.67.189.169
172.67.221.11
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
cf4bb6fd1a83675ad1e4792aa0145f18654da2ce8b7d30b7700aa893a5bc9ca2
fb7eccfeae069d10a125f2d92f9958442da55fa245683932e0ddf10246c32fad