Submitted URL: http://benfieldflorist.com/cl/5216_md/3/17/15/75/12617
Effective URL: https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d
Submission: On August 09 via api from US — Scanned from US

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 3 HTTP transactions. The main IP is 172.67.213.200, located in United States and belongs to CLOUDFLARENET, US. The main domain is zonaik.jetflaps.world.
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.
This is the only time zonaik.jetflaps.world was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.204.55.229 16276 (OVH)
1 173.231.61.185 18450 (WEBNX)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.67.213.200 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains
Transfer
2 jetflaps.world
zonaik.jetflaps.world
1 KB
1 holdsign.cfd
holdsign.cfd
689 B
1 preciserope.com
preciserope.com
417 B
1 benfieldflorist.com
benfieldflorist.com
356 B
3 4
Domain Requested by
2 zonaik.jetflaps.world preciserope.com
1 holdsign.cfd 1 redirects
1 preciserope.com
1 benfieldflorist.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
preciserope.com
R10
2024-07-19 -
2024-10-17
3 months crt.sh
jetflaps.world
WE1
2024-07-24 -
2024-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d
Frame ID: CCA73D8FDFB994FAA189DE4FABF7106D
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://benfieldflorist.com/cl/5216_md/3/17/15/75/12617 HTTP 307
    https://benfieldflorist.com/cl/5216_md/3/17/15/75/12617 HTTP 302
    https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md Page URL
  2. https://holdsign.cfd/?id=271&s1=352087&s2=1214621517&s3=7105&p=us5trator7z&s4=4273 HTTP 302
    https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d Page URL

Page Statistics

3
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://benfieldflorist.com/cl/5216_md/3/17/15/75/12617 HTTP 307
    https://benfieldflorist.com/cl/5216_md/3/17/15/75/12617 HTTP 302
    https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md Page URL
  2. https://holdsign.cfd/?id=271&s1=352087&s2=1214621517&s3=7105&p=us5trator7z&s4=4273 HTTP 302
    https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://benfieldflorist.com/cl/5216_md/3/17/15/75/12617 HTTP 307
  • https://benfieldflorist.com/cl/5216_md/3/17/15/75/12617 HTTP 302
  • https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
17_12513939_md
preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/
Redirect Chain
  • http://benfieldflorist.com/cl/5216_md/3/17/15/75/12617
  • https://benfieldflorist.com/cl/5216_md/3/17/15/75/12617
  • https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md
145 B
417 B
Document
General
Full URL
https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.231.61.185 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-61-185.static.webnx.com
Software
nginx/1.12.2 /
Resource Hash
19235e340852591f7b2ee1f10afa03a15fc69599e2994d1e6dff48d068ba00ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 00:30:29 GMT
server
nginx/1.12.2
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Aug 2024 00:30:27 GMT
Keep-Alive
timeout=5, max=100
Location
https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md
Server
Apache/2.4.57 (AlmaLinux) OpenSSL/3.0.7
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.33
Primary Request iconv
zonaik.jetflaps.world/rcje/qiaqy/gysce/
Redirect Chain
  • https://holdsign.cfd/?id=271&s1=352087&s2=1214621517&s3=7105&p=us5trator7z&s4=4273
  • https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d
13 B
612 B
Document
General
Full URL
https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d
Requested by
Host: preciserope.com
URL: https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58404bdf6dc25c24fedd979469e69bfb8dc9ebca64a469929a858a12b12b9c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://preciserope.com/0/0/0/994cb730d3a9ec931ed5d17c38b8f2d0/12617/75/17_12513939_md
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b03a34edaca2a9f-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 00:30:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWsT270vVx59FSBYHxvr%2FewgRH6pOHGxZgFenrsxqXhDWRPERCctQxE%2FMN0Vscadamn72M5Olt8TKHNkEnFmqGScyqGdFSjwNF1jFQJsDRLlXBqu2Eggu5rWaxni5RrR%2FUaB8C2wj4I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8b03a34aeb168400-LAX
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 00:30:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTC3ECau5UjCPLzIcBHRRwL3ftzAyGrLbvQxwiBG2LszDef3lP79BBC3095RjZHBWpccCInXAnfasW2NWYwOQBfYQnNw2mUxHBeIXhbLGZu02XaEmIawW%2FoQxGY4b5SaNrNqth1bRMWW0OQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
favicon.ico
zonaik.jetflaps.world/
0
506 B
Other
General
Full URL
https://zonaik.jetflaps.world/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zonaik.jetflaps.world/rcje/qiaqy/gysce/iconv?0c82d3d9d0e10f044bd3aebdc5fd6e7d
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 00:30:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170543
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jun 2024 20:46:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQHJTBrbE8Iak0mOlUk791r3JgfeAmscwGtCw9i7fxz%2FH5pvD3w3NtX5EmDC7PCGVD1mTWje%2B5W75xnAx86b1CH6PUXY8p0082Id4kDQ4L8LITyuV5iIHfMfiYX5V%2BjpLJX8doDxyKQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b03a3528f282a9f-LAX
expires
Wed, 14 Aug 2024 01:08:07 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
preciserope.com/ Name: uid7105
Value: 1214621517-20240808203029-48a48c34d943e5a3c85325f47ac0523a-4273
holdsign.cfd/ Name: PHPSESSID
Value: 57cdc42eb64f7125c1ccbfdcff163b3b
zonaik.jetflaps.world/ Name: PHPSESSID
Value: 30c36deaf15d72fdead20ed8b0ecf472