Submitted URL: http://leoniscinema.com/userfiles/4751-apache-poi-xssf-library-download.xml
Effective URL: https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
Submission: On June 01 via manual from US

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 178.128.141.43, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is smartklick.biz.
TLS certificate: Issued by R3 on April 20th 2021. Valid for: 3 months.
This is the only time smartklick.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 139.129.152.97 37963 (CNNIC-ALI...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
3 178.128.141.43 14061 (DIGITALOC...)
5 4
Apex Domain
Subdomains
Transfer
3 smartklick.biz
smartklick.biz
38 KB
2 rudns-tl.ru
en.rudns-tl.ru
1 KB
1 tl-cdn.ru
dfio.tl-cdn.ru
2 KB
1 leoniscinema.com
leoniscinema.com
2 KB
5 4
Domain Requested by
3 smartklick.biz dfio.tl-cdn.ru
smartklick.biz
2 en.rudns-tl.ru 2 redirects
1 dfio.tl-cdn.ru leoniscinema.com
1 leoniscinema.com
5 4

This site contains no links.

Subject Issuer Validity Valid
*.tl-cdn.ru
R3
2021-04-15 -
2021-07-14
3 months crt.sh
loloclicks.biz
R3
2021-04-20 -
2021-07-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
Frame ID: 4333ABDC5B4527C7FB1A19D5342085CC
Requests: 6 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://leoniscinema.com/userfiles/4751-apache-poi-xssf-library-download.xml Page URL
  2. https://en.rudns-tl.ru/download.php?key=Apache%20poi%20xssf%20library%20download HTTP 302
    https://en.rudns-tl.ru/?key=Applied+Combinatorics+Solution+Manual&p=1&mark=&sub_id= HTTP 302
    https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

5
Requests

80 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

42 kB
Transfer

54 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leoniscinema.com/userfiles/4751-apache-poi-xssf-library-download.xml Page URL
  2. https://en.rudns-tl.ru/download.php?key=Apache%20poi%20xssf%20library%20download HTTP 302
    https://en.rudns-tl.ru/?key=Applied+Combinatorics+Solution+Manual&p=1&mark=&sub_id= HTTP 302
    https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
4751-apache-poi-xssf-library-download.xml
leoniscinema.com/userfiles/
5 KB
2 KB
Document
General
Full URL
http://leoniscinema.com/userfiles/4751-apache-poi-xssf-library-download.xml
Protocol
HTTP/1.1
Server
139.129.152.97 Qingdao, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
35c0e250d8ad6fcc50d162796388ae1b812b5cab9bf2a5baa70420b0ecab1404

Request headers

Host
leoniscinema.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 18:48:21 GMT
Server
Apache
Last-Modified
Tue, 20 Apr 2021 22:47:27 GMT
ETag
"e4b568-12dd-5c06f3b0011ea"
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
2136
Keep-Alive
timeout=15, max=300
Connection
Keep-Alive
Content-Type
application/xml
telarykoyleemoirowwevou.js
dfio.tl-cdn.ru/cowvo/it1/oinyq/
1 KB
2 KB
Script
General
Full URL
https://dfio.tl-cdn.ru/cowvo/it1/oinyq/telarykoyleemoirowwevou.js
Requested by
Host: leoniscinema.com
URL: http://leoniscinema.com/userfiles/4751-apache-poi-xssf-library-download.xml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://leoniscinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:48:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4963
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=esjR0NCUJDFTDfA%2FNVB5QjX26f7%2Fu0vJmjFR23ffz%2BQCZo8WbIt%2Bp8lWPoNicptKLQxhr1YbayihZY45qBOxxyica0ZOCOt4ayIIDvSEYU%2Bv7Jdz%2F5EVN7R0zYXIqstoYSe1Mcd0yDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=14400, no-transform
cf-ray
658a9da2de704e8c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6a80d9c700004e8c31248000000001
Primary Request /
smartklick.biz/
Redirect Chain
  • https://en.rudns-tl.ru/download.php?key=Apache%20poi%20xssf%20library%20download
  • https://en.rudns-tl.ru/?key=Applied+Combinatorics+Solution+Manual&p=1&mark=&sub_id=
  • https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
26 KB
26 KB
Document
General
Full URL
https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
Requested by
Host: dfio.tl-cdn.ru
URL: https://dfio.tl-cdn.ru/cowvo/it1/oinyq/telarykoyleemoirowwevou.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.141.43 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6daf3d4a54940d3ace5a457ac7ef3816fa56bda6f67095f67132020cec25406d
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
smartklick.biz
:scheme
https
:path
/?p=hezggmlega5gi3bpgiydomru
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://leoniscinema.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://leoniscinema.com/userfiles/4751-apache-poi-xssf-library-download.xml

Response headers

server
nginx
date
Tue, 01 Jun 2021 18:48:22 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=5fb84933-507e-4ea0-9ee6-1cbb2896da56; expires=Thu, 01-Jul-2021 18:48:22 GMT; Max-Age=2592000; path=/; domain=smartklick.biz
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests

Redirect headers

date
Tue, 01 Jun 2021 18:48:22 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
cf-cache-status
DYNAMIC
cf-request-id
0a6a80da830000640d56b2c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bH8UCkx5WIXJgtAXzkXSDpekz3WrSMKYe70yG73f3dSbZzU%2BhslN%2Fm0WzjGl9qaE8Xnyb0j55dTMjfgcu6EfgHvJSrEfu%2ByKqsEFLbfFViw5CT7H%2BnARyEgNQGB6jJCQl1fFgX6kvxM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658a9da40a6f640d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
2.png
smartklick.biz/img/8/
10 KB
11 KB
Image
General
Full URL
https://smartklick.biz/img/8/2.png
Requested by
Host: smartklick.biz
URL: https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.141.43 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:path
/img/8/2.png
pragma
no-cache
cookie
uuid=5fb84933-507e-4ea0-9ee6-1cbb2896da56
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
smartklick.biz
referer
https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:48:22 GMT
last-modified
Fri, 24 Jan 2020 08:39:18 GMT
server
nginx
etag
"5e2aad36-295f"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
10591
expires
Thu, 01 Jul 2021 18:48:22 GMT
1.png
smartklick.biz/img/8/
1 KB
1 KB
Image
General
Full URL
https://smartklick.biz/img/8/1.png
Requested by
Host: smartklick.biz
URL: https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.141.43 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:path
/img/8/1.png
pragma
no-cache
cookie
uuid=5fb84933-507e-4ea0-9ee6-1cbb2896da56
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
smartklick.biz
referer
https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://smartklick.biz/?p=hezggmlega5gi3bpgiydomru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:48:22 GMT
last-modified
Fri, 24 Jan 2020 08:39:18 GMT
server
nginx
etag
"5e2aad36-425"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
1061
expires
Thu, 01 Jul 2021 18:48:22 GMT
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array

1 Cookies

Domain/Path Name / Value
.smartklick.biz/ Name: uuid
Value: 5fb84933-507e-4ea0-9ee6-1cbb2896da56