nhom14.click Open in urlscan Pro
2606:4700:3034::6815:5a1c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nhom14.click/
Submission: On May 30 via api (May 30th 2024, 3:39:38 pm UTC) from BE — Scanned from DE

Summary HTTP 38 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3034::6815:5a1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is nhom14.click.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.

This is the only time nhom14.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3034::6815:5a1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	34.35.42.202 34.35.42.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	136.143.190.97 136.143.190.97	2639 (ZOHO-AS) (ZOHO-AS)
3	162.214.81.12 162.214.81.12	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	89.36.170.147 89.36.170.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
38	6

2 2606:4700:3034::6815:5a1c (United States)

ASN13335 (CLOUDFLARENET, US)

nhom14.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.35.42.202 (Johannesburg, South Africa)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.42.35.34.bc.googleusercontent.com

34.35.42.202	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.190.97 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.214.81.12 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: sh032.webhostingservices.com

demo.cawpthemes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.36.170.147 (Schlierbach, Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
PTR: zoho-170-147.dub3.computerline.net

js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	zohocdn.com js.zohocdn.com — Cisco Umbrella Rank: 13665 css.zohocdn.com — Cisco Umbrella Rank: 14204	40 KB
3	cawpthemes.com demo.cawpthemes.com	66 KB
2	zohopublic.com salesiq.zohopublic.com — Cisco Umbrella Rank: 15758	15 KB
2	nhom14.click nhom14.click	10 KB
0	gravatar.com Failed 1.gravatar.com Failed
0	Failed function sub() { [native code] }. Failed
38	6

	Domain	Requested by
3	demo.cawpthemes.com	nhom14.click
2	css.zohocdn.com	salesiq.zohopublic.com css.zohocdn.com
2	salesiq.zohopublic.com	nhom14.click js.zohocdn.com
2	nhom14.click
1	js.zohocdn.com	salesiq.zohopublic.com
0	1.gravatar.com Failed	nhom14.click
0	34.35.42.202 Failed	nhom14.click
38	7

This site contains links to these domains. Also see Links.

Domain
34.35.42.202
demo.cawpthemes.com
wordpress.org
en.gravatar.com
cawpthemes.com

Subject Issuer	Validity	Valid
nhom14.click GTS CA 1P5	`2024-05-23` - `2024-08-21`	3 months	crt.sh
US US	`2024-05-26` - `2024-05-28`	2 days	crt.sh
zohopublic.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
demo.cawpthemes.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-10` - `2024-10-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nhom14.click/
Frame ID: 1E236D56116F3AD7A52892C2F5EE079B
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

38
Requests

26 %
HTTPS

20 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

360 kB
Transfer

930 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://34.35.42.202/

Search URL Search Domain Scan URL

URL: https://demo.cawpthemes.com/flora-flowershop/
Title: Home

Search URL Search Domain Scan URL

URL: http://34.35.42.202/?page_id=2
Title: about

Search URL Search Domain Scan URL

URL: http://34.35.42.202/?p=1
Title: Welcome to shopnhahoa14

Search URL Search Domain Scan URL

URL: https://34.35.42.202/
Title: Shop now

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: A WordPress Commenter

Search URL Search Domain Scan URL

URL: http://34.35.42.202/?p=1#comment-1
Title: May 26, 2024

Search URL Search Domain Scan URL

URL: https://en.gravatar.com/
Title: Gravatar

Search URL Search Domain Scan URL

URL: http://34.35.42.202/?p=1&replytocom=1#respond
Title: Reply

Search URL Search Domain Scan URL

URL: http://34.35.42.202/?cat=1
Title: Uncategorized

Search URL Search Domain Scan URL

URL: https://cawpthemes.com/
Title: CA WP Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nhom14.click/ 39 KB
10 KB 470ms
408ms Document
text/html 2606:4700:3034::6815:5a1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhom14.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9defb9216cb151e9e1af12651a4266d1690735551904ced44dfb7637e3a795a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88bfd141fda1371d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 30 May 2024 15:39:31 GMT
link: <http://34.35.42.202/index.php?rest_route=/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSyGKikn9DoG4kOlWiftB5KiSp5CoO7sxdUPYN%2BcRk75xx7bezczCk5OSHLnfUi%2FJGt8xMqBFGXJadCAX4DlKTEpSToV%2FxvVsB0rJKRhDUVRbMz88ibIjeMykbwx63YJBgyBHr2RcWiW%2FLI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK style.min.css
34.35.42.202/wp-includes/css/dist/block-library/ 111 KB
15 KB 612ms
183ms Stylesheet
text/css 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2024 09:23:43 GMT
Server: Apache
ETag: "1bae5-6187aacb9410d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14991

GET
H/1.1 200
OK bootstrap.min.css
34.35.42.202/wp-content/themes/flora-flowershop/assets/css/ 227 KB
31 KB 613ms
184ms Stylesheet
text/css 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-content/themes/flora-flowershop/assets/css/bootstrap.min.css?ver=6.5.3
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2758c6b3eb5de3bdf0be6ad8a053181921890feb6d8474d27a8404a724e70d74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2024 15:08:18 GMT
Server: Apache
ETag: "38cf3-6195cc5591bf4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31259

GET
H/1.1 200
OK menu.css
34.35.42.202/wp-content/themes/flora-flowershop/menu/ 9 KB
2 KB 604ms
176ms Stylesheet
text/css 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-content/themes/flora-flowershop/menu/menu.css?ver=1.0
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6056a08311f2667af6e6aeea4df77e69a270033d690af3fc33b95e62ff90b0df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2024 15:08:18 GMT
Server: Apache
ETag: "25c3-6195cc5592b94-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1939

GET
H/1.1 200
OK customizer-custom.css
34.35.42.202/wp-content/themes/flora-flowershop/inc/customizer-button/ 461 B
566 B 607ms
179ms Stylesheet
text/css 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-content/themes/flora-flowershop/inc/customizer-button/customizer-custom.css?ver=6.5.3
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf60d5653e46502d94cad1c00ccb98a242fefc0ee6f10ddcfa57a39a302fe69e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2024 15:08:18 GMT
Server: Apache
ETag: "1cd-6195cc5591bf4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 246

GET
H/1.1 200
OK style.css
34.35.42.202/wp-content/themes/flora-flowershop/ 26 KB
6 KB 606ms
178ms Stylesheet
text/css 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-content/themes/flora-flowershop/style.css?ver=6.5.3
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 57c312f06b70cc0694c0e29c04260f109713384a81a289fec9daa088a5c803b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2024 15:08:18 GMT
Server: Apache
ETag: "679a-6195cc5592b94-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5961

GET
H/1.1 200
OK style.css
34.35.42.202/wp-content/themes/flora-flowershop/ 26 KB
6 KB 614ms
185ms Stylesheet
text/css 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-content/themes/flora-flowershop/style.css?ver=1.0
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 57c312f06b70cc0694c0e29c04260f109713384a81a289fec9daa088a5c803b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2024 15:08:18 GMT
Server: Apache
ETag: "679a-6195cc5592b94-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5961

GET
H/1.1 200
OK jquery.min.js Show response
34.35.42.202/wp-includes/js/jquery/ 86 KB
30 KB 787ms
182ms Script
application/javascript 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2024 09:23:43 GMT
Server: Apache
ETag: "15601-6187aacb8b467-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30368

GET
H/1.1 200
OK jquery-migrate.min.js Show response
34.35.42.202/wp-includes/js/jquery/ 13 KB
5 KB 785ms
177ms Script
application/javascript 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2024 09:23:43 GMT
Server: Apache
ETag: "3509-6187aacb8d3a8-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4872

GET
H/1.1 200
OK flower4.jpg
34.35.42.202/wp-content/uploads/2024/05/ 35 KB
35 KB 179ms
179ms Image
image/jpeg 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://34.35.42.202/wp-content/uploads/2024/05/flower4.jpg
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 26f942d08026c427c8df246260fa613dcee16b1a9c2f8e50d1da0dde3555689b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Last-Modified: Sun, 26 May 2024 16:36:06 GMT
Server: Apache
ETag: "8b3c-6195dff550029"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 35644

GET
H/1.1 200
OK flower6.jpg
34.35.42.202/wp-content/uploads/2024/05/ 43 KB
43 KB 181ms
181ms Image
image/jpeg 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://34.35.42.202/wp-content/uploads/2024/05/flower6.jpg
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b954426889e5e042cc6ad71262b4124c17cb051ce0999e06154d72849916d910

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:32 GMT
Last-Modified: Sun, 26 May 2024 16:36:06 GMT
Server: Apache
ETag: "aca4-6195dff54d149"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 44196

GET
H/1.1 200 widget Show response
salesiq.zohopublic.com/ 2 KB
2 KB 535ms
164ms Script
text/javascript 136.143.190.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/widget?plugin_source=wordpress&wc=siqe5059454fff29b298d27d77a13f71dc91e46037c68452a18273e7f505305bbf9

Requested by

Host: nhom14.click
URL: https://nhom14.click/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

4b62de85cc592a65fa413003cb9dbf7781c3c94ae5704dc16a44c170ea785145

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma
Date: Thu, 30 May 2024 15:39:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Server: ZGS
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: keep-alive
Expires: Thu, 30 May 2024 15:44:33 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
34.35.42.202/wp-content/themes/flora-flowershop/assets/js/ 59 KB
16 KB 185ms
183ms Script
application/javascript 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-content/themes/flora-flowershop/assets/js/bootstrap.min.js?ver=6.5.3
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7216ae1e85769baa647702e53a50f1ec2684cf0edc67aa0c5de703fac52fc75b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2024 15:08:18 GMT
Server: Apache
ETag: "ec59-6195cc5591bf4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16169

GET
H/1.1 200
OK menu.js Show response
34.35.42.202/wp-content/themes/flora-flowershop/menu/ 18 KB
4 KB 178ms
178ms Script
application/javascript 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://34.35.42.202/wp-content/themes/flora-flowershop/menu/menu.js?ver=1.0
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e39371f50655eadf612709e14c7b6c517612ea9e416380540bbb317d36314265

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 May 2024 15:08:18 GMT
Server: Apache
ETag: "49f5-6195cc5592b94-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4229

GET
BLOB 200
OK 0737589e-4ff6-4bc2-aeba-191d00658947
https://nhom14.click/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nhom14.click/0737589e-4ff6-4bc2-aeba-191d00658947
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET bannerimg-1.jpg
34.35.42.202/wp-content/uploads/2024/05/ 0
0

GET flower4.jpg
34.35.42.202/wp-content/uploads/2024/05/ 0
0

GET flower5.jpg
34.35.42.202/wp-content/uploads/2024/05/ 0
0

GET flower6.jpg
34.35.42.202/wp-content/uploads/2024/05/ 0
0

GET d7a973c7dab26985da5f961be7b74480
1.gravatar.com/avatar/ 0
0

GET 51330018-4.jpg
34.35.42.202/wp-content/uploads/2024/05/ 0
0

GET or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_zWTFCW.woff2
34.35.42.202/wp-content/fonts/literata/ 0
0

GET or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_XWTFCW.woff2
34.35.42.202/wp-content/fonts/literata/ 0
0

GET or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_3WTFCW.woff2
34.35.42.202/wp-content/fonts/literata/ 0
0

GET or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_LWTFCW.woff2
34.35.42.202/wp-content/fonts/literata/ 0
0

GET or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_7WTFCW.woff2
34.35.42.202/wp-content/fonts/literata/ 0
0

GET or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J__WTFCW.woff2
34.35.42.202/wp-content/fonts/literata/ 0
0

GET or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_HWTA.woff2
34.35.42.202/wp-content/fonts/literata/ 0
0

GET
H/1.1 200
OK flower5.jpg
34.35.42.202/wp-content/uploads/2024/05/ 33 KB
33 KB 177ms
176ms Image
image/jpeg 34.35.42.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://34.35.42.202/wp-content/uploads/2024/05/flower5.jpg
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.35.42.202 Johannesburg, South Africa, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.42.35.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: c5fd057653fc2d23519426bb7e99a40cadb72c0c58255652c44fedd8a30681a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:33 GMT
Last-Modified: Sun, 26 May 2024 16:36:06 GMT
Server: Apache
ETag: "83f1-6195dff54b209"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 33777

GET
H2 200 flower2.jpg
demo.cawpthemes.com/flora-flowershop/wp-content/uploads/sites/49/2024/04/ 19 KB
20 KB 1445ms
527ms Image
image/jpeg 162.214.81.12
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo.cawpthemes.com/flora-flowershop/wp-content/uploads/sites/49/2024/04/flower2.jpg
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.214.81.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: sh032.webhostingservices.com
Software: Apache /
Resource Hash: acb2e87422d45580214b5323290d59542317dbccf87d75f131e54c34d5253437

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:39:34 GMT
x-nginx-cache: WordPress
last-modified: Mon, 01 Apr 2024 10:11:37 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19959
expires: Fri, 30 May 2025 15:39:34 GMT

GET
H2 200 flower3.jpg
demo.cawpthemes.com/flora-flowershop/wp-content/uploads/sites/49/2024/04/ 19 KB
19 KB 1441ms
526ms Image
image/jpeg 162.214.81.12
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo.cawpthemes.com/flora-flowershop/wp-content/uploads/sites/49/2024/04/flower3.jpg
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.214.81.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: sh032.webhostingservices.com
Software: Apache /
Resource Hash: 0e3c5ba734e95d88fd4dbfa19ee8cfc04f60d3c74ac0db901b91624e618d9a68

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:39:34 GMT
x-nginx-cache: WordPress
last-modified: Mon, 01 Apr 2024 10:11:38 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19896
expires: Fri, 30 May 2025 15:39:34 GMT

GET
H2 200 flower1.jpg
demo.cawpthemes.com/flora-flowershop/wp-content/uploads/sites/49/2024/04/ 27 KB
27 KB 1267ms
368ms Image
image/jpeg 162.214.81.12
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo.cawpthemes.com/flora-flowershop/wp-content/uploads/sites/49/2024/04/flower1.jpg
Requested by: Host: nhom14.click
URL: https://nhom14.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.214.81.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: sh032.webhostingservices.com
Software: Apache /
Resource Hash: 9413eaede187654efb4005c4332ed398d39dc385cb23af4fe371b4a27ad17ad0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:39:34 GMT
x-nginx-cache: WordPress
last-modified: Mon, 01 Apr 2024 10:11:36 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27465
expires: Fri, 30 May 2025 15:39:34 GMT

GET
H2 200 float~plain~modern.yKDLFs_mBsFx8AMQf1kEWTwlqACvUquFYVkmwdI5zlM0UTD9d9g7E25Jb7CZb82x.js Show response
js.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/js/ 93 KB
34 KB 155ms
69ms Script
text/javascript 89.36.170.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/js/float~plain~modern.yKDLFs_mBsFx8AMQf1kEWTwlqACvUquFYVkmwdI5zlM0UTD9d9g7E25Jb7CZb82x.js

Requested by

Host: salesiq.zohopublic.com
URL: https://salesiq.zohopublic.com/widget?plugin_source=wordpress&wc=siqe5059454fff29b298d27d77a13f71dc91e46037c68452a18273e7f505305bbf9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

zoho-170-147.dub3.computerline.net

Software

ZGS /

Resource Hash

f47438b36098ef472fb5b786ca2b2de6ca5b83fc7555e66a5cdc8b5da33daada

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Origin: https://nhom14.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:39:33 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 33846
last-modified: Mon, 20 May 2024 11:05:46 GMT
server: ZGS
nb-request-id: 9b908aeb5976139d5d1e3a164988229d
etag: "b207a20113f9c0c3dddd5ba16ca32583"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ex1-3f9d255428d84d0ea82ed939cb09da63
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 float.td_hmbl0W5MZwAcLWS5DfGF2vJPqN8WjXOJKDKCUYRQ6-nb-Vb3Wp4wKsAZuK3DH.css
css.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/css/ 11 KB
4 KB 118ms
35ms Stylesheet
text/css 89.36.170.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/css/float.td_hmbl0W5MZwAcLWS5DfGF2vJPqN8WjXOJKDKCUYRQ6-nb-Vb3Wp4wKsAZuK3DH.css

Requested by

Host: salesiq.zohopublic.com
URL: https://salesiq.zohopublic.com/widget?plugin_source=wordpress&wc=siqe5059454fff29b298d27d77a13f71dc91e46037c68452a18273e7f505305bbf9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

zoho-170-147.dub3.computerline.net

Software

ZGS /

Resource Hash

41b5113c94ad83d3e7b35517a7bf255c7a61adad959154f573b26ffd833b70c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:39:33 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3319
last-modified: Fri, 26 Apr 2024 07:26:29 GMT
server: ZGS
nb-request-id: 8620a830d60ef121aa186d998b38a035
etag: "91f7dd0e73fa31a998911b2c3368e0d6"
vary: Accept-Encoding
content-language: en-US
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-d2501bf6c12e4f15b3d5b68308f16954
accept-ranges: bytes
timing-allow-origin: *

GET wp-emoji-release.min.js
34.35.42.202/wp-includes/js/ 0
0

GET
H/1.1 200 website Show response
salesiq.zohopublic.com/visitor/v2/channels/ 27 KB
14 KB 195ms
195ms XHR
application/json 136.143.190.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/visitor/v2/channels/website?widgetcode=siqe5059454fff29b298d27d77a13f71dc91e46037c68452a18273e7f505305bbf9&title=&current_domain=https%3A%2F%2Fnhom14.click&internal_channel_req=true&browser_language=en&is_signaturechat=false&include_fields=avuid

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/js/float~plain~modern.yKDLFs_mBsFx8AMQf1kEWTwlqACvUquFYVkmwdI5zlM0UTD9d9g7E25Jb7CZb82x.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

db386f62e9d47e9b61d0f25658478fc977813e9f08abe2f339419c809de9dfdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 15:39:33 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Server: ZGS
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://nhom14.click
Content-Language: de-DE
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Encoding: UTF-8
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel

GET
H2 404 favicon.ico
nhom14.click/ 196 B
493 B 352ms
351ms Other
text/html 2606:4700:3034::6815:5a1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhom14.click/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nhom14.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:39:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQamXNKcseD24raqohAG9JANheWScjQqssI%2BdiLix1KrgdWD7rugS95ix0cJiBm9M5X5ycJTUsXgdyNSYVc19GOX7zT2FQTYTy0II%2B9oII3QlH0KzdAr7zougEgvmmWyG3vR6J6rzjer9vc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 88bfd14f5b01371d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 siq_woVkgxwnerWFukYaiWxL3dGrvPm9B1i5mhoGDAP4gTeTSlxTWEXY93tAIiYbq1qY_.ttf
css.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/ASSETS_V6/fonts/ 3 KB
2 KB 35ms
34ms Font
font/ttf 89.36.170.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/ASSETS_V6/fonts/siq_woVkgxwnerWFukYaiWxL3dGrvPm9B1i5mhoGDAP4gTeTSlxTWEXY93tAIiYbq1qY_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/css/float.td_hmbl0W5MZwAcLWS5DfGF2vJPqN8WjXOJKDKCUYRQ6-nb-Vb3Wp4wKsAZuK3DH.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

zoho-170-147.dub3.computerline.net

Software

ZGS /

Resource Hash

460f3d0746de0584d9e58f3eeae9fee6087d2d56b42379394ca127540b2fdcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://css.zohocdn.com/salesiq/RESOURCE_BUNDLES/embedfloat/css/float.td_hmbl0W5MZwAcLWS5DfGF2vJPqN8WjXOJKDKCUYRQ6-nb-Vb3Wp4wKsAZuK3DH.css
Origin: https://nhom14.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:39:33 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2006
last-modified: Thu, 04 Apr 2024 08:43:49 GMT
server: ZGS
nb-request-id: 9a84165c815b76fd926930295d318d65
etag: "b20d94d67d70197d4bef1c73f632e585"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ex1-20670d9ed6ae48138c7ddc609f79053c
accept-ranges: bytes
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/uploads/2024/05/bannerimg-1.jpg

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/uploads/2024/05/flower4.jpg

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/uploads/2024/05/flower5.jpg

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/uploads/2024/05/flower6.jpg

Domain: 1.gravatar.com
URL: http://1.gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=96&d=mm&r=g

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/uploads/2024/05/51330018-4.jpg

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_zWTFCW.woff2

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_XWTFCW.woff2

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_3WTFCW.woff2

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_LWTFCW.woff2

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_7WTFCW.woff2

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J__WTFCW.woff2

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_HWTA.woff2

Domain: 34.35.42.202
URL: http://34.35.42.202/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			salesiq.zohopublic.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: d7758276-4ff9-4aac-9f5d-2d65281affaa
			salesiq.zohopublic.com/	1970-01-20 21:41:15	Name: uesign Value: 6b9d511051c93e2135ada783db2d02c430d42416fbc840863d46946dc95ad29d0844e465d0659370476119d6d5e77394

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://nhom14.click/(Line 447) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://34.35.42.202/'. This endpoint should be made available over a secure connection.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure image 'http://34.35.42.202/wp-content/uploads/2024/05/bannerimg-1.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure image 'http://34.35.42.202/wp-content/uploads/2024/05/flower4.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure image 'http://34.35.42.202/wp-content/uploads/2024/05/flower5.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure image 'http://34.35.42.202/wp-content/uploads/2024/05/flower6.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure image 'http://1.gravatar.com/avatar/d7a973c7dab26985da5f961be7b74480?s=96&d=mm&r=g'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure image 'http://34.35.42.202/wp-content/uploads/2024/05/51330018-4.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure font 'http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_zWTFCW.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure font 'http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_XWTFCW.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure font 'http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_3WTFCW.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure font 'http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_LWTFCW.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure font 'http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_7WTFCW.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure font 'http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J__WTFCW.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 559) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure font 'http://34.35.42.202/wp-content/fonts/literata/or3PQ6P12-iJxAIgLa78DkrbXsDgk0oVDaDPYLanFLHpPf2TbBG_J_HWTA.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://nhom14.click/(Line 17) Message: Mixed Content: The page at 'https://nhom14.click/' was loaded over HTTPS, but requested an insecure script 'http://34.35.42.202/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://nhom14.click/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nhom14.click/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://nhom14.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.gravatar.com
34.35.42.202
css.zohocdn.com
demo.cawpthemes.com
js.zohocdn.com
nhom14.click
salesiq.zohopublic.com
1.gravatar.com
34.35.42.202
136.143.190.97
162.214.81.12
2606:4700:3034::6815:5a1c
34.35.42.202
89.36.170.147
0e3c5ba734e95d88fd4dbfa19ee8cfc04f60d3c74ac0db901b91624e618d9a68
26f942d08026c427c8df246260fa613dcee16b1a9c2f8e50d1da0dde3555689b
2758c6b3eb5de3bdf0be6ad8a053181921890feb6d8474d27a8404a724e70d74
41b5113c94ad83d3e7b35517a7bf255c7a61adad959154f573b26ffd833b70c7
460f3d0746de0584d9e58f3eeae9fee6087d2d56b42379394ca127540b2fdcc8
4b62de85cc592a65fa413003cb9dbf7781c3c94ae5704dc16a44c170ea785145
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57c312f06b70cc0694c0e29c04260f109713384a81a289fec9daa088a5c803b7
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6056a08311f2667af6e6aeea4df77e69a270033d690af3fc33b95e62ff90b0df
7216ae1e85769baa647702e53a50f1ec2684cf0edc67aa0c5de703fac52fc75b
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
9413eaede187654efb4005c4332ed398d39dc385cb23af4fe371b4a27ad17ad0
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
acb2e87422d45580214b5323290d59542317dbccf87d75f131e54c34d5253437
b954426889e5e042cc6ad71262b4124c17cb051ce0999e06154d72849916d910
bf60d5653e46502d94cad1c00ccb98a242fefc0ee6f10ddcfa57a39a302fe69e
c5fd057653fc2d23519426bb7e99a40cadb72c0c58255652c44fedd8a30681a9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d9defb9216cb151e9e1af12651a4266d1690735551904ced44dfb7637e3a795a
db386f62e9d47e9b61d0f25658478fc977813e9f08abe2f339419c809de9dfdf
e39371f50655eadf612709e14c7b6c517612ea9e416380540bbb317d36314265
f47438b36098ef472fb5b786ca2b2de6ca5b83fc7555e66a5cdc8b5da33daada

nhom14.click Open in urlscan Pro 2606:4700:3034::6815:5a1c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

38 Requests

26 %HTTPS

20 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

360 kBTransfer

930 kBSize

2 Cookies

11 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

18 Console Messages

Indicators

nhom14.click Open in urlscan Pro
2606:4700:3034::6815:5a1c Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

26 %
HTTPS

20 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

360 kB
Transfer

930 kB
Size

2
Cookies

38 HTTP transactions
0 data transactions