Submitted URL: http://valorka.com/rd/c156312LeyZf21299234uzTz3Pll40324CeiN5369
Effective URL: https://opqaralo.info/nlp/index.php?s1=66d249ztw5mc33&url_bnm_redirect=https://umqx.offerslinkedout.com/
Submission: On August 17 via api from BE — Scanned from DE

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 3 HTTP transactions. The main IP is 178.62.124.21, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is opqaralo.info.
TLS certificate: Issued by R3 on August 15th 2023. Valid for: 3 months.
This is the only time opqaralo.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.242.161.222 207709 (HIZHOSTING)
1 1 34.241.24.80 16509 (AMAZON-02)
1 1 35.204.218.225 396982 (GOOGLE-CL...)
1 2 178.62.124.21 14061 (DIGITALOC...)
3 3
Apex Domain
Subdomains
Transfer
2 opqaralo.info
opqaralo.info
959 B
2 valorka.com
valorka.com
584 B
1 aptrk1.com
aptrk1.com
726 B
1 track-lelo.com
track-lelo.com
308 B
0 offerslinkedout.com Failed
umqx.offerslinkedout.com Failed
3 5
Domain Requested by
2 opqaralo.info 1 redirects valorka.com
2 valorka.com 1 redirects
1 aptrk1.com 1 redirects
1 track-lelo.com 1 redirects
0 umqx.offerslinkedout.com Failed
3 5

This site contains no links.

Subject Issuer Validity Valid
opqaralo.info
R3
2023-08-15 -
2023-11-13
3 months crt.sh

This page contains 1 frames:

Frame: https://umqx.offerslinkedout.com/?s1=66d249ztw5mc33
Frame ID: 32E35BCA7BFF9EB439DBCC214A7EED7D
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://valorka.com/rd/c156312LeyZf21299234uzTz3Pll40324CeiN5369 Page URL
  2. http://valorka.com/track/c156312LeyZf21299234uzTz3Pll40324CeiN5369 HTTP 302
    https://track-lelo.com/?a=5190&oc=17398&c=47383&m=3&s1=10&s2=5369-156312&s3=21299234-3-40324 HTTP 302
    https://aptrk1.com/?a=5190&oc=17398&c=47383&m=3&s1=10&s2=5369-156312&s3=21299234-3-40324&ckmgui... HTTP 302
    https://opqaralo.info/ck2bl3k.php?key=nrdllin0sgxr1jmzbkf7&t1=320216801&t2=5190 HTTP 302
    https://opqaralo.info/nlp/index.php?s1=66d249ztw5mc33&url_bnm_redirect=https://umqx.offerslinkedou... Page URL

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

1 kB
Transfer

0 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://valorka.com/rd/c156312LeyZf21299234uzTz3Pll40324CeiN5369 Page URL
  2. http://valorka.com/track/c156312LeyZf21299234uzTz3Pll40324CeiN5369 HTTP 302
    https://track-lelo.com/?a=5190&oc=17398&c=47383&m=3&s1=10&s2=5369-156312&s3=21299234-3-40324 HTTP 302
    https://aptrk1.com/?a=5190&oc=17398&c=47383&m=3&s1=10&s2=5369-156312&s3=21299234-3-40324&ckmguid=0733a2b3-0f53-41cd-b2a5-aa64e9496cc7 HTTP 302
    https://opqaralo.info/ck2bl3k.php?key=nrdllin0sgxr1jmzbkf7&t1=320216801&t2=5190 HTTP 302
    https://opqaralo.info/nlp/index.php?s1=66d249ztw5mc33&url_bnm_redirect=https://umqx.offerslinkedout.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
c156312LeyZf21299234uzTz3Pll40324CeiN5369
valorka.com/rd/
243 B
360 B
Document
General
Full URL
http://valorka.com/rd/c156312LeyZf21299234uzTz3Pll40324CeiN5369
Protocol
HTTP/1.1
Server
185.242.161.222 Istanbul, Turkey, ASN207709 (HIZHOSTING, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
243
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 16:12:57 GMT
Primary Request index.php
opqaralo.info/nlp/
Redirect Chain
  • http://valorka.com/track/c156312LeyZf21299234uzTz3Pll40324CeiN5369
  • https://track-lelo.com/?a=5190&oc=17398&c=47383&m=3&s1=10&s2=5369-156312&s3=21299234-3-40324
  • https://aptrk1.com/?a=5190&oc=17398&c=47383&m=3&s1=10&s2=5369-156312&s3=21299234-3-40324&ckmguid=0733a2b3-0f53-41cd-b2a5-aa64e9496cc7
  • https://opqaralo.info/ck2bl3k.php?key=nrdllin0sgxr1jmzbkf7&t1=320216801&t2=5190
  • https://opqaralo.info/nlp/index.php?s1=66d249ztw5mc33&url_bnm_redirect=https://umqx.offerslinkedout.com/
96 B
363 B
Document
General
Full URL
https://opqaralo.info/nlp/index.php?s1=66d249ztw5mc33&url_bnm_redirect=https://umqx.offerslinkedout.com/
Requested by
Host: valorka.com
URL: http://valorka.com/rd/c156312LeyZf21299234uzTz3Pll40324CeiN5369
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
178.62.124.21 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://valorka.com/rd/c156312LeyZf21299234uzTz3Pll40324CeiN5369
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 16:12:58 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 16:12:58 GMT
Location
https://opqaralo.info/nlp/index.php?s1=66d249ztw5mc33&url_bnm_redirect=https://umqx.offerslinkedout.com/
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
/
umqx.offerslinkedout.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
umqx.offerslinkedout.com
URL
https://umqx.offerslinkedout.com/?s1=66d249ztw5mc33

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.aptrk1.com/ Name: st
Value: zOKAxEizkG6bTrnUmm1PTTQPPBw/TaaPfba6wcFTwSzPs/JvjTvMQQ==
.aptrk1.com/ Name: tm
Value: Ou4er8ABX8N6D2PIXI6NSjQPPBw/TaaPfba6wcFTwSzPs/JvjTvMQQ==
.aptrk1.com/ Name: c12659
Value: zOKAxEizkG5VdybCKze3m808yXmyy+Q+nWw19t50wEePIT8S0HBLeQ==
opqaralo.info/ Name: uclick
Value: 9ztw5m
opqaralo.info/ Name: uclickhash
Value: 9ztw5m-9ztw5m-e2-0-xs8n-k28n-ghfe-db10d2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aptrk1.com
opqaralo.info
track-lelo.com
umqx.offerslinkedout.com
valorka.com
umqx.offerslinkedout.com
178.62.124.21
185.242.161.222
34.241.24.80
35.204.218.225