Submitted URL: http://rocketsd3.jhbcityparks.com/rs/a0Fg7.gk
Effective URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Submission: On June 30 via api from ZA — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2606:4700::6812:1520, located in United States and belongs to CLOUDFLARENET, US. The main domain is comms.rocketseed.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 7th 2023. Valid for: a year.
This is the only time comms.rocketseed.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 196.22.193.163 11845 (Vox-Telecom)
1 6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 4
Apex Domain
Subdomains
Transfer
6 rocketseed.net
comms.rocketseed.net
13 KB
5 mailercdn.net
cdn14.mailercdn.net
aime.mailercdn.net
195 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1174
7 KB
1 jhbcityparks.com
rocketsd3.jhbcityparks.com
773 B
11 4
Domain Requested by
6 comms.rocketseed.net 1 redirects comms.rocketseed.net
static.cloudflareinsights.com
3 cdn14.mailercdn.net comms.rocketseed.net
2 aime.mailercdn.net comms.rocketseed.net
1 static.cloudflareinsights.com comms.rocketseed.net
1 rocketsd3.jhbcityparks.com 1 redirects
11 5

This site contains no links.

Subject Issuer Validity Valid
*.rocketseed.net
Go Daddy Secure Certificate Authority - G2
2023-04-07 -
2024-05-08
a year crt.sh
cdn14.mailercdn.net
GTS CA 1P5
2023-05-17 -
2023-08-15
3 months crt.sh
aime.mailercdn.net
GTS CA 1P5
2023-05-17 -
2023-08-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh

This page contains 2 frames:

Primary Page: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Frame ID: 9FD241F9AE9F5618889D8251ACFE4441
Requests: 9 HTTP requests in this frame

Frame: https://comms.rocketseed.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: D6295AF1AD38AD317217190055D1055B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Reverse The Red

Page URL History Show full URLs

  1. http://rocketsd3.jhbcityparks.com/rs/a0Fg7.gk HTTP 303
    https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

11
Requests

91 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

214 kB
Transfer

272 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rocketsd3.jhbcityparks.com/rs/a0Fg7.gk HTTP 303
    https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://comms.rocketseed.net/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://comms.rocketseed.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request reverse-the-red-T74nTWiKQE1SPi6U
comms.rocketseed.net/public/landing-pages/
Redirect Chain
  • http://rocketsd3.jhbcityparks.com/rs/a0Fg7.gk
  • https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
53 KB
8 KB
Document
General
Full URL
https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1520 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b63165ef7a545a1c7c42d77241212f0966770407ae73ca9e0c98de491fa807

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7df34046eb9a3a8c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Jun 2023 03:16:32 GMT
expires
Fri, 30 Jun 2023 07:16:32 GMT
last-modified
Fri, 30 Jun 2023 03:13:18 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Language
en
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Jun 2023 03:16:32 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Keep-Alive
timeout=10
Location
https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Server
nginx
Transfer-Encoding
chunked
X-Content-Options
nosniff
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
anonymous.gif
comms.rocketseed.net/lp/o/T74nTWiKQE1SPi6U/
49 B
214 B
Image
General
Full URL
https://comms.rocketseed.net/lp/o/T74nTWiKQE1SPi6U/anonymous.gif
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1520 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 03:16:33 GMT
cf-cache-status
MISS
last-modified
Fri, 30 Jun 2023 03:16:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
cf-ray
7df340495d263a8c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
header.png
cdn14.mailercdn.net/users/assets/14/images/
56 KB
57 KB
Image
General
Full URL
https://cdn14.mailercdn.net/users/assets/14/images/header.png?v=1686728221039
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72f9c9b892afb82c81fb3ba0dcd80dca7f3abe52472651d3fe32a4628ab06ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comms.rocketseed.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
cf-cache-status
HIT
content-disposition
inline; filename="header.webp"
alt-svc
h3=":443"; ma=86400
content-length
57518
x-request-id
TiWUeGBFVrMyL62uYadk5
last-modified
Mon, 26 Jun 2023 06:17:49 GMT
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7df340498a493636-FRA
expires
Sat, 29 Jun 2024 03:16:33 GMT
pgrf_header_1.png
cdn14.mailercdn.net/users/assets/14/images/
120 KB
120 KB
Image
General
Full URL
https://cdn14.mailercdn.net/users/assets/14/images/pgrf_header_1.png?v=1686733225237
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e409e120182c5474d3d0fd6c2f207a1d826d593c732cd3e486264666dc3ac0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comms.rocketseed.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
cf-cache-status
HIT
content-disposition
inline; filename="pgrf_header_1.webp"
alt-svc
h3=":443"; ma=86400
content-length
122698
x-request-id
gT_XMgxHsRrroeJK50LAc
last-modified
Mon, 26 Jun 2023 06:17:49 GMT
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7df340498a4b3636-FRA
expires
Sat, 29 Jun 2024 03:16:33 GMT
facebook.png
aime.mailercdn.net/images/
6 KB
6 KB
Image
General
Full URL
https://aime.mailercdn.net/images/facebook.png
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af8146ed0eb12e3a9926464e44a82359df805c271bcb9708d40da276ff56d837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comms.rocketseed.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 04 Nov 2020 06:30:47 GMT
server
cloudflare
cf-polished
status=cannot_optimize
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7df340498aa968fb-FRA
alt-svc
h3=":443"; ma=86400
content-length
5765
expires
Fri, 30 Jun 2023 07:16:33 GMT
twitter.png
aime.mailercdn.net/images/
7 KB
7 KB
Image
General
Full URL
https://aime.mailercdn.net/images/twitter.png
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2ee8156a3b9013a2d2236bfda22be4bc85ce9a8c7ab51fb269660436a57c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comms.rocketseed.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 04 Nov 2020 06:30:47 GMT
server
cloudflare
cf-polished
status=cannot_optimize
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7df340498aab68fb-FRA
alt-svc
h3=":443"; ma=86400
content-length
7215
expires
Fri, 30 Jun 2023 07:16:33 GMT
Logos-01__180x67.png
cdn14.mailercdn.net/users/assets/14/images/__thumbs/Logos-01.png/
4 KB
4 KB
Image
General
Full URL
https://cdn14.mailercdn.net/users/assets/14/images/__thumbs/Logos-01.png/Logos-01__180x67.png?v=1686736211342
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e905215934cb88e451bc49adf11cce331376a9bc8fff5b6d0f29ff4f710e2a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comms.rocketseed.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
cf-cache-status
HIT
content-disposition
inline; filename="Logos-01__180x67.webp"
alt-svc
h3=":443"; ma=86400
content-length
3888
x-request-id
xefmMNMMKLC4y9lzt7yah
last-modified
Mon, 26 Jun 2023 06:17:49 GMT
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7df340498a4c3636-FRA
expires
Sat, 29 Jun 2024 03:16:33 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://comms.rocketseed.net/
Origin
https://comms.rocketseed.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:16:32 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7df34049beb12c39-FRA
invisible.js
comms.rocketseed.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame D629
Redirect Chain
  • https://comms.rocketseed.net/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://comms.rocketseed.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
7 KB
3 KB
Script
General
Full URL
https://comms.rocketseed.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
Protocol
H3
Server
2606:4700::6812:1520 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d186271eb4283b610e0a2eac953aecf838422ff48ef56446588d20fb55cb3aba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7df3404a78cd997b-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 30 Jun 2023 03:16:33 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control
max-age=300, public
cf-ray
7df3404a58be997b-FRA
alt-svc
h3=":443"; ma=86400
7df34046eb9a3a8c
comms.rocketseed.net/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D629
0
332 B
XHR
General
Full URL
https://comms.rocketseed.net/cdn-cgi/challenge-platform/h/g/cv/result/7df34046eb9a3a8c
Requested by
Host: comms.rocketseed.net
URL: https://comms.rocketseed.net/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1520 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
content-encoding
br
server
cloudflare
cf-ray
7df3404b4915997b-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
rum
comms.rocketseed.net/cdn-cgi/
0
144 B
XHR
General
Full URL
https://comms.rocketseed.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1520 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://comms.rocketseed.net/public/landing-pages/reverse-the-red-T74nTWiKQE1SPi6U
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Fri, 30 Jun 2023 03:16:33 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://comms.rocketseed.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7df3404e6a59997b-FRA

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| __cfBeacon

2 Cookies

Domain/Path Name / Value
.comms.rocketseed.net/ Name: __cf_bm
Value: Lq1aqicScbQHKRF8p3GIBCKYFUyPtlP4lrwTGRYXdsw-1688094993-0-AWsJocj4Oj/gz4QHihGeB+ysR4cuTej3p3ZBp9EBp5+HqUnQEyPuNtnOZVcDskxCIC6BwvZb9+7p3dF7M99YxTAQzqDfBvuT22rpq73TXAOk
.mailercdn.net/ Name: __cf_bm
Value: Pjh8F4EfPM2eDMQs_JW8GKP_ngQfEMNA37rhiNR3Xew-1688094993-0-AeGLUmFlk101nb2Y3oFu9A43jiIKzVUIsCYdaQv9nZ7qm4TGCQcpyocu1dhlhlL5atx03tlLMsRK8F1ahJhbS1I=