urlscan.io logo urlscan.io
SecurityTrails logo

klsdee.com Open in urlscan Pro
172.240.80.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1708076136748.breakablekisystem.com/
Effective URL: https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12apr8l700084&pb=3f295324f779edb461c1dacf44cd20991708123494&...
Submission: On February 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 7 domains to perform 7 HTTP transactions. The main IP is 172.240.80.36, located in United States and belongs to SERVERS-COM, US. The main domain is klsdee.com.
TLS certificate: Issued by Buypass Class 2 CA 5 on January 9th 2024. Valid for: 6 months.
This is the only time klsdee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 172.104.190.11 63949 (AKAMAI-LI...)
2 3 51.68.81.31 16276 (OVH)
1 37.58.56.244 28753 (LEASEWEB-...)
4 172.240.80.36 7979 (SERVERS-COM)
1 1 104.96.214.134 ()
1 104.102.129.163 ()
7 4
3    172.104.190.11 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-190-11.ip.linodeusercontent.com
1708076136748.breakablekisystem.com
1708116288524.evenkiignore.com
1708116289705.avawanial.club
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.hanterastole.info
1    37.58.56.244 (Delmenhorst, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
clickon.icu
4    172.240.80.36 (United States)

ASN7979 (SERVERS-COM, US)
klsdee.com
1    104.96.214.134 (None, )

ASN- ()
s.click.aliexpress.com
1    104.102.129.163 (None, )

ASN- ()
campaign.aliexpress.com
Domain Requested by
4 klsdee.com klsdee.com
3 www.hanterastole.info 2 redirects
1 campaign.aliexpress.com klsdee.com
1 s.click.aliexpress.com 1 redirects
1 clickon.icu www.hanterastole.info
1 1708116289705.avawanial.club 1 redirects
1 1708116288524.evenkiignore.com 1 redirects
1 1708076136748.breakablekisystem.com 1 redirects
7 8

This site contains no links.

Subject Issuer Validity Valid
www.hanterastole.info
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
clickon.icu
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh

Buypass Class 2 CA 5		 2024-01-09 -
2024-07-06		 6 months crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-21 -
2024-10-23		 a year crt.sh

This page contains 1 frames:

Frame: https://campaign.aliexpress.com/wow/gcp-plus/ae/tupr?spm=a2g0o.home.Mallglobal.1.682e44f5CbzpiO&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_weex=true&wh_pid=300000516%2Fmallpcmiste&dp=2402161544b6338729cb3142dfb581f8ee20&af=1785930&aff_fcid=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&tt=CPS_NORMAL&aff_fsk=_DDMj2Rp&aff_platform=portals-tool&sk=_DDMj2Rp&aff_trace_key=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&terminal_id=7a6348cb81a34f77b2de50037e3b22de
Frame ID: 0A95DEFACDDC606E01958AFB376811A2
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1708076136748.breakablekisystem.com/ HTTP 302
    http://1708116288524.evenkiignore.com/b14db681-a036-44b8-8a09-7e246bd1d227?n=1&t=1708116288524&l_next=aHR0cHM6Ly93... HTTP 302
    http://1708116289705.avawanial.club/c97e3df5-4bc1-4236-8bd4-c28206117ee4?n=2&t=1708116288524&l_next=aHR0cHM6Ly93... HTTP 302
    https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=27e4e96f6c593c255c80c0... HTTP 302
    https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6534780173298... HTTP 302
    https://clickon.icu/go/4995/1?subid2=rest&subid1=131004354b4d3c1a9dd30c1549cd7fc079e050216-20240... Page URL
  3. https://klsdee.com/1541147/?var=4995&ymid=12apr8l700084 Page URL
  4. https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12apr8l700084&pb=3f295324f779edb461c1dac... Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

4
IPs

4
Countries

31 kB
Transfer

62 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1708076136748.breakablekisystem.com/ HTTP 302
    http://1708116288524.evenkiignore.com/b14db681-a036-44b8-8a09-7e246bd1d227?n=1&t=1708116288524&l_next=aHR0cHM6Ly93d3cuaGFudGVyYXN0b2xlLmluZm8vP3NsPTU3NDQ0NDQtOGZlNzMmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
    http://1708116289705.avawanial.club/c97e3df5-4bc1-4236-8bd4-c28206117ee4?n=2&t=1708116288524&l_next=aHR0cHM6Ly93d3cuaGFudGVyYXN0b2xlLmluZm8vP3NsPTU3NDQ0NDQtOGZlNzMmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
    https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=27e4e96f6c593c255c80c0f889a8d062&eyer=0.6534780173298695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6534780173298695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://clickon.icu/go/4995/1?subid2=rest&subid1=131004354b4d3c1a9dd30c1549cd7fc079e050216-202402-flb*5744444-8fe73**sl_5744444-8fe73*b3b4227d10a943171577e220914273d3d31b438d** Page URL
  3. https://klsdee.com/1541147/?var=4995&ymid=12apr8l700084 Page URL
  4. https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12apr8l700084&pb=3f295324f779edb461c1dacf44cd20991708123494&psp=omoUM0ESPKY4wBJeDSZC_29SyZ3TCadYd5kx67TmXrL7hFpUAwAAUV_gYxLDv7I4QuWUEjOV8m1Y7EPtCK28EeCGljbV2S_g9HtOsuNlPInbV-pk-4Zp3n1v_AylPHZM-MTnvS5_m7RmEFCuTBXSOLRt1p2QF10GyE7XtaK3A4Vk5lt0i5wKZy9KsqU7WAwZuMvCybfNnsgVey4kZJQiQz25wV0UjSwDVwp9t8yqXITcxSPd2XEmaAr4effeUP1xV6Iu8ckzJN-uUrAapgVMHWPkorjzkKb5M8iPdmZ2-W54Sxx2O7OfUuMxQCxalXKSLv7PIuipUu3ypICX8QjHZFEwbI9LdXP5ZDyFNx7LEdZghtAurw22SGWQ2WyGNCjYGalHqWW_--S--vixXA0cgrK67yPQYY22VF9mqfDAnts6bk0EqKUBmGjK2o5QdYuJ96raO5874WDQ8qvRXVehPhPGdPpuxRHDSaHpAxFUn1h-IHgDSU08Yg8roTibWxR_Beiax183cy2xOzeEtUdy8ZfpnQwTSH0HRVvvIr8pfiPFuWs8Tjt-ACEi-DJALn21LeGqvRKc9z0B1DmWg20WKMIV5wXUJ47qNw_0cpyOQwp72KkN_19dkvzhIGtf0mqZxaPj7RUvcN_4Al1BhVh8kISRGWVfVDUTUgNtzkOv4z9gJFRtDVUfagasGrik3CYFHYWafNFKS_GQOJRTXM5dYUBUS1h_hhW1NiLg2dbTabZdhnFdUBu1I5xXs4ivbkFnwNw-ayQb4PqrQAVWT3N3swq4oG84E0jiVc2-pmnSlgbR-w==&im=2&fdl=1&nojs=0&abvar=0&febuild=1.0.202&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430292504153600&eclog=0&im=1&pload=3452&rlp=%5B0%2C0.10000038146972656%2C612.1000003814697%2C509.70000076293945%2C184%2C3382.599998474121%2C2767%2C2501.2999992370605%5D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1708076136748.breakablekisystem.com/ HTTP 302
  • http://1708116288524.evenkiignore.com/b14db681-a036-44b8-8a09-7e246bd1d227?n=1&t=1708116288524&l_next=aHR0cHM6Ly93d3cuaGFudGVyYXN0b2xlLmluZm8vP3NsPTU3NDQ0NDQtOGZlNzMmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
  • http://1708116289705.avawanial.club/c97e3df5-4bc1-4236-8bd4-c28206117ee4?n=2&t=1708116288524&l_next=aHR0cHM6Ly93d3cuaGFudGVyYXN0b2xlLmluZm8vP3NsPTU3NDQ0NDQtOGZlNzMmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
  • https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=
Request Chain 1
  • https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=27e4e96f6c593c255c80c0f889a8d062&eyer=0.6534780173298695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6534780173298695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://clickon.icu/go/4995/1?subid2=rest&subid1=131004354b4d3c1a9dd30c1549cd7fc079e050216-202402-flb*5744444-8fe73**sl_5744444-8fe73*b3b4227d10a943171577e220914273d3d31b438d**
Request Chain 4
  • https://s.click.aliexpress.com/e/_DDMj2Rp?dp=2402161544b6338729cb3142dfb581f8ee20&af=1785930 HTTP 302
  • https://campaign.aliexpress.com/wow/gcp-plus/ae/tupr?spm=a2g0o.home.Mallglobal.1.682e44f5CbzpiO&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_weex=true&wh_pid=300000516%2Fmallpcmiste&dp=2402161544b6338729cb3142dfb581f8ee20&af=1785930&aff_fcid=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&tt=CPS_NORMAL&aff_fsk=_DDMj2Rp&aff_platform=portals-tool&sk=_DDMj2Rp&aff_trace_key=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&terminal_id=7a6348cb81a34f77b2de50037e3b22de

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.hanterastole.info/
Redirect Chain
  • http://1708076136748.breakablekisystem.com/
  • http://1708116288524.evenkiignore.com/b14db681-a036-44b8-8a09-7e246bd1d227?n=1&t=1708116288524&l_next=aHR0cHM6Ly93d3cuaGFudGVyYXN0b2xlLmluZm8vP3NsPTU3NDQ0NDQtOGZlNzMmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWN...
  • http://1708116289705.avawanial.club/c97e3df5-4bc1-4236-8bd4-c28206117ee4?n=2&t=1708116288524&l_next=aHR0cHM6Ly93d3cuaGFudGVyYXN0b2xlLmluZm8vP3NsPTU3NDQ0NDQtOGZlNzMmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrM...
  • https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6c31a322d2abc111b6c82ebffe7bf779f5a7d9a6f4ec6b08fbc3e1532b785e66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Fri, 16 Feb 2024 20:44:51 GMT
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
224
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Feb 2024 20:44:50 GMT
Keep-Alive
timeout=5
Location
https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=
Vary
Accept
X-Powered-By
Express
1
clickon.icu/go/4995/
Redirect Chain
  • https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=27e4e96f6c593c255c80c0f889a8d062&eyer=0.6534780173298695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6534780173298695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://clickon.icu/go/4995/1?subid2=rest&subid1=131004354b4d3c1a9dd30c1549cd7fc079e050216-202402-flb*5744444-8fe73**sl_5744444-8fe73*b3b4227d10a943171577e220914273d3d31b438d**
272 B
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clickon.icu/go/4995/1?subid2=rest&subid1=131004354b4d3c1a9dd30c1549cd7fc079e050216-202402-flb*5744444-8fe73**sl_5744444-8fe73*b3b4227d10a943171577e220914273d3d31b438d**
Requested by
Host: www.hanterastole.info
URL: https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.58.56.244 Delmenhorst, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash

Request headers

Referer
https://www.hanterastole.info/?sl=5744444-8fe73&data1=Track1&data2=Track2&tag=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
close
Content-Encoding
identity
Content-Length
272
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Feb 2024 20:44:53 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Fri, 16 Feb 2024 20:44:53 GMT
Pragma
no-cache
Server
nginx
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Feb 2024 20:44:52 GMT
Location
https://clickon.icu/go/4995/1?subid2=rest&subid1=131004354b4d3c1a9dd30c1549cd7fc079e050216-202402-flb*5744444-8fe73**sl_5744444-8fe73*b3b4227d10a943171577e220914273d3d31b438d**
/
klsdee.com/1541147/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/1541147/?var=4995&ymid=12apr8l700084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.80.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
fd064c0f38ab777ed5658b3b3376fd4f652f81feb4ed6b402006de658e751059

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 16 Feb 2024 20:44:54 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
check.sumbit.dl
submit.min.js
klsdee.com/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/submit.min.js?abvar=
Requested by
Host: klsdee.com
URL: https://klsdee.com/1541147/?var=4995&ymid=12apr8l700084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.80.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Fri, 16 Feb 2024 20:44:55 GMT
content-encoding
gzip
last-modified
Thu, 15 Feb 2024 10:28:42 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab
current
etag
W/"65cde75a-ab59"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
Primary Request /
klsdee.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12apr8l700084&pb=3f295324f779edb461c1dacf44cd20991708123494&psp=omoUM0ESPKY4wBJeDSZC_29SyZ3TCadYd5kx67TmXrL7hFpUAwAAUV_gYxLDv7I4QuWUEjOV8m1Y7EPtCK28EeCGljbV2S_g9HtOsuNlPInbV-pk-4Zp3n1v_AylPHZM-MTnvS5_m7RmEFCuTBXSOLRt1p2QF10GyE7XtaK3A4Vk5lt0i5wKZy9KsqU7WAwZuMvCybfNnsgVey4kZJQiQz25wV0UjSwDVwp9t8yqXITcxSPd2XEmaAr4effeUP1xV6Iu8ckzJN-uUrAapgVMHWPkorjzkKb5M8iPdmZ2-W54Sxx2O7OfUuMxQCxalXKSLv7PIuipUu3ypICX8QjHZFEwbI9LdXP5ZDyFNx7LEdZghtAurw22SGWQ2WyGNCjYGalHqWW_--S--vixXA0cgrK67yPQYY22VF9mqfDAnts6bk0EqKUBmGjK2o5QdYuJ96raO5874WDQ8qvRXVehPhPGdPpuxRHDSaHpAxFUn1h-IHgDSU08Yg8roTibWxR_Beiax183cy2xOzeEtUdy8ZfpnQwTSH0HRVvvIr8pfiPFuWs8Tjt-ACEi-DJALn21LeGqvRKc9z0B1DmWg20WKMIV5wXUJ47qNw_0cpyOQwp72KkN_19dkvzhIGtf0mqZxaPj7RUvcN_4Al1BhVh8kISRGWVfVDUTUgNtzkOv4z9gJFRtDVUfagasGrik3CYFHYWafNFKS_GQOJRTXM5dYUBUS1h_hhW1NiLg2dbTabZdhnFdUBu1I5xXs4ivbkFnwNw-ayQb4PqrQAVWT3N3swq4oG84E0jiVc2-pmnSlgbR-w==&im=2&fdl=1&nojs=0&abvar=0&febuild=1.0.202&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430292504153600&eclog=0&im=1&pload=3452&rlp=%5B0%2C0.10000038146972656%2C612.1000003814697%2C509.70000076293945%2C184%2C3382.599998474121%2C2767%2C2501.2999992370605%5D
Requested by
Host: klsdee.com
URL: https://klsdee.com/submit.min.js?abvar=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.80.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-device-memory
8
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light
sec-ch-prefers-reduced-motion
no-preference
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-viewport-height
1200
sec-ch-viewport-width
1600

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 16 Feb 2024 20:44:57 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
redirect.dl
tupr
campaign.aliexpress.com/wow/gcp-plus/ae/
Redirect Chain
  • https://s.click.aliexpress.com/e/_DDMj2Rp?dp=2402161544b6338729cb3142dfb581f8ee20&af=1785930
  • https://campaign.aliexpress.com/wow/gcp-plus/ae/tupr?spm=a2g0o.home.Mallglobal.1.682e44f5CbzpiO&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_stat...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.aliexpress.com/wow/gcp-plus/ae/tupr?spm=a2g0o.home.Mallglobal.1.682e44f5CbzpiO&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_weex=true&wh_pid=300000516%2Fmallpcmiste&dp=2402161544b6338729cb3142dfb581f8ee20&af=1785930&aff_fcid=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&tt=CPS_NORMAL&aff_fsk=_DDMj2Rp&aff_platform=portals-tool&sk=_DDMj2Rp&aff_trace_key=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&terminal_id=7a6348cb81a34f77b2de50037e3b22de
Requested by
Host: klsdee.com
URL: https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12apr8l700084&pb=3f295324f779edb461c1dacf44cd20991708123494&psp=omoUM0ESPKY4wBJeDSZC_29SyZ3TCadYd5kx67TmXrL7hFpUAwAAUV_gYxLDv7I4QuWUEjOV8m1Y7EPtCK28EeCGljbV2S_g9HtOsuNlPInbV-pk-4Zp3n1v_AylPHZM-MTnvS5_m7RmEFCuTBXSOLRt1p2QF10GyE7XtaK3A4Vk5lt0i5wKZy9KsqU7WAwZuMvCybfNnsgVey4kZJQiQz25wV0UjSwDVwp9t8yqXITcxSPd2XEmaAr4effeUP1xV6Iu8ckzJN-uUrAapgVMHWPkorjzkKb5M8iPdmZ2-W54Sxx2O7OfUuMxQCxalXKSLv7PIuipUu3ypICX8QjHZFEwbI9LdXP5ZDyFNx7LEdZghtAurw22SGWQ2WyGNCjYGalHqWW_--S--vixXA0cgrK67yPQYY22VF9mqfDAnts6bk0EqKUBmGjK2o5QdYuJ96raO5874WDQ8qvRXVehPhPGdPpuxRHDSaHpAxFUn1h-IHgDSU08Yg8roTibWxR_Beiax183cy2xOzeEtUdy8ZfpnQwTSH0HRVvvIr8pfiPFuWs8Tjt-ACEi-DJALn21LeGqvRKc9z0B1DmWg20WKMIV5wXUJ47qNw_0cpyOQwp72KkN_19dkvzhIGtf0mqZxaPj7RUvcN_4Al1BhVh8kISRGWVfVDUTUgNtzkOv4z9gJFRtDVUfagasGrik3CYFHYWafNFKS_GQOJRTXM5dYUBUS1h_hhW1NiLg2dbTabZdhnFdUBu1I5xXs4ivbkFnwNw-ayQb4PqrQAVWT3N3swq4oG84E0jiVc2-pmnSlgbR-w==&im=2&fdl=1&nojs=0&abvar=0&febuild=1.0.202&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430292504153600&eclog=0&im=1&pload=3452&rlp=%5B0%2C0.10000038146972656%2C612.1000003814697%2C509.70000076293945%2C184%2C3382.599998474121%2C2767%2C2501.2999992370605%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.129.163 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://klsdee.com/afu.php?zoneid=1542726&var=1541147&abvar=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, s-maxage=298
content-encoding
gzip
content-length
37110
content-type
text/html; charset=utf-8
date
Fri, 16 Feb 2024 20:45:01 GMT
eagleeye-traceid
211b88ef17081160810918440e35db
object-status
ttl=298,age=196,gip=104.102.129.163
server
Tengine
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-air-hostname
air-ual033027098006.de81
x-air-source
proxy
x-air-trace-id
211b88ef17081160810918440e35db
x-beacon
off
x-readtime
102
x-server-id
28c3d6b2523ca52c32ad72931842b19a00b6ee1a337141579f52f0a41266a7cf
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTION
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
en-US
content-length
0
date
Fri, 16 Feb 2024 20:44:58 GMT
eagleeye-traceid
2103080617081162983237752efa2a
expires
0
location
https://campaign.aliexpress.com/wow/gcp-plus/ae/tupr?spm=a2g0o.home.Mallglobal.1.682e44f5CbzpiO&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_weex=true&wh_pid=300000516%2Fmallpcmiste&dp=2402161544b6338729cb3142dfb581f8ee20&af=1785930&aff_fcid=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&tt=CPS_NORMAL&aff_fsk=_DDMj2Rp&aff_platform=portals-tool&sk=_DDMj2Rp&aff_trace_key=14d62d3550ce4eed9e8b2c16506f7be3-1708116298331-09184-_DDMj2Rp&terminal_id=7a6348cb81a34f77b2de50037e3b22de
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine/Aserver
server-timing
ak_p; desc="1708116297858_1751178278_271385511_1730_2014_154_462_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
x-application-context
global-traffic-holmes-f:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
dupa.gif
klsdee.com/ 		43 B
482 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/dupa.gif?z=1541147&r=dir&zoneid=1541147&var=4995&ymid=12apr8l700084&pb=3f295324f779edb461c1dacf44cd20991708123494&psp=omoUM0ESPKY4wBJeDSZC_29SyZ3TCadYd5kx67TmXrL7hFpUAwAAUV_gYxLDv7I4QuWUEjOV8m1Y7EPtCK28EeCGljbV2S_g9HtOsuNlPInbV-pk-4Zp3n1v_AylPHZM-MTnvS5_m7RmEFCuTBXSOLRt1p2QF10GyE7XtaK3A4Vk5lt0i5wKZy9KsqU7WAwZuMvCybfNnsgVey4kZJQiQz25wV0UjSwDVwp9t8yqXITcxSPd2XEmaAr4effeUP1xV6Iu8ckzJN-uUrAapgVMHWPkorjzkKb5M8iPdmZ2-W54Sxx2O7OfUuMxQCxalXKSLv7PIuipUu3ypICX8QjHZFEwbI9LdXP5ZDyFNx7LEdZghtAurw22SGWQ2WyGNCjYGalHqWW_--S--vixXA0cgrK67yPQYY22VF9mqfDAnts6bk0EqKUBmGjK2o5QdYuJ96raO5874WDQ8qvRXVehPhPGdPpuxRHDSaHpAxFUn1h-IHgDSU08Yg8roTibWxR_Beiax183cy2xOzeEtUdy8ZfpnQwTSH0HRVvvIr8pfiPFuWs8Tjt-ACEi-DJALn21LeGqvRKc9z0B1DmWg20WKMIV5wXUJ47qNw_0cpyOQwp72KkN_19dkvzhIGtf0mqZxaPj7RUvcN_4Al1BhVh8kISRGWVfVDUTUgNtzkOv4z9gJFRtDVUfagasGrik3CYFHYWafNFKS_GQOJRTXM5dYUBUS1h_hhW1NiLg2dbTabZdhnFdUBu1I5xXs4ivbkFnwNw-ayQb4PqrQAVWT3N3swq4oG84E0jiVc2-pmnSlgbR-w==&im=2&fdl=1&nojs=0&abvar=0&febuild=1.0.202&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430292504153600&eclog=0&im=1&pload=3452&rlp=%5B0%2C0.10000038146972656%2C612.1000003814697%2C509.70000076293945%2C184%2C3382.599998474121%2C2767%2C2501.2999992370605%5D&pload=183&rlp=%5B0%2C0%2C0%2C0%2C-140.89999961853027%2C-0.39999961853027344%2C-2.8999996185302734%2C0%5D
Requested by
Host: klsdee.com
URL: https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12apr8l700084&pb=3f295324f779edb461c1dacf44cd20991708123494&psp=omoUM0ESPKY4wBJeDSZC_29SyZ3TCadYd5kx67TmXrL7hFpUAwAAUV_gYxLDv7I4QuWUEjOV8m1Y7EPtCK28EeCGljbV2S_g9HtOsuNlPInbV-pk-4Zp3n1v_AylPHZM-MTnvS5_m7RmEFCuTBXSOLRt1p2QF10GyE7XtaK3A4Vk5lt0i5wKZy9KsqU7WAwZuMvCybfNnsgVey4kZJQiQz25wV0UjSwDVwp9t8yqXITcxSPd2XEmaAr4effeUP1xV6Iu8ckzJN-uUrAapgVMHWPkorjzkKb5M8iPdmZ2-W54Sxx2O7OfUuMxQCxalXKSLv7PIuipUu3ypICX8QjHZFEwbI9LdXP5ZDyFNx7LEdZghtAurw22SGWQ2WyGNCjYGalHqWW_--S--vixXA0cgrK67yPQYY22VF9mqfDAnts6bk0EqKUBmGjK2o5QdYuJ96raO5874WDQ8qvRXVehPhPGdPpuxRHDSaHpAxFUn1h-IHgDSU08Yg8roTibWxR_Beiax183cy2xOzeEtUdy8ZfpnQwTSH0HRVvvIr8pfiPFuWs8Tjt-ACEi-DJALn21LeGqvRKc9z0B1DmWg20WKMIV5wXUJ47qNw_0cpyOQwp72KkN_19dkvzhIGtf0mqZxaPj7RUvcN_4Al1BhVh8kISRGWVfVDUTUgNtzkOv4z9gJFRtDVUfagasGrik3CYFHYWafNFKS_GQOJRTXM5dYUBUS1h_hhW1NiLg2dbTabZdhnFdUBu1I5xXs4ivbkFnwNw-ayQb4PqrQAVWT3N3swq4oG84E0jiVc2-pmnSlgbR-w==&im=2&fdl=1&nojs=0&abvar=0&febuild=1.0.202&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7430292504153600&eclog=0&im=1&pload=3452&rlp=%5B0%2C0.10000038146972656%2C612.1000003814697%2C509.70000076293945%2C184%2C3382.599998474121%2C2767%2C2501.2999992370605%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.80.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Fri, 16 Feb 2024 20:44:57 GMT
x-route-id
stats.redirect-pixel
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
clickon.icu/ Name: mobitck
Value: 1
klsdee.com/ Name: CHCK
Value: 1
klsdee.com/ Name: UID
Value: 24021615447d088505b54a42f481c5cd8959
klsdee.com/ Name: OACCAP
Value: ACim3QAAAAAAAAAB
klsdee.com/ Name: OACBLOCK
Value: ACim3QAAAABlz77A
klsdee.com/ Name: OXCCLK
Value: ACim3QAAAAAAAAAB
klsdee.com/ Name: OXPCLK
Value: AAJTkwAAAAAAAAAB
klsdee.com/ Name: ppucnt
Value: 1