floralhand.cfd Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Submitted URL: https://storage.googleapis.com/kogfuytuynojugha951357/jtyrdkjuykuytg.html#4Vgbjw46181Bjeu276ckagqckwhl205998CLBTLKCNZSTGJZL5/73...
Effective URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Submission: On February 16 via api from BE — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is floralhand.cfd.
TLS certificate: Issued by E1 on February 13th 2024. Valid for: 3 months.
This is the only time floralhand.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

Domain Requested by
28 floralhand.cfd bundlestare.com
floralhand.cfd
2 www.googletagmanager.com floralhand.cfd
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 trk-adulvion.com floralhand.cfd
1 bundlestare.com buileai.info
1 buileai.info storage.googleapis.com
1 storage.googleapis.com
0 event.trk-adulvion.com Failed trk-adulvion.com
41 8

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
bundlestare.com
R3
2024-01-25 -
2024-04-24
3 months crt.sh
floralhand.cfd
E1
2024-02-13 -
2024-05-13
3 months crt.sh
trk-adulvion.com
GTS CA 1P5
2024-02-15 -
2024-05-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Frame ID: 0D20DD9A2D230E2C1EADB5EA879264C2
Requests: 39 HTTP requests in this frame

Screenshot

Page Title

[1] Prämie ausstehend - Online Survey - Wir wollen Ihre Meinung!

Page URL History Show full URLs

  1. https://storage.googleapis.com/kogfuytuynojugha951357/jtyrdkjuykuytg.html Page URL
  2. http://buileai.info/t/4Vgbjw46181Bjeu276ckagqckwhl205998CLBTLKCNZSTGJZL5/7365K19 Page URL
  3. https://bundlestare.com/0/0/0/c47860aa870659e8e62fe4e47d0656f2/19/276-46181/205998-5-7365 Page URL
  4. https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

83 %
HTTPS

67 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

429 kB
Transfer

1112 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/kogfuytuynojugha951357/jtyrdkjuykuytg.html Page URL
  2. http://buileai.info/t/4Vgbjw46181Bjeu276ckagqckwhl205998CLBTLKCNZSTGJZL5/7365K19 Page URL
  3. https://bundlestare.com/0/0/0/c47860aa870659e8e62fe4e47d0656f2/19/276-46181/205998-5-7365 Page URL
  4. https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
jtyrdkjuykuytg.html
storage.googleapis.com/kogfuytuynojugha951357/
244 B
717 B
Document
General
Full URL
https://storage.googleapis.com/kogfuytuynojugha951357/jtyrdkjuykuytg.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1853
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
244
content-type
text/html
date
Fri, 16 Feb 2024 07:42:18 GMT
etag
"2d533b85266af390f9eb29190945a92f"
expires
Fri, 16 Feb 2024 08:42:18 GMT
last-modified
Sun, 07 Jan 2024 16:12:38 GMT
server
UploadServer
x-goog-generation
1704643958550402
x-goog-hash
crc32c=F9X3GQ== md5=LVM7hSZq85D56ykZCUWpLw==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
244
x-guploader-uploadid
ABPtcPrFOI6rmpZC_PbbkGwvzpRHBERDpXorSIFT0g2t6H05OU1GGA59euPIdbGc3UBUJABdGg
7365K19
buileai.info/t/4Vgbjw46181Bjeu276ckagqckwhl205998CLBTLKCNZSTGJZL5/
304 B
421 B
Document
General
Full URL
http://buileai.info/t/4Vgbjw46181Bjeu276ckagqckwhl205998CLBTLKCNZSTGJZL5/7365K19
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/kogfuytuynojugha951357/jtyrdkjuykuytg.html
Protocol
HTTP/1.1
Server
185.34.52.73 Vilnius, Lithuania, ASN61053 (VPSNET-AS, LT),
Reverse DNS
185-34-52-73.BIZ.SPECTRUM.com
Software
/
Resource Hash
c7a6df4eaf5e670878a0bc193430af67ec8c94df211c572c462d15eacecbb45a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
304
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Feb 2024 08:13:11 GMT
205998-5-7365
bundlestare.com/0/0/0/c47860aa870659e8e62fe4e47d0656f2/19/276-46181/
139 B
436 B
Document
General
Full URL
https://bundlestare.com/0/0/0/c47860aa870659e8e62fe4e47d0656f2/19/276-46181/205998-5-7365
Requested by
Host: buileai.info
URL: http://buileai.info/t/4Vgbjw46181Bjeu276ckagqckwhl205998CLBTLKCNZSTGJZL5/7365K19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.44.198.26 Moscow, Russian Federation, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://buileai.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
139
content-type
text/html; charset=UTF-8
date
Fri, 16 Feb 2024 08:13:13 GMT
server
Apache
Primary Request /
floralhand.cfd/
2 KB
1 KB
Document
General
Full URL
https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Requested by
Host: bundlestare.com
URL: https://bundlestare.com/0/0/0/c47860aa870659e8e62fe4e47d0656f2/19/276-46181/205998-5-7365
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4db3166ae1c5d720413d859565439ed7ae5eeb97ed54d29a55103ed3b6afda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bundlestare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8564547f7ad5363b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 16 Feb 2024 08:13:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gk8bTShudK69ZOZq3vmlpwck2LByZtcDWtAheopeSJC%2F1DGxvMimJ%2B0bpA5CAwju4p6j2HjPSPZKK9LJHsgU5Nq5zo5T%2BMtww2e1LZeqQfUU5ERecWyuKMny6QQanIa7YiE89rMwOKLOm5yj7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
e4220362d48ab743373f7c5d8a5a6ad8
floralhand.cfd/
57 KB
19 KB
XHR
General
Full URL
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8?_ax=w
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7e27dde3bcdac5a85e7d54a963351109618200956228f0e8e481644a8df1d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBCRlVZ8WmEEC6EE6tPsmRZa7I0bV2PUJhnbWdy65zfl0ppKFO%2FoX2Vx5%2BiN%2B9kWL2cyyBXVBJTdrvydKVAaO3PEao%2B8Av%2FgWDtwexQ1509u3MWCVmL9yr6x%2FC8%2BauU1UI5b02KfpPI9HhT7Og%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
856454837fc4363b-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
floralhand.cfd/assets/js/vendor/bootstrap/css/
141 KB
22 KB
Stylesheet
General
Full URL
https://floralhand.cfd/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133384
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BZN8D%2FTpXLQpRagMC%2BTIqxPzlyzpqeLfTbbxT3M%2FrrEPx1UBEeYNIBllqhpqt6Szg1Wpb2MUtLLaO%2B2FMzBFwftA9njVjttpLKFw%2BTFeRK%2BwIjqdYwgeePdL7KYZq7cjZiowJrf%2BNPfLY6U7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873da71c19-FRA
expires
Wed, 21 Feb 2024 19:10:10 GMT
all.css
floralhand.cfd/assets/vendors/fontawesome/css/
72 KB
13 KB
Stylesheet
General
Full URL
https://floralhand.cfd/assets/vendors/fontawesome/css/all.css
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133384
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlgY2px0OQ%2F7KbR8hqBKkFHE0lB0XIaRBRJvi3%2FmlI8CflktwXgEiy%2BOKUO4%2FRupiiYmIU3Ks7SII1Puwv6fXV2fQsA7sa%2FUtNMZAFzuo2vIs14epuMsQyWGjvSd97WABFP7vw3ns82KrYxAZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873dad1c19-FRA
expires
Wed, 21 Feb 2024 19:10:10 GMT
common-hybrid.css
floralhand.cfd/assets/css/giza/dist/
31 KB
8 KB
Stylesheet
General
Full URL
https://floralhand.cfd/assets/css/giza/dist/common-hybrid.css?v=b856c2465a133e55935568f2ba9f1d37
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8f8b38ca3a12a773d850945bfdb5d0d6a89b9ca30f7a6dc5c728101f508636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jan 2024 16:23:08 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5fTkz7qknViBtWBkL1gVyd5lFock0zZZiSXg%2BkJ0FiW%2FDc6TB%2BgkKQYznot5r7zh0nseD3qz6Ln8%2BFr2P03lI3dSBYGRJfKlNB%2BWXZHMZ1gxsu2o9PTkzsOQ9lAq9U5NatQ1YdYvfqJu%2BPXmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873db11c19-FRA
expires
Fri, 23 Feb 2024 08:13:15 GMT
msg.v3.js
floralhand.cfd/inc/
2 KB
1 KB
Script
General
Full URL
https://floralhand.cfd/inc/msg.v3.js?65cf191a8a639
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 15:48:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BX6zSX3qO9I%2BeNbcK6Jo%2B4k3cbtnMr%2BhIDJio4t8Q9If3A64hAR%2FbWWffuHI%2B3RDgCdMk3DekMhshLSrRqrTh%2Fo6V7XDcf0%2BLLJkPKZO4KE9K2ODvNmudcau5Qk0uYUMpvHVDnAEGkW4nWRgaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873db21c19-FRA
expires
Fri, 23 Feb 2024 08:13:15 GMT
bredband-ice-logo.png
floralhand.cfd/uploads/archive/company/410/images/
13 KB
13 KB
Image
General
Full URL
https://floralhand.cfd/uploads/archive/company/410/images/bredband-ice-logo.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd65fd757a11fa25900759e3e24763d02649a2de7d0cbc00f2cae6e9ec5d110
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110116
alt-svc
h3=":443"; ma=86400
content-length
12914
x-xss-protection
1; mode=block
last-modified
Wed, 15 Sep 2021 13:45:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIg6Jr%2FIRYUD773Ck7sEkRNWtoxeoeJ1RnkT9wpE1FfwE%2FFPir9Y7jhQHQY6p1K6sbdYE8QiNp2W2y6RASzhxmGYzqouvPqN9teTw33BbP5Lp5gpbuVtu7flUa%2BykF56MYmhMjKtoggAQLl%2BUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873db31c19-FRA
expires
Thu, 22 Feb 2024 01:37:58 GMT
flag-de.png
floralhand.cfd/assets/images/flags/
1 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/flags/flag-de.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133365
alt-svc
h3=":443"; ma=86400
content-length
1431
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLMWbxuWWcVFB8%2FE0qYGfZm1Y0t7XeaG4dkCzsCpA4yQBu1yjU0%2FzTrg2KNsNv1KYH3yLZ4azHwXDkB2Z3DUd0wshsDX5cOavlQH0nyFad1dD4sZGkaKFQ2p2dtyYW3tem3G%2F0Cv1NYCShPipg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873db61c19-FRA
expires
Wed, 21 Feb 2024 19:10:29 GMT
check.svg
floralhand.cfd/assets/images/
1 KB
1 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/check.svg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e76803c59c910dabc01ef803f9064c86bc4128de152874796a1f3947c4b25662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133384
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jul 2023 19:59:15 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZUGPZxOuS22K25zMNO1ARgPmFyuFR8FYdX8Kk94T0CBbIBJ1%2Bbqd4EgHTA%2Bm98uX%2FDtG5tcvacbQei9vdRc8kY4oqnR3yQ6kIj8mulAjpZIKuPAvns12%2BF%2BDi2YBE%2FzPNtnQn3KdDeNmt2LWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873db81c19-FRA
expires
Wed, 21 Feb 2024 19:10:10 GMT
ci5.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci5.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131534
alt-svc
h3=":443"; ma=86400
content-length
1878
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWXyrdd36hznvIHUV%2FAi%2BzWLb1o7sr57sangoxAy7jpGpQlVELuF9zXtyco8DospFvTi7ypMVbPo3uiorPZS2HPVt6GNnwWXJ3fZICIikt6j2yCZ7qEW2grbwZUD%2FRyKLZ88JyRCNiwrbdlsRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dba1c19-FRA
expires
Wed, 21 Feb 2024 19:41:00 GMT
vicon.png
floralhand.cfd/assets/images/
972 B
1 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/vicon.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133384
alt-svc
h3=":443"; ma=86400
content-length
972
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlaXJ9MRPC9yMwr6S8nU3bRdL1sLnsFAL2Nqd7xi1b7hrUMQu8dZTTGHtcEG1qMFC0jK8kJXcQAubSxYQj8Wu%2BRdaeYY6xe3AR6KCO9ZBZd3PfEwX0%2BJ53D%2Bx6ZloGu2TvXJulxiqomDnA2j9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dbd1c19-FRA
expires
Wed, 21 Feb 2024 19:10:10 GMT
ci9.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci9.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdbd0b5f18b8f392c2690d46eab91ad506f93a79ded7318b5cc547ed975a4529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129980
alt-svc
h3=":443"; ma=86400
content-length
1821
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gysX9G4OPpHZNq%2FL4j%2FIMDGqyMf%2FDMhp9%2FjB6oB%2Fv2bnEUr3JUJKQlK2aedu8iWRuChpxAqz8cuWRixGJdi1oYrHGk6y1pphypwf1LVP40SkXuiVCJx8m1RNh9LgZ72Wa4nlPLPeaPVisIF%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dbf1c19-FRA
expires
Wed, 21 Feb 2024 20:06:54 GMT
ci16.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci16.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f06bc81a732e876ce54fdae5ea0eb85ef861329306962bd2dad24ff1cfbc3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133383
alt-svc
h3=":443"; ma=86400
content-length
1763
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyXtt1L90t7PizPBTS%2FkgSLVKaBRmvafLiO1ZK6o28HaI3E2oO%2BKXbtlJ9luHBTLaiqMNdcHIXyNXP3whSp6cS0PQ74NH6uHqSSHf0FLzE7pidfjmiJzFeCJkJuH2XXX2vS%2BWOYGl30mFsRCrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dc01c19-FRA
expires
Wed, 21 Feb 2024 19:10:11 GMT
ci24.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci24.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8256b0fffc5021485dde1e5e990f82702a6f3a1a220844d00392bd9bedc63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133704
alt-svc
h3=":443"; ma=86400
content-length
1617
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PAD6hRPArcMnGlFhhzLr9yJNlKIof9giH37kbFEHMNHWycTFYYB%2FC8G1aZQXVprbIW9zacSpP%2F2DHi5GHcwgeKdHnWsHGiRIMo%2Bj7H2TjHjq%2Fh%2FU8bOYhkf7cmXQEky5GgNc%2B3ZuJji%2BJ%2BRIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dc31c19-FRA
expires
Wed, 21 Feb 2024 19:04:50 GMT
ci35.jpg
floralhand.cfd/assets/images/
2 KB
3 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci35.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133704
alt-svc
h3=":443"; ma=86400
content-length
2190
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2B1M2%2B3IHfdoaQXfijvfAKliHQkD2MNXaSGH446v7S04j%2B%2FmSg4NxJPQaUr6cKkHycYwt9N9xXLY82pj61XwYcR%2BMwdNhGi8pXsUJCz%2BZrdevldU4deXdd2U5P0413gBEn6IKDGU30Hd4wYiWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dc81c19-FRA
expires
Wed, 21 Feb 2024 19:04:50 GMT
ci23.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci23.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131534
alt-svc
h3=":443"; ma=86400
content-length
1784
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL44D5nW7Nf8fQlzKbvSO8o%2FShlzbzYqzFbEcUR%2FLKab%2BCMOUAnE2jxhimyy%2FumiIZ9YrieNDp06ctBdoEK4S6LBJ8sdMmNi3ADZuRxpkQ4y1NB6reXmeSQr9z4Xu5cGSBRIpAuCxPTqiartRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dc91c19-FRA
expires
Wed, 21 Feb 2024 19:41:00 GMT
ci30.jpg
floralhand.cfd/assets/images/
2 KB
2 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci30.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d04b46088ef1ee3b2aa958d1f028273d2adac5751011aa700b53594c0b10b78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126582
alt-svc
h3=":443"; ma=86400
content-length
1565
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2Nyym3XJXO6gNjhQe2snD1TJ1HuKXug4VErwioXrbc63qv2VqU2EATGJgHh2bQPaBf0qJ3uyUQQ8EyGT7FrOuT25QWtbOJvNfIEPA3kI5V1m1HwBN1wpnPK7gzIr0bEtpIuxuBx%2BSjMm80bPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dca1c19-FRA
expires
Wed, 21 Feb 2024 21:03:32 GMT
ci15.jpg
floralhand.cfd/assets/images/
2 KB
3 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/ci15.jpg
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129980
alt-svc
h3=":443"; ma=86400
content-length
2061
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1blcNIg78kpDD7pw0ypsiNsu23%2FxemMjbS2wLjaWX6rvZEyZREMCZtm083YaqCVD2kyvNRD5OzN1FDfDSPKcnX7Gm65ac7nBemG%2FjNmMQ1Iyn3hWo4KrVjZC3pGOepioUA7y9OMuVhNRKS6FPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dcd1c19-FRA
expires
Wed, 21 Feb 2024 20:06:54 GMT
x.png
floralhand.cfd/assets/images/common/
5 KB
6 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/common/x.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133704
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgkCwr%2BxS4k%2Fc474OVTxebdkLMrvBbIKz2vWu%2FjI1DHMWGGthOoYMcf0wHbTF4GgGMA4m0B4PFLIT3jpAZk8%2BrVRoPwSY%2FZNRxG5ZguxtKbcAb8OEiRZ3EwPNCry0WCiZbN9v0jyhS4OjGGwHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
856454873dcf1c19-FRA
expires
Wed, 21 Feb 2024 19:04:50 GMT
email-decode.min.js
floralhand.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://floralhand.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Feb 2024 17:53:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c66685-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mbx0MA4ik7Q4DqSTY7zT79jCee1IiNGFG8HS%2Bw19SC4Co8s11TDxi0moYYU1UQExmd8cvIsPfWySWnJSf3UuD9laQGkSdtO4v8pku9kWoKnNZxD0aPXIojU%2BednB04TcFc7knRdBcqdn%2Brw7Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
856454873dd51c19-FRA
expires
Sun, 18 Feb 2024 08:13:14 GMT
jquery-3.4.1.min.js
floralhand.cfd/assets/js/vendor/
86 KB
31 KB
Script
General
Full URL
https://floralhand.cfd/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133384
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfAqQCHHKI5qIl9Wj2S7cIfuDUTRcETRDBx75YHLj4t2AKojMCi3lzCdsoxUAZ1idbVIX4dbOikwlVUDdqaTDCL2ZrUZGDZCxPkTVlk8vAsTYD8CxsLQC4Hnod0MZfHFy4Cq1YrRWEmnEiLyDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873dd71c19-FRA
expires
Wed, 21 Feb 2024 19:10:10 GMT
bootstrap.min.js
floralhand.cfd/assets/js/vendor/bootstrap/js/
48 KB
14 KB
Script
General
Full URL
https://floralhand.cfd/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133383
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJMCMrG6pya5iFMYfPC7XwQgmn3e6UaA9YyrfUVhxr5uzhCmTSZXs7x0o6GtEidnXFK595c%2FmwtTWdqnJ07MPxRHHox4WYBUknTZ8KU2F6UvZMZIrjPxUHf3%2BXHr8oaxCkJmyyfurDqrJLKOiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873dd81c19-FRA
expires
Wed, 21 Feb 2024 19:10:11 GMT
functions.js
floralhand.cfd/assets/js/
814 B
886 B
Script
General
Full URL
https://floralhand.cfd/assets/js/functions.js?v=b856c2465a133e55935568f2ba9f1d37
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91caebaa07e970b9566eb195570097c03616d933955113dbfb1eced337a5f8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 14:17:59 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmd3gYLA6FC3AzOUbTIQMblkrWRCN68PrxMh1P4aZnIpSaiNncpdKcRmayZk%2FPt8nWZ2uvnt%2BrNpsr4R1%2FSy0V54%2F3qOba80d1RTyXO%2FjtnDPGtYSDY3%2BfSpo6CDr5oTJajc4VHREwVpwDB5tw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873ddb1c19-FRA
expires
Fri, 23 Feb 2024 08:13:15 GMT
intl_functions.js
floralhand.cfd/assets/js/
4 KB
2 KB
Script
General
Full URL
https://floralhand.cfd/assets/js/intl_functions.js?v=b856c2465a133e55935568f2ba9f1d37
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9437d87812b34d91f53e5421eeed60dd3aa108b42cb34f4a8dbb855a0531a55b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Sep 2023 15:07:29 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvsY6Pey5wZD4H41TeqS4xj9D%2Baz322Szrgv8qFCPl2QQHso9X%2FLyuGBa3T1byt4u4zOo3ZEOUTjMmnLnXSXgVyEwi5vmXcYtHLaDO5GLIa%2Fbeu07obJADKKGexQrikkUBxN9waajTZF9hK%2F0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873ddd1c19-FRA
expires
Fri, 23 Feb 2024 08:13:15 GMT
common-hybrid.js
floralhand.cfd/assets/js/giza/dist/
100 KB
22 KB
Script
General
Full URL
https://floralhand.cfd/assets/js/giza/dist/common-hybrid.js?v=b856c2465a133e55935568f2ba9f1d37
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/?s1=351432&s2=1142776152&s3=2275&s4=GIZA&ow=&s10=3595
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6527358ec1fd52efb776e60c0c3ed8c485dffa6989a07cff3f29430b7cc978f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jan 2024 16:23:08 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvPCzVGGaPfPVyx49g%2FVfnZF9%2Flljz8VI5Ko8ZyVxEs3%2F4o0HLfX5l5KKIST%2F61bZGnttxVWTLlEFc%2B8uSryezBt0nUsGHlOUSuxBob6DqSUOvxL8nI2zwC%2Ff48Qgcw6jAlXAVZ5wRuDIi2WjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
856454873dde1c19-FRA
expires
Fri, 23 Feb 2024 08:13:15 GMT
v9e118mez8
trk-adulvion.com/scripts/push/
7 KB
3 KB
Script
General
Full URL
https://trk-adulvion.com/scripts/push/v9e118mez8
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/inc/msg.v3.js?65cf191a8a639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6929
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 16 Feb 2024 06:17:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ85WIgf4TFENwQFdvNUTEWZYUI5xMbk7MN97OF%2FkPOd%2BzAVidBbxGtDnecj%2FNP3SiQv8xZsQR%2F%2BlDAh9vaT39cROua8FDiAnHKeUMkDwh67%2BjHuzHm%2FgB5FsRDpEv1ErEA%2BUpfdGQ3Fp8RP2IiR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
85645489ef5d3821-FRA
expires
0
gtm.js
www.googletagmanager.com/
186 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2605d35e3a3e1a273996b627f6175ffdb8e25a33fc5d772a0fbe100ab534499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67837
x-xss-protection
0
last-modified
Fri, 16 Feb 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Feb 2024 08:13:15 GMT
vicon.png
floralhand.cfd/assets/images/
972 B
1 KB
Image
General
Full URL
https://floralhand.cfd/assets/images/vicon.png
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133385
alt-svc
h3=":443"; ma=86400
content-length
972
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCktW%2B%2FTRz21sD%2FtmToBMXiyAe3RxbvWGVe7R59WVIaYv5TndVjp%2Boyo0ie5IuoMNZwmLjfSMjL%2B7CShC9byqZU5iDDrQdWMwQKAUF9OCRyZ%2F81D9SeQLAHukJMjc1H8tOQSoO2g%2F8eFH5oo5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8564548998de1c19-FRA
expires
Wed, 21 Feb 2024 19:10:10 GMT
RubikMonoOne.ttf
floralhand.cfd/assets/css/giza/dist/
0
0

fa-solid-900.woff2
floralhand.cfd/assets/vendors/fontawesome/webfonts/
78 KB
79 KB
Font
General
Full URL
https://floralhand.cfd/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://floralhand.cfd/assets/vendors/fontawesome/css/all.css
Origin
https://floralhand.cfd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133383
alt-svc
h3=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWEgrHcAGrcj6sLwG8HMzXuGnQNS6mz2osb2EN25M703PsFZU340zszlADLrX807WrfRY%2FdNHv58PCVku0T4eO9zipRRXKZ6s7bssHNhkky9lStvwsLkh1j9SmWcwK%2BJatA4sNgMF%2FVHpYZRsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85645489a8f61c19-FRA
expires
Wed, 21 Feb 2024 19:10:12 GMT
fa-regular-400.woff2
floralhand.cfd/assets/vendors/fontawesome/webfonts/
13 KB
14 KB
Font
General
Full URL
https://floralhand.cfd/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: floralhand.cfd
URL: https://floralhand.cfd/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://floralhand.cfd/assets/vendors/fontawesome/css/all.css
Origin
https://floralhand.cfd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133383
alt-svc
h3=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZ%2Fp2oqDN0JIOgOMmZTtl1EuUkHqLvCCOFFLF5plSsw5yLUivOrf0fLtxAdMtVUPyJVAJzc1lyeIZo6ghB3MVFAgKwWKf6376OJ%2FLmPXwkAiFf%2FzciRd6ZFbltsMyyMwyz9R48mxb8jnObpFIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85645489a8f91c19-FRA
expires
Wed, 21 Feb 2024 19:10:12 GMT
e4220362d48ab743373f7c5d8a5a6ad8
floralhand.cfd/
0
0

js
www.googletagmanager.com/gtag/
246 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa4112754c6712759d0013730fb8e31a46c01e4cd1bcc93836148413118f62d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 08:13:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Feb 2024 08:13:15 GMT
v9e118mez8
event.trk-adulvion.com/register/event_log/
0
0

v9e118mez8
event.trk-adulvion.com/register/event_log/
0
0

v9e118mez8
event.trk-adulvion.com/register/event_log/
0
0

v9e118mez8
event.trk-adulvion.com/register/event_log/
0
0

collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=45je42e0v884746590z8844508622za200&_p=1708071195132&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=919916942.1708071196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708071195&sct=1&seg=0&dl=https%3A%2F%2Ffloralhand.cfd%2Fe4220362d48ab743373f7c5d8a5a6ad8&dr=https%3A%2F%2Fbundlestare.com%2F&dt=%5B1%5D%20Pr%C3%A4mie%20ausstehend%20-%20Online%20Survey%20-%20Wir%20wollen%20Ihre%20Meinung!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2090
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floralhand.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Feb 2024 08:13:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://floralhand.cfd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
floralhand.cfd
URL
https://floralhand.cfd/assets/css/giza/dist/RubikMonoOne.ttf
Domain
floralhand.cfd
URL
https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
Domain
event.trk-adulvion.com
URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Domain
event.trk-adulvion.com
URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Domain
event.trk-adulvion.com
URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Domain
event.trk-adulvion.com
URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x4eba function| _0x3ccf function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| dataLayer function| $ function| jQuery object| bootstrap number| refresh_page function| startTimer number| duration undefined| time undefined| refresh function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| FNP string| CMPID string| API_URL object| currentdate object| months function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| a0_0xae18cc string| attrChoices string| domain string| pipeline string| zipcode string| state_selected boolean| skip_modal_email boolean| email_send_modal object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| sendOf function| runT function| replaceUrlParam function| startsurvey function| a0_0x1880 function| nextQuestion function| formatPhoneNumber function| overflowP function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| a0_0x11e0 function| emailPixel function| startSurveyU function| switchTypeQuestionsU function| nextQuestionU function| showOfferWallU function| validateData function| showStreetStateU function| showDisclaimer function| preventS string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl function| putVarCommon function| count_p function| mfq_tags function| showEmailModal function| hideM number| advEmail number| email_pixel string| prod_var number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers

2 Cookies

Domain/Path Name / Value
bundlestare.com/ Name: uid2275
Value: 1142776152-20240216031313-f746fb40609983a1036c2c49f8a42474-3646
floralhand.cfd/ Name: PHPSESSID
Value: 11eb6493da8b2319fbaa3bb91dd8a251

1 Console Messages

Source Level URL
Text
other error URL: https://floralhand.cfd/e4220362d48ab743373f7c5d8a5a6ad8
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buileai.info
bundlestare.com
event.trk-adulvion.com
floralhand.cfd
region1.google-analytics.com
storage.googleapis.com
trk-adulvion.com
www.googletagmanager.com
event.trk-adulvion.com
floralhand.cfd
185.34.52.73
2001:4860:4802:34::36
2a00:1450:4001:801::201b
2a00:1450:4001:811::2008
2a06:98c1:3121::3
37.44.198.26
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
1fd65fd757a11fa25900759e3e24763d02649a2de7d0cbc00f2cae6e9ec5d110
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
64f06bc81a732e876ce54fdae5ea0eb85ef861329306962bd2dad24ff1cfbc3b
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6d8f8b38ca3a12a773d850945bfdb5d0d6a89b9ca30f7a6dc5c728101f508636
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
91caebaa07e970b9566eb195570097c03616d933955113dbfb1eced337a5f8b5
9437d87812b34d91f53e5421eeed60dd3aa108b42cb34f4a8dbb855a0531a55b
aa4112754c6712759d0013730fb8e31a46c01e4cd1bcc93836148413118f62d8
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b4db3166ae1c5d720413d859565439ed7ae5eeb97ed54d29a55103ed3b6afda8
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bdbd0b5f18b8f392c2690d46eab91ad506f93a79ded7318b5cc547ed975a4529
c7a6df4eaf5e670878a0bc193430af67ec8c94df211c572c462d15eacecbb45a
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
d04b46088ef1ee3b2aa958d1f028273d2adac5751011aa700b53594c0b10b78c
d2605d35e3a3e1a273996b627f6175ffdb8e25a33fc5d772a0fbe100ab534499
d6527358ec1fd52efb776e60c0c3ed8c485dffa6989a07cff3f29430b7cc978f
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76803c59c910dabc01ef803f9064c86bc4128de152874796a1f3947c4b25662
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ea7e27dde3bcdac5a85e7d54a963351109618200956228f0e8e481644a8df1d6
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b
fc8256b0fffc5021485dde1e5e990f82702a6f3a1a220844d00392bd9bedc63a