domantinis.qltrk.com

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 167.235.217.27, located in Bühl, Germany and belongs to HETZNER-AS, DE. The main domain is domantinis.qltrk.com.
TLS certificate: Issued by GoGetSSL RSA DV CA on November 7th 2023. Valid for: a year.

This is the only time domantinis.qltrk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.33.115.209 45.33.115.209	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6	167.235.217.27 167.235.217.27	24940 (HETZNER-AS) (HETZNER-AS)
1	35.190.45.235 35.190.45.235	15169 (GOOGLE) (GOOGLE)
7	2

2 45.33.115.209 (Richardson, United States) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: mta0.almadecine.com

almadecine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 167.235.217.27 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.27.217.235.167.clients.your-server.de

domantinis.qltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.45.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.45.190.35.bc.googleusercontent.com

www.o8vfktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	qltrk.com domantinis.qltrk.com	40 KB
2	almadecine.com 2 redirects almadecine.com	711 B
1	o8vfktrk.com www.o8vfktrk.com
7	3

	Domain	Requested by
6	domantinis.qltrk.com	domantinis.qltrk.com
2	almadecine.com	2 redirects
1	www.o8vfktrk.com	domantinis.qltrk.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
*.qltrk.com GoGetSSL RSA DV CA	`2023-11-07` - `2024-11-07`	a year	crt.sh
o8vfktrk.com Starfield Secure Certificate Authority - G2	`2023-12-22` - `2025-01-22`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.o8vfktrk.com/cmp/3R22143S11/3GR1X/
Frame ID: 886CDBFAD6DD38A97C15BC0720E74D78
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Please Wait

Page URL History Show full URLs

http://almadecine.com/latest/index.php/campaigns/qj27856m49b2d/track-url/oj815lpazea6d/1b0f54b73d3... HTTP 301
https://almadecine.com/click HTTP 302
https://domantinis.qltrk.com/r/main Page URL
https://domantinis.qltrk.com/r/main?slow=984 Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

40 kB
Transfer

85 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://almadecine.com/latest/index.php/campaigns/qj27856m49b2d/track-url/oj815lpazea6d/1b0f54b73d38efa3914c92ce6fde8c34352ddc5e HTTP 301
https://almadecine.com/click HTTP 302
https://domantinis.qltrk.com/r/main Page URL
https://domantinis.qltrk.com/r/main?slow=984 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://almadecine.com/latest/index.php/campaigns/qj27856m49b2d/track-url/oj815lpazea6d/1b0f54b73d38efa3914c92ce6fde8c34352ddc5e HTTP 301
https://almadecine.com/click HTTP 302
https://domantinis.qltrk.com/r/main

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	main Show response domantinis.qltrk.com/r/ Redirect Chain http://almadecine.com/latest/index.php/campaigns/qj27856m49b2d/track-url/oj815lpazea6d/1b0f54b73d38efa3914c92ce6fde8c34352ddc5e https://almadecine.com/click https://domantinis.qltrk.com/r/main	85 KB 32 KB	1118ms 683ms	Document text/html	167.235.217.27 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://domantinis.qltrk.com/r/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.217.27 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.27.217.235.167.clients.your-server.de Software nginx / PHP/7.4.33 Resource Hash `72390e30a9ab4c1113a5d9e9b75d0ef6e3e67e1f4065c8a21858b71fccbf1422` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache, private no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 11 Mar 2024 21:48:32 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/7.4.33 x-ratelimit-limit 101 x-ratelimit-remaining 100 Redirect headers Connection Keep-Alive Content-Length 219 Content-Type text/html; charset=iso-8859-1 Date Mon, 11 Mar 2024 21:48:31 GMT Keep-Alive timeout=5, max=100 Location https://domantinis.qltrk.com/r/main Server Apache
GET H2	200	861 domantinis.qltrk.com/qlick/filter-image/984/	2 B 1 KB	332ms 332ms	Image text/html	167.235.217.27 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://domantinis.qltrk.com/qlick/filter-image/984/861 Requested by Host: domantinis.qltrk.com URL: https://domantinis.qltrk.com/r/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.217.27 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.27.217.235.167.clients.your-server.de Software nginx / PHP/7.4.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer https://domantinis.qltrk.com/r/main User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 21:48:32 GMT content-encoding gzip server nginx x-powered-by PHP/7.4.33 vary Accept-Encoding x-ratelimit-remaining 199 content-type text/html; charset=UTF-8 cache-control no-cache, private, no-store, no-cache, must-revalidate, max-age=0 x-ratelimit-limit 200
GET H2	200	861 domantinis.qltrk.com/qlick/filter-jquery/984/	2 B 1 KB	336ms 335ms	XHR text/html	167.235.217.27 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://domantinis.qltrk.com/qlick/filter-jquery/984/861 Requested by Host: domantinis.qltrk.com URL: https://domantinis.qltrk.com/r/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.217.27 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.27.217.235.167.clients.your-server.de Software nginx / PHP/7.4.33 Resource Hash Request headers Accept / Referer https://domantinis.qltrk.com/r/main X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 21:48:32 GMT content-encoding gzip server nginx x-powered-by PHP/7.4.33 vary Accept-Encoding x-ratelimit-remaining 199 content-type text/html; charset=UTF-8 cache-control no-cache, private, no-store, no-cache, must-revalidate, max-age=0 x-ratelimit-limit 200
GET H2	200	861 domantinis.qltrk.com/qlick/filter-javascript/984/	2 B 1 KB	362ms 362ms	XHR text/html	167.235.217.27 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://domantinis.qltrk.com/qlick/filter-javascript/984/861 Requested by Host: domantinis.qltrk.com URL: https://domantinis.qltrk.com/r/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.217.27 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.27.217.235.167.clients.your-server.de Software nginx / PHP/7.4.33 Resource Hash Request headers Referer https://domantinis.qltrk.com/r/main X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 21:48:32 GMT content-encoding gzip server nginx x-powered-by PHP/7.4.33 vary Accept-Encoding x-ratelimit-remaining 199 content-type text/html; charset=UTF-8 cache-control no-cache, private, no-store, no-cache, must-revalidate, max-age=0 x-ratelimit-limit 200
GET H2	200	861 domantinis.qltrk.com/qlick/filter-iframe/984/	2 B 1 KB	345ms 345ms	XHR text/html	167.235.217.27 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://domantinis.qltrk.com/qlick/filter-iframe/984/861 Requested by Host: domantinis.qltrk.com URL: https://domantinis.qltrk.com/r/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.217.27 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.27.217.235.167.clients.your-server.de Software nginx / PHP/7.4.33 Resource Hash Request headers Referer https://domantinis.qltrk.com/r/main X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 21:48:32 GMT content-encoding gzip server nginx x-powered-by PHP/7.4.33 vary Accept-Encoding x-ratelimit-remaining 199 content-type text/html; charset=UTF-8 cache-control no-cache, private, no-store, no-cache, must-revalidate, max-age=0 x-ratelimit-limit 200
GET H2	200	Primary Request main Show response domantinis.qltrk.com/r/	596 B 3 KB	652ms 652ms	Document text/html	167.235.217.27 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://domantinis.qltrk.com/r/main?slow=984 Requested by Host: domantinis.qltrk.com URL: https://domantinis.qltrk.com/r/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.217.27 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.27.217.235.167.clients.your-server.de Software nginx / PHP/7.4.33 Resource Hash `23f3e5bfce72877c3b29ccae8eb6d6d369f8c5058021fdf7467f4ab7dbb800a2` Request headers Referer https://domantinis.qltrk.com/r/main Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache, private no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 11 Mar 2024 21:48:33 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/7.4.33 x-ratelimit-limit 101 x-ratelimit-remaining 100
GET H2	204	/ www.o8vfktrk.com/cmp/3R22143S11/3GR1X/	0 0	356ms 62ms	Document text/plain	35.190.45.235 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.o8vfktrk.com/cmp/3R22143S11/3GR1X/ Requested by Host: domantinis.qltrk.com URL: https://domantinis.qltrk.com/r/main?slow=984 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.45.235 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 235.45.190.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 11 Mar 2024 21:48:34 GMT server nginx vary Origin via 1.1 google x-eflow-request-id ed99e345-bf6d-4e31-b2b7-50d61e79fe85

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
domantinis.qltrk.com/	1970-01-20 19:03:13	Name: lpp Value: 2
.qltrk.com/	1970-01-21 04:39:13	Name: XSRF-TOKEN Value: eyJpdiI6IjdiaGpUYTdjVlNqbWg3SUxaVCtpWkE9PSIsInZhbHVlIjoickRpWCtKWGc0ZlhubHNMQ0xPQUR0dmtCZW5uSWticzEybUpnYkU1MDNlZ3dKTTJpWUl1YjVWMWtBZlpVdGtsMG9WYzc4YzI3bkV1NGFGU0hUcjBwN2pwcmFDS0FzbDRDRUJHYUQ0TDBET0NlTklUb25VWWFvMm9YV0ZkZE5LdlkiLCJtYWMiOiI3YzFlZGNiYjExNGNiNWM4MWIxNjk4NGRkODQxMGY5M2VlMGZjMWMyNTNhYzczNzRiMWIzZjQ0YjFiOGVmYmMyIn0%3D
.qltrk.com/	1970-01-21 04:39:13	Name: qlikersession Value: eyJpdiI6InYxQnV6R1ZCMzNkOVkxZElHSm9lWlE9PSIsInZhbHVlIjoiZ1FTdjZScEkwV0FDN3hQZTVrQXN4T0h5YnFIYnpDNzl2d2syNmZ1UEdqNS95a21PM3crVXlxTUZuY2syUmFOek4wVGlyZjBWYmt5c0dsYS9UTGMvQkMycldiMENObThtdUk0aVV4L3hOK2ZVS0kzVFI2dE8xRndzRWRSbk5sanUiLCJtYWMiOiIzMTQ3YmVmNWI2OTczMGY4YTMyYmY2NGU2MGZlOTIwNGE2YTZlYzUyYzcxMmU2ZDljY2YxZTU0MDc5OGU0MzhiIn0%3D
.qltrk.com/	1970-01-21 03:48:49	Name: rn Value: eyJpdiI6IlBuM0hwd0IvZ2NOTVNFODdqMGFKVnc9PSIsInZhbHVlIjoiMWZwTGdGcjVOaElxTng3VG1KbEtNc0hxa3BEMExvOVRER3EyUDRpM2J6MkQ1SFdUQmdrNHp2c1kwMDB1NTNMWXBvdmpDSk9mVStZVUMzajJVVEFrcHdqNXZOYjlwWFdBTmRHVGl0dzR6R3c9IiwibWFjIjoiNzIzMzQ1MDQ5ODY4NGNlMDVkZmMzZmEyYWY3YzRlNjc5NjY4NWNmN2JjNjVkNzFlMDA3YTBkYjQ5ZWQzNWQ4MCJ9
.qltrk.com/	1970-01-21 03:48:49	Name: rnl Value: eyJpdiI6IkFuSEpBNlZ6ckRoVlE3Vys1YysrZ0E9PSIsInZhbHVlIjoiWFVHTXhuVHFsMFIvTVNGWnJ2V1ArSGV6UGNFNUhUQWpsWVlaOWxFWWRHdG1TVWV2eWJLS3RHdzMzd3RFVTZnWHVzcmdobkxpOVpWRU5SM0FOVy9zZUxKd21hNXB5UmViSVRJU0hMelNLVVk9IiwibWFjIjoiYTUyOGEwNjMyZmE3YWZiNDU4M2NlOGQyYWU0NjdlMzY4ZDcxNTcwZmQ1MTI3YjFkYTM0OGNjMmE1YmU3YzlkMSJ9
domantinis.qltrk.com/	1969-12-31 23:59:59	Name: QLAPI Value: 2e72c0089e023c2505817d30f3d40cbf\|Ze98N\|Ze98M

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

almadecine.com
domantinis.qltrk.com
www.o8vfktrk.com
167.235.217.27
35.190.45.235
45.33.115.209
23f3e5bfce72877c3b29ccae8eb6d6d369f8c5058021fdf7467f4ab7dbb800a2
72390e30a9ab4c1113a5d9e9b75d0ef6e3e67e1f4065c8a21858b71fccbf1422
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

domantinis.qltrk.com Open in urlscan Pro 167.235.217.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

40 kBTransfer

85 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

6 Cookies

Indicators

domantinis.qltrk.com Open in urlscan Pro
167.235.217.27 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

40 kB
Transfer

85 kB
Size

6
Cookies

7 HTTP transactions
0 data transactions