Submitted URL: http://cludee.space/
Effective URL: http://ggplpk.com/1?r=30217
Submission: On October 13 via manual from US — Scanned from DE

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 94.130.252.85, located in Neckargemund, Germany and belongs to HETZNER-AS, DE. The main domain is ggplpk.com.
This is the only time ggplpk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 94.130.252.85 24940 (HETZNER-AS)
1 1 52.19.21.97 16509 (AMAZON-02)
1 52.213.5.146 16509 (AMAZON-02)
3 3
Apex Domain
Subdomains
Transfer
1 flirtdatechat.com
wwv.flirtdatechat.com
374 B
1 www3secure.com
www3secure.com
881 B
1 ggplpk.com
ggplpk.com
1018 B
1 cludee.space
cludee.space
978 B
3 4
Domain Requested by
1 wwv.flirtdatechat.com ggplpk.com
1 www3secure.com 1 redirects
1 ggplpk.com
1 cludee.space
3 4

This site contains no links.

Subject Issuer Validity Valid
flirtdatechat.com
Amazon
2021-09-17 -
2022-10-15
a year crt.sh

This page contains 1 frames:

Frame: https://wwv.flirtdatechat.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-c5jh12et7soc0l9167ig&pctnr=3105011835000130217&sid=1
Frame ID: 9D23D67931E2F925D62ADD92F77B5B8C
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://cludee.space/ Page URL
  2. http://ggplpk.com/1?r=30217 Page URL

Page Statistics

3
Requests

33 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

2 kB
Transfer

1 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cludee.space/ Page URL
  2. http://ggplpk.com/1?r=30217 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www3secure.com/?a=1835&c=4119&s1=30217&s2=a8423343283b4e358ddb22f6e6f798&s3= HTTP 302
  • https://wwv.flirtdatechat.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-c5jh12et7soc0l9167ig&pctnr=3105011835000130217&sid=1

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
cludee.space/
202 B
978 B
Document
General
Full URL
http://cludee.space/
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c0ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb5f2ff70664ceb8aed40f8c5ef078592bc0e8963623c81697047a3e9973f02

Request headers

Host
cludee.space
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 13 Oct 2021 16:59:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
__ddg1=GMR5AjCVkmhaG1IZ1Z0G; Domain=.cludee.space; HttpOnly; Path=/; Expires=Thu, 13-Oct-2022 16:59:53 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3SuLCRUQ9it4YDsIkAMuwo3hiXN8437r7kS1494II3QGFGv5hP4r5xMWZ40eAeuv11FhcgGgCoZwvHAntC6WB%2F0sWJwLmv2eSIRSLoD6dvag3OGghgdgjqB1Wfo93heLhd%2FwlLkrOeaQvQ%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
69da1efb2fa25c1a-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request Cookie set 1
ggplpk.com/
685 B
1018 B
Document
General
Full URL
http://ggplpk.com/1?r=30217
Protocol
HTTP/1.1
Server
94.130.252.85 Neckargemund, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.252.130.94.clients.your-server.de
Software
/
Resource Hash

Request headers

Host
ggplpk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://cludee.space/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://cludee.space/

Response headers

Content-Type
text/html; charset=utf-8
Content-Length
685
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
0
Referrer-Policy
no-referrer
Set-Cookie
40325=a8423343-283b-4e35-8ddb-22f6e6f79889; expires=Fri, 12 Nov 2021 16:59:53 GMT; HttpOnly; SameSite=Strict
Connection
close
/
wwv.flirtdatechat.com/lps/
Redirect Chain
  • https://www3secure.com/?a=1835&c=4119&s1=30217&s2=a8423343283b4e358ddb22f6e6f798&s3=
  • https://wwv.flirtdatechat.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-c5jh12et7soc0l9167ig&pctnr=3105011835000130217&sid=1
0
374 B
Document
General
Full URL
https://wwv.flirtdatechat.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-c5jh12et7soc0l9167ig&pctnr=3105011835000130217&sid=1
Requested by
Host: ggplpk.com
URL: http://ggplpk.com/1?r=30217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.5.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
wwv.flirtdatechat.com
:scheme
https
:path
/lps/?lppnr=501&cidnr=ck191118v01x&r=3-c5jh12et7soc0l9167ig&pctnr=3105011835000130217&sid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Oct 2021 16:59:53 GMT
content-type
text/plain
content-length
0
set-cookie
AWSALB=6oPKAcVTeb6DaNEvMuffwysOucMYwgX0aGb3xup61kiGOglUjN8q+r/RwIJ/9YW5+lIUHFgrfDD9J/a5kFvPjFcd/nCbZuGKXrFyqao5TMx6apyZ///xOYxH4dKk; Expires=Wed, 20 Oct 2021 16:59:53 GMT; Path=/ AWSALBCORS=6oPKAcVTeb6DaNEvMuffwysOucMYwgX0aGb3xup61kiGOglUjN8q+r/RwIJ/9YW5+lIUHFgrfDD9J/a5kFvPjFcd/nCbZuGKXrFyqao5TMx6apyZ///xOYxH4dKk; Expires=Wed, 20 Oct 2021 16:59:53 GMT; Path=/; SameSite=None; Secure

Redirect headers

Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Oct 2021 16:59:53 GMT
Location
https://wwv.flirtdatechat.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-c5jh12et7soc0l9167ig&pctnr=3105011835000130217&sid=1
Set-Cookie
trk=qECLvO0WIJv686Af2PHlV/SxdfcpRama23oTaYRgfui1cRA/40MykWiVkuDbYNUmgsCfjixP8lk=; Domain=.www3secure.com; Expires=Fri, 13 Oct 2023 16:59:53 GMT; HttpOnly; Secure; SameSite=None sid=qECLvO0WIJv686Af2PHlV5p/fMROUCL323oTaYRgfujKJX2pmWohRGiVkuDbYNUmFyJObbNJ9rg=; Domain=.www3secure.com; HttpOnly; Secure; SameSite=None c188=qECLvO0WIJv686Af2PHlV6IhFGDETZ2eamlc61mfCuz4/hm3smhkkNSMEnLXRPlGPCI+GkIQHdycpnwDETjZE56rM8gJLvid; Domain=.www3secure.com; Expires=Fri, 12 Nov 2021 16:59:53 GMT; HttpOnly; Secure; SameSite=None
X-Ckt
c5jh12et7soc0l9167ig
X-Ray
c5jh12et7soc0l9167gg
Connection
close

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

7 Cookies

Domain/Path Name / Value
.cludee.space/ Name: __ddg1
Value: GMR5AjCVkmhaG1IZ1Z0G
ggplpk.com/ Name: 40325
Value: a8423343-283b-4e35-8ddb-22f6e6f79889
.www3secure.com/ Name: trk
Value: qECLvO0WIJv686Af2PHlV/SxdfcpRama23oTaYRgfui1cRA/40MykWiVkuDbYNUmgsCfjixP8lk=
.www3secure.com/ Name: sid
Value: qECLvO0WIJv686Af2PHlV5p/fMROUCL323oTaYRgfujKJX2pmWohRGiVkuDbYNUmFyJObbNJ9rg=
.www3secure.com/ Name: c188
Value: qECLvO0WIJv686Af2PHlV6IhFGDETZ2eamlc61mfCuz4/hm3smhkkNSMEnLXRPlGPCI+GkIQHdycpnwDETjZE56rM8gJLvid
wwv.flirtdatechat.com/ Name: AWSALB
Value: 6oPKAcVTeb6DaNEvMuffwysOucMYwgX0aGb3xup61kiGOglUjN8q+r/RwIJ/9YW5+lIUHFgrfDD9J/a5kFvPjFcd/nCbZuGKXrFyqao5TMx6apyZ///xOYxH4dKk
wwv.flirtdatechat.com/ Name: AWSALBCORS
Value: 6oPKAcVTeb6DaNEvMuffwysOucMYwgX0aGb3xup61kiGOglUjN8q+r/RwIJ/9YW5+lIUHFgrfDD9J/a5kFvPjFcd/nCbZuGKXrFyqao5TMx6apyZ///xOYxH4dKk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cludee.space
ggplpk.com
wwv.flirtdatechat.com
www3secure.com
2606:4700:3033::ac43:c0ac
52.19.21.97
52.213.5.146
94.130.252.85
6bb5f2ff70664ceb8aed40f8c5ef078592bc0e8963623c81697047a3e9973f02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855