oritak.com Open in urlscan Pro
192.41.73.93  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.extendimprove.co/u/click?z2NGMNNX8V2NRN872TAGNM18t2HFNR08_t=ebc4f89bDc6b4e0b8f6d11f26f764cA4&_m=c9ca6627796e418f9352c8eE814d0516&_e=Lwy2jc-Xvb16BT32dUKZNjoCtrhtIxA_wLpKqtpN8noB6 Page URL
2. http://oritak.com/?a=2&c=13366&p=m&s1=637189&s2=fd10c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

• http://palulp.com/?a=2&c=13366&p=m&s1=637189&s2=fd10c HTTP 302
• https://vu1.yourofferlink.company/?s1=-1-74248479&kw=66

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	click Show response www.extendimprove.co/u/	149 B 431 B	901ms 281ms	Document text/html	209.54.105.252 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://www.extendimprove.co/u/click?z2NGMNNX8V2NRN872TAGNM18t2HFNR08_t=ebc4f89bDc6b4e0b8f6d11f26f764cA4&_m=c9ca6627796e418f9352c8eE814d0516&_e=Lwy2jc-Xvb16BT32dUKZNjoCtrhtIxA_wLpKqtpN8noB6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.105.252 , United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx Apache/2.4.6 (CentOS) PHP/5.6.8 / PHP/7.4.8 PHP/5.6.8 Resource Hash 60d1186a1da3a7a1f3a049edc182e8ed8faaf1b616c8b10d163d5fe04299f12b Request headers Host www.extendimprove.co Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Apache/2.4.6 (CentOS) PHP/5.6.8 Date Mon, 21 Dec 2020 16:26:03 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.4.8 PHP/5.6.8 Content-Encoding gzip
GET H/1.1	200 OK	Primary Request Cookie set / oritak.com/	124 B 538 B	3477ms 3461ms	Document text/html	192.41.73.93 DATABANK-SLC
General Check archive.org Show headers Download Go to Full URL http://oritak.com/?a=2&c=13366&p=m&s1=637189&s2=fd10c Protocol HTTP/1.1 Server 192.41.73.93 Riverton, United States, ASN13951 (DATABANK-SLC, US), Reverse DNS 192-41-73-93.c7dc.com Software nginx/1.4.4 / PHP/5.3.27 Resource Hash Request headers Host oritak.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx/1.4.4 Date Mon, 21 Dec 2020 16:26:07 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.3.27 Set-Cookie PHPSESSID=hr8vpp2pv79ebnaa4aflekbaa6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip
GET		/ vu1.yourofferlink.company/ Redirect Chain http://palulp.com/?a=2&c=13366&p=m&s1=637189&s2=fd10c https://vu1.yourofferlink.company/?s1=-1-74248479&kw=66	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

vu1.yourofferlink.company

URL

https://vu1.yourofferlink.company/?s1=-1-74248479&kw=66

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oritak.com
vu1.yourofferlink.company
www.extendimprove.co
vu1.yourofferlink.company
192.41.73.93
209.54.105.252
60d1186a1da3a7a1f3a049edc182e8ed8faaf1b616c8b10d163d5fe04299f12b