floralhand.cfd Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Submitted URL: https://storage.googleapis.com/chekqsjd54s5/001jhdkjqsd.html#4ArSzr46022VkrU417ijdyfyabyi205377ETYGNJETPEXCIPO6/7433d23
Effective URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Submission: On February 16 via api from BE — Scanned from DE

Summary

This website contacted 5 IPs in 4 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is floralhand.cfd.
TLS certificate: Issued by E1 on February 13th 2024. Valid for: 3 months.
This is the only time floralhand.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 185.80.128.14 61053 (VPSNET-AS)
1 37.44.198.26 49392 (ASBAXETN)
20 2a06:98c1:312... 13335 (CLOUDFLAR...)
28 5
Apex Domain
Subdomains
Transfer
20 floralhand.cfd
floralhand.cfd
173 KB
1 bundlestare.com
bundlestare.com
436 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 398
713 B
28 3
Domain Requested by
20 floralhand.cfd bundlestare.com
floralhand.cfd
1 bundlestare.com 185.80.128.14
1 storage.googleapis.com
28 3

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
bundlestare.com
R3
2024-01-25 -
2024-04-24
3 months crt.sh
floralhand.cfd
E1
2024-02-13 -
2024-05-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Frame ID: 2A08B1EF8C0250EB09FAECA0780DC894
Requests: 28 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://storage.googleapis.com/chekqsjd54s5/001jhdkjqsd.html Page URL
  2. http://185.80.128.14/t/4ArSzr46022VkrU417ijdyfyabyi205377ETYGNJETPEXCIPO6/7433d23 Page URL
  3. https://bundlestare.com/0/0/0/2f7c97bbe8b02c3cb02dc8c811fa77b4/23/417-46022/205377-6-7433 Page URL
  4. https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

79 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

5
IPs

4
Countries

175 kB
Transfer

473 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/chekqsjd54s5/001jhdkjqsd.html Page URL
  2. http://185.80.128.14/t/4ArSzr46022VkrU417ijdyfyabyi205377ETYGNJETPEXCIPO6/7433d23 Page URL
  3. https://bundlestare.com/0/0/0/2f7c97bbe8b02c3cb02dc8c811fa77b4/23/417-46022/205377-6-7433 Page URL
  4. https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
001jhdkjqsd.html
storage.googleapis.com/chekqsjd54s5/
245 B
713 B
Document
General
Full URL
https://storage.googleapis.com/chekqsjd54s5/001jhdkjqsd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
245
content-type
text/html
date
Fri, 16 Feb 2024 03:03:35 GMT
etag
"711683d61126d8451010c30239c95192"
expires
Fri, 16 Feb 2024 04:03:35 GMT
last-modified
Thu, 21 Dec 2023 19:45:27 GMT
server
UploadServer
x-goog-generation
1703187927467454
x-goog-hash
crc32c=DeOILw== md5=cRaD1hEm2EUQEMMCOclRkg==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
245
x-guploader-uploadid
ABPtcPoirLthcQXowmzFXekwT81wOT8lu-21XqfFa4uOJQ6fNyRCG3pG_gR6mJ-KG4sTyhT7lQ
7433d23
185.80.128.14/t/4ArSzr46022VkrU417ijdyfyabyi205377ETYGNJETPEXCIPO6/
304 B
421 B
Document
General
Full URL
http://185.80.128.14/t/4ArSzr46022VkrU417ijdyfyabyi205377ETYGNJETPEXCIPO6/7433d23
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/chekqsjd54s5/001jhdkjqsd.html
Protocol
HTTP/1.1
Server
185.80.128.14 , Lithuania, ASN61053 (VPSNET-AS, LT),
Reverse DNS
185-80-128-14.BIZ.SPECTRUM.COM
Software
/
Resource Hash
a65d3108b5413cdd23886814c2d0ae45a891faf9a8ce59417c69495919d9cdb6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
304
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Feb 2024 03:05:17 GMT
205377-6-7433
bundlestare.com/0/0/0/2f7c97bbe8b02c3cb02dc8c811fa77b4/23/417-46022/
139 B
436 B
Document
General
Full URL
https://bundlestare.com/0/0/0/2f7c97bbe8b02c3cb02dc8c811fa77b4/23/417-46022/205377-6-7433
Requested by
Host: 185.80.128.14
URL: http://185.80.128.14/t/4ArSzr46022VkrU417ijdyfyabyi205377ETYGNJETPEXCIPO6/7433d23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.44.198.26 Moscow, Russian Federation, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://185.80.128.14/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
139
content-type
text/html; charset=UTF-8
date
Fri, 16 Feb 2024 03:05:19 GMT
server
Apache
Primary Request /
floralhand.cfd/
2 KB
1 KB
Document
General
Full URL
https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Requested by
Host: bundlestare.com
URL: https://bundlestare.com/0/0/0/2f7c97bbe8b02c3cb02dc8c811fa77b4/23/417-46022/205377-6-7433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ddac2764ed89f2b4ae92679ce6aff110113f800fe188828d24383426ac3687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bundlestare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8562917abd1b5d46-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 16 Feb 2024 03:05:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPdRMQlia3CnVXRcrttiTyRIJOsGETSoPvPUd8CV48EF3EWfW1%2FTDnuFlj5IENmXvD7hv%2BYAGcyPVdGLuu0V7wV42Y9CJoVlMAAZSCEZziPDOMI60mXT6x39N%2BXoBOd4V3fk5T2RJgsXx43A7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
4285adf7f480a157ef773f60ab0c8802
floralhand.cfd/
57 KB
19 KB
XHR
General
Full URL
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802?_ax=w
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698d2bf9879c2232e5335285067a9162970b710d54697c05af4ce01d0ef7558e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwJu2eh%2Bx4sIueMvyaxHYi2zbwYTZbDWSUquUe0YjHIytI3%2B3W7blCGHd7MEhee9zdnrgrEr26Xo3J7%2F92cruPmC6eVeKElvtjJnQskwVEhZ2uebUO8dmvndKsnrKjA6VDBaIzTfbMRCc%2FUzxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8562917ebe995d46-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
floralhand.cfd/assets/js/vendor/bootstrap/css/
141 KB
22 KB
Stylesheet
General
Full URL
https://floralhand.cfd/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FY2gFMGnlUD3RSLojgbuS%2BWlj2Rtafx%2BEUX%2FKMbmcbDsXqav8So2dIPRo33uhAd6nYPwyb4DJNFQ%2BlhHyOCZCxkLjPOefE0NmYnWTtLdHPCt0tUqs61zPOWwwUTGpa8vMsiSLmXLjx56T1%2Bdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856291828cf93672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
all.css
floralhand.cfd/assets/vendors/fontawesome/css/
72 KB
13 KB
Stylesheet
General
Full URL
https://floralhand.cfd/assets/vendors/fontawesome/css/all.css
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjaXFbdEh2kDhY7NNCGT9ANlEP3L%2B2RG7Hx%2BO%2FQxTcVwfKlm0ceV46RzKE7WyDh9fi3%2B%2BPAkooE%2BYUarNhPdS%2BcAT8HdpVrfk9pVWYZF5buZk7gfkI2%2FGT%2FU0ajXHJlZqdJkp5R64Lkec3ooVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856291828cfb3672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
common-hybrid.css
floralhand.cfd/assets/css/giza/dist/
0
0

msg.v3.js
floralhand.cfd/inc/
0
0

onlinesurvey-color.png
floralhand.cfd/uploads/archive/company/175/images/
41 KB
41 KB
Image
General
Full URL
https://floralhand.cfd/uploads/archive/company/175/images/onlinesurvey-color.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115994
alt-svc
h3=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Thu, 10 Mar 2022 19:58:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQnabKw%2B%2FyruKZcYuAMDyW0PfBtSMhnUSuS8HDsJ9axVuB%2FFQr%2BF9jBZljI1bG3BntI9fOD9T5vspD%2B5O7KdiZ%2F8wYTPuD4tzB2xMrMchrtS6r7qUjzr1ZN%2Fg9oRyv2fLOkDpKWWVJgJ5qLPRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d003672-FRA
expires
Wed, 21 Feb 2024 18:52:07 GMT
flag-de.png
floralhand.cfd/assets/images/flags/
1 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/flags/flag-de.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114801
alt-svc
h3=":443"; ma=86400
content-length
1431
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzpk0pxkDp2uMucTnq0y%2Bt%2BdRioUHHv5YnBff2krny4hTCOe1whaLfp0A%2BWKQYdl502UpriuPNMDWTb73rGrTNApBGSXM%2B8%2BUvcFBn%2FxdN03zrsj7q7yZ9TmewRg3FgRaPzsFCMAhPiI4P8Z5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d023672-FRA
expires
Wed, 21 Feb 2024 19:12:00 GMT
check.svg
floralhand.cfd/assets/images/
1 KB
1 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/check.svg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e76803c59c910dabc01ef803f9064c86bc4128de152874796a1f3947c4b25662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jul 2023 19:59:15 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMpOD2b0tt3wzU3tpzDmWADJYQ1aR7h3LdlUo5F4NAMDGMt3R9k8EjYQaFD5YLUNNsdCl628hCJDdA0huqn2YHIjGnUw3ItBO5jmUHxUzYYfDmAWqsF3CBjFQQzVfV0xBDdZAlLsQNcUk2e41A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856291828d033672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
ci19.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci19.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
112464
alt-svc
h3=":443"; ma=86400
content-length
1964
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8GTsW%2FxjGo9hL1xx7Eptil8%2BShOk%2BeN%2BO4x3euTmBfWMw7ov%2BNtSs2e%2BrnWgB4M9GSDXxLrLK9Jx7n2Q%2FyADf6tanZTHea8uQuV6md35cYwfQ%2FNCnzDtlRZLX%2FB6y%2BJsmjxM%2Bz1I4BkXYay1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d043672-FRA
expires
Wed, 21 Feb 2024 19:50:57 GMT
vicon.png
floralhand.cfd/assets/images/
972 B
1 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/vicon.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
content-length
972
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BJsawTPx8keHjZ9KfgOdfFjhot%2F6Uym8oyfnm6uc8M6r6ZrdEakXUwYDzNHahcppL%2BNtO8XJ1MIIP8g0Pnh%2FXdkW2i8P%2FC8oaQI1yLOC8DkzFlUX%2Fugq6HXdvq9Vgb1fUZ7ZH94scPzh0cNlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d053672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
ci26.jpg
floralhand.cfd/assets/images/
2 KB
3 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci26.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115994
alt-svc
h3=":443"; ma=86400
content-length
2069
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D1Xqjogp3gqZ0OpTbeEzc92sFBrstNfQu%2Fij5ZerBmrcRNb4ouxGoqDZJ2LtOlCPnAyl2OKEz%2BHsDscy0I3MYIX7nqov12Jy%2FF8W2C2vFnqDSTY%2BizYm0BrMS3HYZ4G60Z2MwqYWoHzJxDnXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d073672-FRA
expires
Wed, 21 Feb 2024 18:52:07 GMT
ci2.jpg
floralhand.cfd/assets/images/
2 KB
3 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci2.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
content-length
2066
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LegPG0T8OOMlHaJXKChRF4L%2B9qcxtfgY%2F3FicLWfeSnXFKb71t48qIbbuHHCjjJh8G%2FRuUb372ebbmbDqWmlQx1aB7E0pNGEn43OZJen2PBfTGkvcGwoJdbP88pBoMbp41neqGwUwqmXiopjWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d0a3672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
ci35.jpg
floralhand.cfd/assets/images/
2 KB
3 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci35.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
content-length
2190
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJElCxCqeCRk%2FG%2Bj9r8H38ggTpfUBl6JEqQKBaHAXg4TuaHZeTnjbJZHEXlZdGeJJEXnVNQLs1xSIawJPbUtT4en61pTOdpfAEHzIEK0X2GaySK3LRYnRfsgyeFQGqraDVDmdrPrBF6%2BAwKjzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d0b3672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
ci15.jpg
floralhand.cfd/assets/images/
2 KB
3 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci15.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116114
alt-svc
h3=":443"; ma=86400
content-length
2061
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5iG6wugTZuLcgDvCQ3a%2B8L0cqJMRO6uuqQdsPYd66gJ4ePYHyQYAWDAikgMEOwJ2Egs1BRYcp959njoV86SQ1AEv%2FyGAboPULg8Fl2D5SdauJ2xZcajH%2BeAlie0wHpIe%2FdgPZ2aL3RsSs37dA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d0c3672-FRA
expires
Wed, 21 Feb 2024 18:50:07 GMT
ci34.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci34.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2dcc8d291e930f294c0b96fda36589f0b412848578c396b981e62ac9d4aca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
112477
alt-svc
h3=":443"; ma=86400
content-length
1985
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRsWw7cGy8vNgVioqk%2BrqZjh7G5l%2FqMwK3qnsLt3G5dz5GM%2BQ2RrluOHRWVS45%2BmR5guER2ZcKb8I9jLg%2BjYf7m8tzlWJRF4KmHCRrYWHtuYTbhc69Bw7BRkjOVK2uo0cPus2R%2BPB5WFA4sUYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d0d3672-FRA
expires
Wed, 21 Feb 2024 19:50:44 GMT
ci23.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci23.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
113825
alt-svc
h3=":443"; ma=86400
content-length
1784
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCT88ic3Yz%2B%2FqWvvvVLEAVbXN6NCKvyIAfEiyFW5OWGH9fF2lenYYdQrTlBEHNMQvuYeCm60KtGlKbTsb5VporkK5Lr8OpJEvluOD%2FZPLDqm7XZZ53DmVUaO6GmTIrVqk%2BEE7jIk3ceKEHtZdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d0e3672-FRA
expires
Wed, 21 Feb 2024 19:28:16 GMT
ci6.jpg
floralhand.cfd/assets/images/
2 KB
3 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci6.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec006ed8744a3d28521058de2dcf88a3b2b6675af4c094410bdc7026db636d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105886
alt-svc
h3=":443"; ma=86400
content-length
2258
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mlrlye%2BEFc7CGL%2F1GhDbnd37CWfFKgEac5hvj2uiBgkWdF9T8glxuhuS5KujrNr7%2BfzCY799JEBbf0TTifufANeymbobK9aQHbyFDbCR99r0VyTiGt7G6BeLSqzkQpGaPMoCg61HnwMKFZxPMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d0f3672-FRA
expires
Wed, 21 Feb 2024 21:40:35 GMT
x.png
floralhand.cfd/assets/images/common/
5 KB
6 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/common/x.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgySb11bzhrnLsMUoCCZpXksBf10e1PbVgP2vVdzyFPKPFbJJRjBeIwcjkHw7GRKBDnQHD5BlHqbqfcH36%2Bsm51EAo%2FjQleYxdUfgxguHakBVD5J%2FkiA%2BX206vTXNH3MJTIbgTtqoyAN9AaPkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856291828d103672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
email-decode.min.js
floralhand.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://floralhand.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Feb 2024 17:53:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c66685-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba%2B8BgolR2JGUzDksJkOxxpTWGxIBoUK7TQHXCoik0WANjs4hO8co5oq6oWGMOnKB0awC23wbDaTPsj3JVKBVQKQfzcoqwyenksOf4DdlGfM7ZYGRhUg9QvgPlv4bcrob86lzEmymG6jwUZh7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
856291828d143672-FRA
expires
Sun, 18 Feb 2024 03:05:21 GMT
jquery-3.4.1.min.js
floralhand.cfd/assets/js/vendor/
86 KB
31 KB
Script
General
Full URL
https://floralhand.cfd/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUiQZfcen1GB2qdPnOyOc9B8V%2F9zjSJFQXf5LrzlHbm6SvxDmp1OkE8k2lX%2B4VkG6iDIUhG%2BRxqo42ECOZfYYRElOCcir%2BhVj5%2FYDZnKuQIZ7qmsXeAeUEXh%2FVKVbHD1I9zb2FkqPE2fugWjrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856291828d153672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
bootstrap.min.js
floralhand.cfd/assets/js/vendor/bootstrap/js/
48 KB
14 KB
Script
General
Full URL
https://floralhand.cfd/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142722716&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/4285adf7f480a157ef773f60ab0c8802
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 03:05:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116095
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhqSwzisfeL2tYwyAMY7SKdkpxS1AX7Y3EmYZA47u06Q1psWWd3mQH%2BcQ9YHoI5HvMcNEn1z%2FeLyGyVMXz7B3LQdhPJyT%2FZ5%2BE1OXfF9Dw2YDf75MxtdGBcWDGGEYpfVfSfPNcC5xL7XYxygpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856291828d173672-FRA
expires
Wed, 21 Feb 2024 18:50:26 GMT
functions.js
floralhand.cfd/assets/js/
0
0

intl_functions.js
floralhand.cfd/assets/js/
0
0

common-hybrid.js
floralhand.cfd/assets/js/giza/dist/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
floralhand.cfd
URL
https://floralhand.cfd/assets/css/giza/dist/common-hybrid.css?v=e1bbb575a71113ae8ce6b69b37327638
Domain
floralhand.cfd
URL
https://floralhand.cfd/inc/msg.v3.js?65ced0f020249
Domain
floralhand.cfd
URL
https://floralhand.cfd/assets/js/functions.js?v=e1bbb575a71113ae8ce6b69b37327638
Domain
floralhand.cfd
URL
https://floralhand.cfd/assets/js/intl_functions.js?v=e1bbb575a71113ae8ce6b69b37327638
Domain
floralhand.cfd
URL
https://floralhand.cfd/assets/js/giza/dist/common-hybrid.js?v=e1bbb575a71113ae8ce6b69b37327638

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x4eba function| _0x3ccf

2 Cookies

Domain/Path Name / Value
bundlestare.com/ Name: uid2275
Value: 1142722716-20240215220519-f746fb40609983a1036c2c49f8a42474-3646
floralhand.cfd/ Name: PHPSESSID
Value: a6f6429bda6324fb9a833c5e2c8917d2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bundlestare.com
floralhand.cfd
storage.googleapis.com
floralhand.cfd
185.80.128.14
2a00:1450:4001:81c::201b
2a06:98c1:3121::3
37.44.198.26
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
698d2bf9879c2232e5335285067a9162970b710d54697c05af4ce01d0ef7558e
73ddac2764ed89f2b4ae92679ce6aff110113f800fe188828d24383426ac3687
9f2dcc8d291e930f294c0b96fda36589f0b412848578c396b981e62ac9d4aca9
a65d3108b5413cdd23886814c2d0ae45a891faf9a8ce59417c69495919d9cdb6
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e76803c59c910dabc01ef803f9064c86bc4128de152874796a1f3947c4b25662
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec006ed8744a3d28521058de2dcf88a3b2b6675af4c094410bdc7026db636d23
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b