Submitted URL: http://kb.clssportwear.com/
Effective URL: https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unk...
Submission: On February 10 via manual from GB — Scanned from GB

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 5.45.112.153, located in Estonia and belongs to PAGM-AS, EE. The main domain is flowerself.xyz.
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.
This is the only time flowerself.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 45.33.23.183 63949 (AKAMAI-AP...)
9 151.101.66.137 54113 (FASTLY)
2 54.237.193.255 14618 (AMAZON-AES)
1 162.247.241.14 23467 (NEWRELIC-...)
1 2 195.201.136.171 24940 (HETZNER-AS)
1 5.45.112.153 198068 (PAGM-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 142.132.255.57 24940 (HETZNER-AS)
19 9
Apex Domain
Subdomains
Transfer
9 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 325
20 KB
2 awasrqp.xyz
awasrqp.xyz — Cisco Umbrella Rank: 918206
1 KB
2 alia-iso.com
alia-iso.com — Cisco Umbrella Rank: 452115
3 KB
2 clssportwear.com
kb.clssportwear.com
22 KB
1 pushtorm.net
pushtorm.net — Cisco Umbrella Rank: 96343
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 687
31 KB
1 flowerself.xyz
flowerself.xyz
6 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 208
522 B
19 8
Domain Requested by
9 js-agent.newrelic.com kb.clssportwear.com
2 awasrqp.xyz 1 redirects alia-iso.com
2 alia-iso.com kb.clssportwear.com
alia-iso.com
2 kb.clssportwear.com 1 redirects
1 pushtorm.net flowerself.xyz
1 code.jquery.com flowerself.xyz
1 flowerself.xyz
1 bam.nr-data.net js-agent.newrelic.com
19 8

This site contains no links.

Subject Issuer Validity Valid
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
alia-iso.com
Amazon RSA 2048 M02
2022-12-19 -
2024-01-17
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
awasrqp.xyz
R3
2023-01-01 -
2023-04-01
3 months crt.sh
flowerself.xyz
R3
2023-01-09 -
2023-04-09
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
pushtorm.net
R3
2022-12-16 -
2023-03-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown
Frame ID: 1F54E7FDEC539E3468F49E9E8BEC4250
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Notification Confirmation

Page URL History Show full URLs

  1. http://kb.clssportwear.com/ Page URL
  2. http://kb.clssportwear.com/?gp=1&js=1&uuid=1676026729.0042894042&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjo... HTTP 302
    https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76d... Page URL
  3. https://alia-iso.com/zcredirect?visitid=e667fe21-a931-11ed-a96e-12772c2a18ef&type=js&browserWidth... Page URL
  4. https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zre667fe21a93111eda96e12772c2a18efd7d... HTTP 302
    https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=... Page URL
  5. https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

84 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

86 kB
Transfer

216 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kb.clssportwear.com/ Page URL
  2. http://kb.clssportwear.com/?gp=1&js=1&uuid=1676026729.0042894042&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
    https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b Page URL
  3. https://alia-iso.com/zcredirect?visitid=e667fe21-a931-11ed-a96e-12772c2a18ef&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zre667fe21a93111eda96e12772c2a18efd7da540113184fe3be8fef9542a067e8071098250fd1abfff8&vsc=0.033600&trgt=delta-son-vmj403q35m&src=erythraean-weasel&kwd=&vrt=NON-ADULT HTTP 302
    https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html Page URL
  5. https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://kb.clssportwear.com/?gp=1&js=1&uuid=1676026729.0042894042&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
  • https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Request Chain 15
  • https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zre667fe21a93111eda96e12772c2a18efd7da540113184fe3be8fef9542a067e8071098250fd1abfff8&vsc=0.033600&trgt=delta-son-vmj403q35m&src=erythraean-weasel&kwd=&vrt=NON-ADULT HTTP 302
  • https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
kb.clssportwear.com/
54 KB
21 KB
Document
General
Full URL
http://kb.clssportwear.com/
Protocol
HTTP/1.1
Server
45.33.23.183 Richardson, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
li977-183.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-type
text/html
date
Fri, 10 Feb 2023 10:58:49 GMT
server
openresty/1.13.6.1
transfer-encoding
chunked
692.215647de-1223.js
js-agent.newrelic.com/
2 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/692.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
I.n_PBR7fU5g2cmlAwgMlzr4Oik5bP_f
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NGNKCXB4RFK4AE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1087
x-amz-id-2
nZHhVyPtr48wydxYbTmNbAtrCib1032XGzveX00y2+8SbTvdVYhYnYEjk5bp9cjWV16Tf/OFErw=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.965600,VS0,VE0
etag
"2a9c8457fef96067bf92a4ec54fb10b8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17925
779.215647de-1223.js
js-agent.newrelic.com/
8 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/779.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
d0hMUd3mWD9ItciiSIXCSy8OWToOTtsf
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NMFKKJZF5JCWTH
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3516
x-amz-id-2
bOuzlBIHscksjphdq/G59RvIksN1xzWx/B1qsG3iJr4bITv81D3MqyRfP2J+ipKjUKGhU7W0lDM=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.966487,VS0,VE0
etag
"1f9dc6167676d6db728e844d20a97ad5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17967
823.215647de-1223.js
js-agent.newrelic.com/
3 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/823.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
W2tA0gkaWp6JlPnYeFhc2plzNBl_myPN
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NK2KQ8A98MWNSZ
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1365
x-amz-id-2
4MEnCXdoz/+QsX5B2zNrl1dQNXa6ZlLWaaKzWcfc6h7UQYgGk4qDgB8zI1zPOMtnPXdHUI6Jz+w=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.966980,VS0,VE0
etag
"ce7762cf4b6665f79c15503dbccd6c68"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17971
785.215647de-1223.js
js-agent.newrelic.com/
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/785.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
24gfKeCbKAAA6djjTUpWk6gRfGGq6MlZ
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NYW0G51MANQ7GN
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2103
x-amz-id-2
HWh1C7wSSBb8uvMrpuW9xzKix6LLIHsadEh030pGQPju5E23XBGjKY7L1IV4v11ZrXpQXK0xX1E=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.966576,VS0,VE0
etag
"85340359c90104ea511047eb2b57ebb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17981
325.215647de-1223.js
js-agent.newrelic.com/
1 KB
767 B
Script
General
Full URL
https://js-agent.newrelic.com/325.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
TZXfN40R6cv9QsF3fTfxRxppzwQ_LugL
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NHXG18BJ3TDFCV
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
560
x-amz-id-2
HuRRin9KASwqudYYowiK+wdFxp7++SkP66y1RfA59bvIcRUTZdDgirQz1zFDN50MxkrgjuruRbU=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.966086,VS0,VE0
etag
"8bfb1318203f2143642fa7f2620e90b9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17914
112.215647de-1223.js
js-agent.newrelic.com/
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/112.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
9bSPwe8fMEYRcVSv2EMBWMHRAeUObfWk
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NZZ5M11EJKCTQW
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2800
x-amz-id-2
WbTrcRKiq0TgGZYoFs5ddsk7daHZ+eMTDo21WW/fxRfaxUdbpQZgZfPe7tjjhPfLM5AGxU1ICkU=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.966075,VS0,VE0
etag
"b225b095bddb200dcb67ba7625a14e0b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
12135
960.215647de-1223.js
js-agent.newrelic.com/
5 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/960.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
iCdpSHjuiF_zf7kNvVpWKcwVkVeojeJa
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NS5844XJG9Y7P0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2233
x-amz-id-2
uwDXDnvtGcT8iTUChBzvMmHtmfFbNDvi2A0Xd8njmoPOdIB8CrByv+5hfI1l6Msk/4nTKRLtGck=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.996720,VS0,VE0
etag
"57e420fb6a7c52d0c27d5548fef4de16"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11821
307.215647de-1223.js
js-agent.newrelic.com/
9 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/307.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
ED2qEQGkNHGjLDyC2ELlsbsj8AXnsN9k
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NNRGQCFNXAPHQM
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3648
x-amz-id-2
8AwZchrRF+/V/qkI27Wwpja567y7hYzkAj6NxNeusg37hRb7TJ60/l/hbAMXbDavY2sHwTJAt2U=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.996706,VS0,VE0
etag
"cca13aa273adc25aced599968bea0601"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
12169
817.215647de-1223.js
js-agent.newrelic.com/
2 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/817.215647de-1223.js
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
fbj3lJUaysglBYTWHHCwffYncZ19MQ50
content-encoding
gzip
via
1.1 varnish
date
Fri, 10 Feb 2023 10:58:49 GMT
x-amz-request-id
Y3NKX4Y241GQRN9C
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1044
x-amz-id-2
mJRrbkZchzsLPIU7V2XF9/3ZQvNKDKPm26A9AxYP2HhwexwTilbLGhIwrFab6kzwZbN+aXMyqJM=
x-served-by
cache-lcy-eglc8600047-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1676026730.996669,VS0,VE0
etag
"a5dc24e5a104adfcf70621ff7fb620ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
12190
f8472a30-a5e5-11ec-9226-0a76dcc61f13
alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/
Redirect Chain
  • http://kb.clssportwear.com/?gp=1&js=1&uuid=1676026729.0042894042&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhd...
  • https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
1 KB
2 KB
Document
General
Full URL
https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Requested by
Host: kb.clssportwear.com
URL: http://kb.clssportwear.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.193.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-193-255.compute-1.amazonaws.com
Software
GuPsFiEI /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://kb.clssportwear.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Fri, 10 Feb 2023 10:58:51 GMT
server
GuPsFiEI
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

connection
close
content-language
en-gb
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 10 Feb 2023 10:58:51 GMT
location
https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
referrer-policy
no-referrer
server
openresty/1.13.6.1
vary
Accept-Language
0d385ba8a0
bam.nr-data.net/1/
49 B
522 B
Script
General
Full URL
https://bam.nr-data.net/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=619&ck=0&s=0&ref=http://kb.clssportwear.com/&be=505&fe=12&dc=11&perf=%7B%22timing%22:%7B%22of%22:1676026729371,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:102,%22c%22:102,%22ce%22:232,%22rq%22:232,%22rp%22:370,%22rpe%22:500,%22dl%22:372,%22di%22:516,%22ds%22:516,%22de%22:516,%22dc%22:516,%22l%22:516,%22le%22:519%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/692.215647de-1223.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://kb.clssportwear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 10:58:50 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
797454f75b0b3855-LHR
0d385ba8a0
bam.nr-data.net/jserrors/1/
0
0

0d385ba8a0
bam.nr-data.net/events/1/
0
0

zcredirect
alia-iso.com/
628 B
1 KB
Document
General
Full URL
https://alia-iso.com/zcredirect?visitid=e667fe21-a931-11ed-a96e-12772c2a18ef&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: alia-iso.com
URL: https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.193.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-193-255.compute-1.amazonaws.com
Software
SuEFvOfr /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Fri, 10 Feb 2023 10:58:51 GMT
redirected
JS
server
SuEFvOfr
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
index.php
awasrqp.xyz/nlp/
Redirect Chain
  • https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zre667fe21a93111eda96e12772c2a18efd7da540113184fe3be8fef9542a067e8071098250fd1abfff8&vsc=0.033600&trgt=delta-son-vmj403q35m&src=erythraean...
  • https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html
168 B
407 B
Document
General
Full URL
https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html
Requested by
Host: alia-iso.com
URL: https://alia-iso.com/zcredirect?visitid=e667fe21-a931-11ed-a96e-12772c2a18ef&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.201.136.171 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.136.201.195.clients.your-server.de
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://alia-iso.com/zcredirect?visitid=e667fe21-a931-11ed-a96e-12772c2a18ef&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Feb 2023 10:58:52 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Feb 2023 10:58:52 GMT
Location
https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Primary Request c.html
flowerself.xyz/
16 KB
6 KB
Document
General
Full URL
https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.45.112.153 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
s5ff4df57.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
8a7a84a433198c7f2cec520e6bed7bdb973b34c1aeadaa5f96c023c920a6c65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://awasrqp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 10 Feb 2023 10:58:52 GMT
etag
W/"62d02426-3ef2"
last-modified
Thu, 14 Jul 2022 14:11:50 GMT
server
nginx/1.18.0
strict-transport-security
max-age=31536000
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: flowerself.xyz
URL: https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://flowerself.xyz/
Origin
https://flowerself.xyz
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 10:58:52 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPzimJ8GEo4BCiQyZmI0NDQ5ZS1mNTc5LTRmZDEtODQ5NS1lYjg2M2Q0MzlmYTQQqKenrJKE/QIaBgjsxpifBiITMmEwMjo4Yzg6YzEwOjMwOjoxNyicmAMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDVlZmU4MGFmLWU2ZWQtNGU1NS05MGE3LTQxYjA2NjRlYjNmORib8QEiGAgCEhRjZHMwODEubG80Lmh3Y2RuLm5ldA==.uQvS5ODHbR6/EoCN4CiE251KMJYhTRNLRvG13vCR8BA=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1676026732.dop261.lo4.t,1676026732.cds056.lo4.hn,1676026732.cds081.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
subscription.js
pushtorm.net/
14 KB
4 KB
Script
General
Full URL
https://pushtorm.net/subscription.js
Requested by
Host: flowerself.xyz
URL: https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
142.132.255.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.255.132.142.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d2cfe72bfbc69132aea6712ba2f460cafec47237707b28a8be26f4a8724a17ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://flowerself.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 10:58:52 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 07 Feb 2023 17:36:04 GMT
Server
nginx/1.14.2
ETag
"1d93b1aa6eeedec"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=2096&ck=0&s=0&ref=http://kb.clssportwear.com/
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=2100&ck=0&s=0&ref=http://kb.clssportwear.com/

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| getUrlParameter object| lang object| pushService

3 Cookies

Domain/Path Name / Value
kb.clssportwear.com/ Name: mtm_delivered
Value: ""
awasrqp.xyz/ Name: uclick
Value: xsh946gx
awasrqp.xyz/ Name: uclickhash
Value: xsh946gx-xsh946gx-17he-0-gme8-ejoc-ej4p-f82d2b