allegrolokkalnie.31115151.xyz

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 104.21.72.194, located in and belongs to CLOUDFLARENET, US. The main domain is allegrolokkalnie.31115151.xyz.

This is the only time allegrolokkalnie.31115151.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	37.140.192.179 37.140.192.179	197695 (AS-REG) (AS-REG)
1 1	104.21.57.227 104.21.57.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.21.72.194 104.21.72.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3

1 37.140.192.179 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: server93.hosting.reg.ru

lerchek-web.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.57.227 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

delivery.valtrex500.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.72.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

allegrolokkalnie.31115151.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	31115151.xyz 1 redirects allegrolokkalnie.31115151.xyz	15 KB
1	valtrex500.com 1 redirects delivery.valtrex500.com	1 KB
1	lerchek-web.online lerchek-web.online	6 KB
2	3

	Domain	Requested by
2	allegrolokkalnie.31115151.xyz	1 redirects
1	delivery.valtrex500.com	1 redirects
1	lerchek-web.online
2	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
lerchek-web.online R3	`2023-07-15` - `2023-10-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://allegrolokkalnie.31115151.xyz/captcha
Frame ID: B0DA96F1C7C3B87BFE769E1996633DAE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jedna chwila...

Page URL History Show full URLs

https://lerchek-web.online/nVLdR Page URL
https://delivery.valtrex500.com/s/p8dgq HTTP 302
https://allegrolokkalnie.31115151.xyz/3cv9epgp HTTP 302
http://allegrolokkalnie.31115151.xyz/captcha Page URL

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

20 kB
Transfer

44 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lerchek-web.online/nVLdR Page URL
https://delivery.valtrex500.com/s/p8dgq HTTP 302
https://allegrolokkalnie.31115151.xyz/3cv9epgp HTTP 302
http://allegrolokkalnie.31115151.xyz/captcha Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 nVLdR Show response
lerchek-web.online/ 17 KB
6 KB 642ms
465ms Document
text/html 37.140.192.179
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://lerchek-web.online/nVLdR

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.179 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server93.hosting.reg.ru

Software

nginx / PHP/8.0.17

Resource Hash

98e2b9654c5238396de51f4ecfc0761b9e5f045fa98da28a0b55b9fb8b7beeea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Jul 2023 17:00:19 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-powered-by: PHP/8.0.17

GET
H/1.1

200
OK

Primary Request captcha Show response
allegrolokkalnie.31115151.xyz/
Redirect Chain

https://delivery.valtrex500.com/s/p8dgq
https://allegrolokkalnie.31115151.xyz/3cv9epgp
http://allegrolokkalnie.31115151.xyz/captcha

20 KB
13 KB

133ms
102ms

Document
text/html

104.21.72.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://allegrolokkalnie.31115151.xyz/captcha

Protocol

HTTP/1.1

Server

104.21.72.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1080d5ea3ac63ebb0c8fe886e423b9d578612d6575b5559bd612f8148fb0ec4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lerchek-web.online/nVLdR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7e948521e880f2b8-WAW
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jul 2023 17:00:20 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLNEFAQ2ccxOqrBSFfFwstre2KYm0DTnKUdzhXspFULgaxQFE81g7eMdrBBnXMhiBv0FZZOfPVo9ZvKRrWrT3myjGd4pYm5DcmJZl%2Bq9xe4VGI7SOGLddWGBRExZsvkbzWnkczxtLIQFDozADxNTVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-RateLimit-Limit: 15
X-RateLimit-Remaining: 14
alt-svc: h3=":443"; ma=86400

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7e9485210a56504f-WAW
content-type: text/html; charset=UTF-8
date: Wed, 19 Jul 2023 17:00:20 GMT
location: http://allegrolokkalnie.31115151.xyz/captcha
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIIvTV8PopUC65wOgly4rA8c7Xd4ABbNJB9PcxaXnUXuA%2F%2FcgxWiqsMNjDp2FwnMu5GfZGRuEQzIkRLwB2%2BjJ6s%2B1LfCCWBX5lK7efzZ8eBnRpos32EZ0VP8RnjNY%2BmuXrowB%2B5sTY8rp9JT6%2Fg8Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e0480272bb252530cf2ee7f72da982dc3e82c1762dea8482f195effdc6f7ac4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://allegrolokkalnie.31115151.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| enterCode

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lerchek-web.online/	1970-01-20 13:23:09	Name: 1ba682c08b5bd918dae63164d66dba1c Value: 0
delivery.valtrex500.com/	1970-01-20 13:23:13	Name: XSRF-TOKEN Value: eyJpdiI6IkU2VU54SktLSUJURHhFcjBZVjk2WkE9PSIsInZhbHVlIjoiaTJsczRPWHJqVS9FMURZRG5ZNGlQOXlpQ3N1ZzhZR0M2SnphY2hhMVZaVXA1ejdTb2lUSnJlcnNqTHdzUUI0ZlZhc3dPWWNNbG45blZXei92T1o4OXlPbFBvbjlQcU1VMnNQMnRFZ3lVWDhIRzNsMnkyTzM4U3FQZGVoNHIrdGwiLCJtYWMiOiJlODY5N2RmODc3ZGRjZmFhNTZmNWQzMTA4ZWIzNWViMDBlYzA3NDgzODE2YTgzODQ2MjUyYjRjMWZjZTAxZWQ2IiwidGFnIjoiIn0%3D
delivery.valtrex500.com/	1970-01-20 13:23:13	Name: public_session Value: eyJpdiI6InU4enVIU0k2d0ZmSDNtTk5kVExwUHc9PSIsInZhbHVlIjoiT0V1QnhEWnJ4UE94ZWtIalYxdGRUNytPYUQ3TUdCdjZIc29lZWhuNkRIS3g2OUhRVFVuTnpaL2Y4dHdYN2FlSG1idFJuengvN215MUx5d2xHZzh0MEVWTWNSVk5jR2NCQ0ZPb0ZHQjg0REhwdnhSbFBSdUJkc3BjaHQxK3dGeUEiLCJtYWMiOiJlMjgwODY2MzNlODE4MzU3OTExNDk3NGNhYzNkZGI2ZGEzYzI3MmYwN2FkYjg1OTEyOTY1YzZjMTQwODEwYzBlIiwidGFnIjoiIn0%3D
allegrolokkalnie.31115151.xyz/	1970-01-20 13:23:13	Name: XSRF-TOKEN Value: eyJpdiI6IkVRTXJwRy9CUmlObjBINjdudG1nOUE9PSIsInZhbHVlIjoiODdJL1dTMWIvMGlYMW1seXcwbGFIOHVubjlLRXNtRVJMRm56MjdtSmVIaFRkODV5dGJGSnNGaFpOeGFnV0Y5dFRNcHhaSlBwYms5SEhYaVp5dkZUY29ubWp4ay8zcFI3MFhGakpoWEltUmNkTnlRNStMMzlTTFY3bU5CREJvUHYiLCJtYWMiOiJiMzcwZjJkNWJjOTJjMGFlNWI3ZTM1YTBhMmEwOGFiNTczMWFkYzVjZWYwZTFlYWRmMjEwZmYyMDdlZTA1MzA5IiwidGFnIjoiIn0%3D
allegrolokkalnie.31115151.xyz/	1970-01-20 13:23:13	Name: public_session Value: eyJpdiI6IjJza1NIRklWa3JtclhDYXVDalRZSlE9PSIsInZhbHVlIjoiSGFVMGtvQjBhcGEwM3hnemUzOXd3cDhUSkp4T3cvZ3BqYTVBYVliR04yOHNNTysycXJJYVVuVndzbkdxZG1QVWJxUVJrVmttS1NIZUYwazdGYzVlTk54R3pCZFNKeEF1YU9yTXZGZ3B5L1JUWko3VTBpRVZXemI1SzdXVWhYT24iLCJtYWMiOiI2YzZjNjliYmMzZDM5OWNkOWU5Y2Q4MzYzYjc4YzhiOGE2OTYxNmQ1YjRjYWMwN2E3MzBhMGM4NWQ3MGIyZTdlIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allegrolokkalnie.31115151.xyz
delivery.valtrex500.com
lerchek-web.online
104.21.57.227
104.21.72.194
37.140.192.179
1080d5ea3ac63ebb0c8fe886e423b9d578612d6575b5559bd612f8148fb0ec4b
5e0480272bb252530cf2ee7f72da982dc3e82c1762dea8482f195effdc6f7ac4
98e2b9654c5238396de51f4ecfc0761b9e5f045fa98da28a0b55b9fb8b7beeea

allegrolokkalnie.31115151.xyz Open in urlscan Pro 104.21.72.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

20 kBTransfer

44 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

allegrolokkalnie.31115151.xyz Open in urlscan Pro
104.21.72.194 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

20 kB
Transfer

44 kB
Size

5
Cookies

2 HTTP transactions
1 data transactions