links.queromaisofertas.com Open in urlscan Pro
185.31.82.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.queromaisofertas.com/c/iqT/2Hi/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/4e3ba22f
Effective URL:
http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592
Submission: On February 06 via manual (February 6th 2018, 7:31:44 am UTC) from ES

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 185.31.82.254, located in Poland and belongs to IQPL-AS, PL. The main domain is links.queromaisofertas.com.

This is the only time links.queromaisofertas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	185.31.82.254 185.31.82.254	47544 (IQPL-AS) (IQPL-AS)
5	52.95.164.9 52.95.164.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.73.221.124 52.73.221.124	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
8	3

3 185.31.82.254 (Poland) 1 redirects

ASN47544 (IQPL-AS, PL)
PTR: 185-31-82-254.rev.iq.pl

links.queromaisofertas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.164.9 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

emmskt.s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.221.124 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-221-124.compute-1.amazonaws.com

i.tkrmailsec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	amazonaws.com emmskt.s3-sa-east-1.amazonaws.com	358 KB
3	queromaisofertas.com 1 redirects links.queromaisofertas.com	2 KB
1	tkrmailsec.com i.tkrmailsec.com	958 B
8	3

	Domain	Requested by
5	emmskt.s3-sa-east-1.amazonaws.com	links.queromaisofertas.com
3	links.queromaisofertas.com	1 redirects links.queromaisofertas.com
1	i.tkrmailsec.com	links.queromaisofertas.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592
Frame ID: (D18CC61357199049780DB0070D81E09)
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://links.queromaisofertas.com/c/iqT/2Hi/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/4e3ba22f HTTP 302
http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Page URL

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

361 kB
Transfer

361 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.queromaisofertas.com/c/iqT/2Hi/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/4e3ba22f HTTP 302
http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request df3a0592 Show response links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/ Redirect Chain http://links.queromaisofertas.com/c/iqT/2Hi/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/4e3ba22f http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592	5 KB 2 KB	97ms 97ms	Document text/html	185.31.82.254 IQPL-AS
General Check archive.org Show headers Download Go to Full URL http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 185.31.82.254 , Poland, ASN47544 (IQPL-AS, PL), Reverse DNS 185-31-82-254.rev.iq.pl Software / Resource Hash `730dd2918fffad9d47c95c39f18ed0700eb09f24abcc5da9f520d72084272f3a` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Cookie TEMP_DATA=ea556449-9249-4ccd-8555-c5c75c63dd81; esg1=iqT/m2/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/fba8eaa8 Host links.queromaisofertas.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:30 GMT Content-Encoding gzip Cache-Control private Content-Length 1622 Vary Accept-Encoding Content-Type text/html; charset=utf-8 Redirect headers Location http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Date Tue, 06 Feb 2018 07:31:30 GMT Cache-Control private Set-Cookie TEMP_DATA=ea556449-9249-4ccd-8555-c5c75c63dd81; path=/ esg1=iqT/m2/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/fba8eaa8; path=/ Content-Length 188 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	1517333333-01.jpg emmskt.s3-sa-east-1.amazonaws.com/20180130/	71 KB 71 KB	1169ms 232ms	Image image/jpeg	52.95.164.9 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://emmskt.s3-sa-east-1.amazonaws.com/20180130/1517333333-01.jpg Requested by Host: links.queromaisofertas.com URL: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 52.95.164.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash `ae715f7597e5c79dcabf3b9e4bed61441cebdb2dca68c57afaaaa59277d1fcaa` Request headers Referer http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:32 GMT Last-Modified Tue, 30 Jan 2018 17:28:56 GMT Server AmazonS3 x-amz-request-id E9C8251B816B42BF ETag "500aa84aa982d97e349f16856645e21e" Content-Type image/jpeg Accept-Ranges bytes Content-Length 72699 x-amz-id-2 81YBAQBRwdOaO8LIpr0W+GT4+j39qnuHQKQF2/LrvZd+1ADLxMNYwYwxKU91ririLtKXUDgt+Es=
GET H/1.1	200 OK	1517333333-02.jpg emmskt.s3-sa-east-1.amazonaws.com/20180130/	88 KB 88 KB	1173ms 237ms	Image image/jpeg	52.95.164.9 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://emmskt.s3-sa-east-1.amazonaws.com/20180130/1517333333-02.jpg Requested by Host: links.queromaisofertas.com URL: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 52.95.164.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash `459ba26b5fbec81dba42dbaaee960e9cfdd828c88c618204e4d3de20df72c0fa` Request headers Referer http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:32 GMT Last-Modified Tue, 30 Jan 2018 17:28:57 GMT Server AmazonS3 x-amz-request-id 6B6FEB435482F58A ETag "8b1a24ea006b45a39bca7807813f94a6" Content-Type image/jpeg Accept-Ranges bytes Content-Length 90248 x-amz-id-2 Wl+ecLFfMO9oAUa7DWqN6GD8BplLA+00xPTZpHLO+ZvCEcYVXTZBsjjJZp+TS/WNtOmG/cNMuPU=
GET H/1.1	200 OK	1517333333-03.jpg emmskt.s3-sa-east-1.amazonaws.com/20180130/	73 KB 73 KB	1173ms 235ms	Image image/jpeg	52.95.164.9 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://emmskt.s3-sa-east-1.amazonaws.com/20180130/1517333333-03.jpg Requested by Host: links.queromaisofertas.com URL: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 52.95.164.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash `a3a4219929b1517c55b2a48d2ee2fb6fc465c57e387cd7f6452dff454697740e` Request headers Referer http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:32 GMT Last-Modified Tue, 30 Jan 2018 17:28:57 GMT Server AmazonS3 x-amz-request-id 97A43CF686C203E7 ETag "1d1171e5f69a3bf203f14dfa802f2354" Content-Type image/jpeg Accept-Ranges bytes Content-Length 74706 x-amz-id-2 bbFHb5kI7tLIJxl4CPvmO102MipigIZhXK0mt7o+Rb1jCuN/5Cz004XZ1qrQRtQYAKXyX53AE/Y=
GET H/1.1	200 OK	1517333333-04.jpg emmskt.s3-sa-east-1.amazonaws.com/20180130/	80 KB 81 KB	1166ms 227ms	Image image/jpeg	52.95.164.9 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://emmskt.s3-sa-east-1.amazonaws.com/20180130/1517333333-04.jpg Requested by Host: links.queromaisofertas.com URL: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 52.95.164.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash `3fb3f2d844f65c1b93be83ce6d63caa194ece40cec690982f83845f57a64fadf` Request headers Referer http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:32 GMT Last-Modified Tue, 30 Jan 2018 17:28:57 GMT Server AmazonS3 x-amz-request-id 722AA5CCE0FFC880 ETag "6f4c01f6d6e64a4253d225013dd3749a" Content-Type image/jpeg Accept-Ranges bytes Content-Length 82077 x-amz-id-2 BS9TW5xs2EWxyxh5hDmXjbM/Pu6DjduTdMsfj5zVt2CZQ5qiOGLndmBbmt8F5Cknv6O0wYbI6Hg=
GET H/1.1	200 OK	1517333333-05.jpg emmskt.s3-sa-east-1.amazonaws.com/20180130/	44 KB 45 KB	1168ms 226ms	Image image/jpeg	52.95.164.9 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://emmskt.s3-sa-east-1.amazonaws.com/20180130/1517333333-05.jpg Requested by Host: links.queromaisofertas.com URL: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 52.95.164.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash `acb5f12f2df2e527732c872ec1d3d59ebd9109697b2cf9c264e2157084301704` Request headers Referer http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:32 GMT Last-Modified Tue, 30 Jan 2018 17:28:57 GMT Server AmazonS3 x-amz-request-id 98E2E85B1382CD34 ETag "082859b0b02e83fa67e0e93c8456d0ec" Content-Type image/jpeg Accept-Ranges bytes Content-Length 45263 x-amz-id-2 +BpUfNQAt7A5/2u3Uhl/FAZFQf5zP4/mZpkTVC1kve77MExsBKo3PTLRhXCgkDsge/ckA22/qcE=
GET H/1.1	200 OK	/ i.tkrmailsec.com/	49 B 958 B	663ms 119ms	Image image/gif	52.73.221.124 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://i.tkrmailsec.com/?a=10440&c=10466&E=80U5MAuJyGFgLAxvoZgCjSxWzJQZgl%2fL&s1=SUB_ID Requested by Host: links.queromaisofertas.com URL: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 52.73.221.124 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-73-221-124.compute-1.amazonaws.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5` Request headers Referer http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:31 GMT Server Microsoft-IIS/8.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Cache-Control private Connection keep-alive Content-Type image/gif Content-Length 49
GET H/1.1	200 OK	dbca9e1c links.queromaisofertas.com/o/iqT/KbwTjENEjhjM-UXeiTV1Ya/gceY/	43 B 199 B	56ms 55ms	Image image/gif	185.31.82.254 IQPL-AS
General Check archive.org Show headers Download Go to Show image Full URL http://links.queromaisofertas.com/o/iqT/KbwTjENEjhjM-UXeiTV1Ya/gceY/dbca9e1c Requested by Host: links.queromaisofertas.com URL: http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Protocol HTTP/1.1 Server 185.31.82.254 , Poland, ASN47544 (IQPL-AS, PL), Reverse DNS 185-31-82-254.rev.iq.pl Software / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host links.queromaisofertas.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 Cookie TEMP_DATA=ea556449-9249-4ccd-8555-c5c75c63dd81; esg1=iqT/m2/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/fba8eaa8 Connection keep-alive Cache-Control no-cache Referer http://links.queromaisofertas.com/v/iqT/KbwTjENEjhjM-UXeiTV1Ya/df3a0592 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 06 Feb 2018 07:31:30 GMT Cache-Control no-cache, max-age=0 Transfer-Encoding chunked Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			links.queromaisofertas.com/	1969-12-31 23:59:59	Name: esg1 Value: iqT/m2/KbwTjENEjhjM-UXeiTV1Ya/m2/gceY/fba8eaa8
			links.queromaisofertas.com/	1969-12-31 23:59:59	Name: TEMP_DATA Value: ea556449-9249-4ccd-8555-c5c75c63dd81

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

emmskt.s3-sa-east-1.amazonaws.com
i.tkrmailsec.com
links.queromaisofertas.com
185.31.82.254
52.73.221.124
52.95.164.9
3fb3f2d844f65c1b93be83ce6d63caa194ece40cec690982f83845f57a64fadf
459ba26b5fbec81dba42dbaaee960e9cfdd828c88c618204e4d3de20df72c0fa
730dd2918fffad9d47c95c39f18ed0700eb09f24abcc5da9f520d72084272f3a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
a3a4219929b1517c55b2a48d2ee2fb6fc465c57e387cd7f6452dff454697740e
acb5f12f2df2e527732c872ec1d3d59ebd9109697b2cf9c264e2157084301704
ae715f7597e5c79dcabf3b9e4bed61441cebdb2dca68c57afaaaa59277d1fcaa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

links.queromaisofertas.com Open in urlscan Pro 185.31.82.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

361 kBTransfer

361 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

links.queromaisofertas.com Open in urlscan Pro
185.31.82.254 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

361 kB
Transfer

361 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions