urlscan.io logo urlscan.io
SecurityTrails logo

warriorplus.com Open in urlscan Pro
172.67.68.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://logikalink.com/go
Effective URL: https://warriorplus.com/o2/a/j18tpc/0
Submission: On August 30 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 172.67.68.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is warriorplus.com. The Cisco Umbrella rank of the primary domain is 409891.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2023. Valid for: a year.
This is the only time warriorplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.105.155.178 63949 (AKAMAI-LI...)
2 2 167.235.217.27 24940 (HETZNER-AS)
1 2 172.67.68.35 13335 (CLOUDFLAR...)
3 3
Apex Domain
Subdomains		 Transfer
2 warriorplus.com
warriorplus.com — Cisco Umbrella Rank: 409891
17 KB
2 qltrk.com
rebecca.qltrk.com
4 KB
2 logikalink.com
logikalink.com
846 B
0 cloudflareinsights.com Failed
static.cloudflareinsights.com Failed
3 4
Domain Requested by
2 warriorplus.com 1 redirects
2 rebecca.qltrk.com 2 redirects
2 logikalink.com 1 redirects
0 static.cloudflareinsights.com Failed warriorplus.com
3 4

This site contains no links.

Subject Issuer Validity Valid
www.logikalink.com
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://warriorplus.com/o2/a/j18tpc/0
Frame ID: EF4CBFC1446E34D6F03EABD07F5937C4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://logikalink.com/go HTTP 301
    https://logikalink.com/go/ Page URL
  2. http://rebecca.qltrk.com/r/group1 HTTP 302
    https://rebecca.qltrk.com/r/group2 HTTP 302
    http://warriorplus.com/o2/a/j18tpc/0 HTTP 301
    https://warriorplus.com/o2/a/j18tpc/0 Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

17 kB
Transfer

45 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://logikalink.com/go HTTP 301
    https://logikalink.com/go/ Page URL
  2. http://rebecca.qltrk.com/r/group1 HTTP 302
    https://rebecca.qltrk.com/r/group2 HTTP 302
    http://warriorplus.com/o2/a/j18tpc/0 HTTP 301
    https://warriorplus.com/o2/a/j18tpc/0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://logikalink.com/go HTTP 301
  • https://logikalink.com/go/

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
logikalink.com/go/
Redirect Chain
  • https://logikalink.com/go
  • https://logikalink.com/go/
274 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://logikalink.com/go/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.105.155.178 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
mx.logikalink.com
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
680e90eb895772d7c07e359fb9f5b7a4892bf5e78d1a8668a5f8505d5b57a744

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
200
Content-Type
text/html
Date
Wed, 30 Aug 2023 15:04:28 GMT
ETag
"112-5d30ac7d4a1c0-gzip"
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 13 Dec 2021 17:55:39 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
234
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 30 Aug 2023 15:04:27 GMT
Keep-Alive
timeout=5, max=100
Location
https://logikalink.com/go/
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
Primary Request 0
warriorplus.com/o2/a/j18tpc/
Redirect Chain
  • http://rebecca.qltrk.com/r/group1
  • https://rebecca.qltrk.com/r/group2
  • http://warriorplus.com/o2/a/j18tpc/0
  • https://warriorplus.com/o2/a/j18tpc/0
44 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warriorplus.com/o2/a/j18tpc/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash
16fc1c027aa2c39a4dbb47b0b5d5c2c0cf70c31e23087cf00604ed73b4984cc0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://logikalink.com/go/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7feded59bced2641-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 15:04:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipkxLwn1b%2Fs8UbP0Y1OifFvMS6FGToQ9M5xyFdW3hi13E%2BtwG0j%2BPpBWSjZAbXUCmQ7XcMXEwarhaJ3y6opIJscUEfn88vRGVM0j5Ns45IZunOURmEirqwpkMtUdU6P9Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
x-powered-by
PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7feded56ca8125e7-NRT
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 30 Aug 2023 15:04:35 GMT
Location
https://warriorplus.com/o2/a/j18tpc/0
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT5YoksGgEnhi22cIbbx1B2wnfZ3Xi%2Ff4YxQ27pH9VwGAZrdPYBxUZg2%2BAKEw1HGW3VCR%2B2YFxgoFZFH7%2F03%2BD3Xbyt%2FAPO%2Fu3E4Q3b%2BYlvYX5B%2BvT8uDgxl9Z7gl%2BDPhw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

6 Cookies

Domain/Path Name / Value
.qltrk.com/ Name: rn
Value: eyJpdiI6IitmUzhXUzljSHRXWVJVNWtzbFhGclE9PSIsInZhbHVlIjoic3NZek5Hb093UHFaRmtUM3dNSVc3TWYycGV5ekxpR0swTjM5dWFzTEIzaU5rNXJPVlNxZjUvSnFsVGZvZVdDSnRyUS9POVYvVEl3NzBMcFZtNnNoWURQL1Mzc0dSaDdrQUN3Y0txemVTa009IiwibWFjIjoiMzEwZjEzNTRiNjAyMWYyNzhkNzc3YzA1ZmY4OGFlOTRhYjY1NTJmOTUyYmRiNjk5NDMyZmIyOWEzNDY4YWI0NiJ9
.qltrk.com/ Name: rnl
Value: eyJpdiI6Ikp0TisyNXBZSVI1UXBOUkNlQVppc2c9PSIsInZhbHVlIjoiMzlTWTAvVSt4dVRIZ0pMdHIveEVmNkQ5b1VIeDVqaTB6SEo1aXhsNG42LzRiYm1ldXlDcTBxeHQxSGlpNS9qN3Byd2YzTHNhNjE3c25BVmhOWUJUZGZidG9aR2dRdDdHRFpqc290aUpTajg9IiwibWFjIjoiZTczMTgzNmQ3NmUzNmFmNjBkMGIwNDkyNTQxODI4NWJhNzVjNDYwYzA2MWVmMGNmZDEwMzg4NTA4OTA2ZTY5MiJ9
rebecca.qltrk.com/ Name: QLAPI
Value: 2e72c0089e023c2505817d30f3d40cbf|ZO9ah|ZO9ah
rebecca.qltrk.com/ Name: lpp
Value: 2
.qltrk.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ino5RFNSZFZyZFQ5Q0cvUWYwT1NhTmc9PSIsInZhbHVlIjoiUTBwQUx1bUdQTUM3LzBqQ3VWSmdNUVBWN3IvVVlvUUhOQTNBcUozNzRVRS9aampvVTg4WEE3TmdCSWVSZG9OMEF5MDBKaC9CRE16UW1VM0k1ZkxyVlllc0pwdWtGeWlZUWxodlJKTzN6cXN5MzJ1YlNnR01mVm0raStaekM5SmIiLCJtYWMiOiI3MjEwNmIyMTMyOGI3MDA4ZjU1NTY0MWU5MWJmMWJhNGUyM2NlMmViMjhiODRlZGI2ZDZkODAxYWNlMjM5M2ZmIn0%3D
.qltrk.com/ Name: qlikersession
Value: eyJpdiI6ImIxSlZtVWt5R1ZydEt2Yk5aMGJaUHc9PSIsInZhbHVlIjoiKytMOFVxdnhKY2UzNE9rSDV5Z2lpV3RiQlF5QzdFVzgxMFNxZFlHamRHbjhMZkRNNmNJOXplcUptWDdyRXNkejNrZ0hDTG9XU3MxTERMT2RTaE9iLzFLRGcwRGRTMVg2elEvSm1XQXhTcVpTMDBYY2JSTUU1REpSNWlIM3d0NWUiLCJtYWMiOiJmMjdkZWZlNjE0MTM1ZDZiMDQ1MGFkNjE2OWU1NTlkNzU2NDQ0YWIyOTI2ZmY1NDQ4NGJmZGUxMzlkMTQyZDlkIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

logikalink.com
rebecca.qltrk.com
static.cloudflareinsights.com
warriorplus.com
static.cloudflareinsights.com
167.235.217.27
172.105.155.178
172.67.68.35
16fc1c027aa2c39a4dbb47b0b5d5c2c0cf70c31e23087cf00604ed73b4984cc0
680e90eb895772d7c07e359fb9f5b7a4892bf5e78d1a8668a5f8505d5b57a744