floureeshlands.com
Open in
urlscan Pro
167.235.108.179
Public Scan
Effective URL: https://floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/?clickid=j0nvxe&trackingid=ci3n40amidmc73eevn1g&affclickid=648...
Submission: On June 12 via api from JP — Scanned from PL
Summary
TLS certificate: Issued by R3 on April 29th 2023. Valid for: 3 months.
This is the only time floureeshlands.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.187.52.246 5.187.52.246 | 197155 (ARTNET) (ARTNET) | |
1 | 155.94.219.251 155.94.219.251 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 4 | 172.67.146.238 172.67.146.238 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.21.74.141 104.21.74.141 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 94.237.103.119 94.237.103.119 | 202053 (UPCLOUD) (UPCLOUD) | |
1 1 | 172.67.208.183 172.67.208.183 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.21.52.175 104.21.52.175 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 167.235.108.179 167.235.108.179 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 157.240.0.6 157.240.0.6 | 32934 (FACEBOOK) (FACEBOOK) | |
20 | 6 |
ASN197155 (ARTNET, PL)
PTR: d52246.artnet.gda.pl
thzss.mail.riaueventorganizer.com |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: ns1.miami-servers.com
theshiningtree.com |
ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
1d706b4e081.megatrffc.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.179.108.235.167.clients.your-server.de
floureeshlands.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
floureeshlands.com
floureeshlands.com |
255 KB |
4 |
jukminung.com
1 redirects
lynku.jukminung.com |
6 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170 |
28 KB |
1 |
trankingo.com
1 redirects
trankingo.com |
551 B |
1 |
wabotot.com
1 redirects
wabotot.com |
720 B |
1 |
tendr.space
1 redirects
pk.tendr.space |
698 B |
1 |
romele.ru
1 redirects
romele.ru |
1 KB |
1 |
megatrffc.com
1d706b4e081.megatrffc.com |
1 KB |
1 |
addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 446257 |
1017 B |
1 |
theshiningtree.com
theshiningtree.com |
450 B |
1 |
riaueventorganizer.com
1 redirects
thzss.mail.riaueventorganizer.com |
320 B |
20 | 11 |
Domain | Requested by | |
---|---|---|
13 | floureeshlands.com |
floureeshlands.com
|
4 | lynku.jukminung.com |
1 redirects
theshiningtree.com
lynku.jukminung.com |
1 | connect.facebook.net |
floureeshlands.com
|
1 | trankingo.com | 1 redirects |
1 | wabotot.com | 1 redirects |
1 | pk.tendr.space | 1 redirects |
1 | romele.ru | 1 redirects |
1 | 1d706b4e081.megatrffc.com |
lynku.jukminung.com
|
1 | cdn.addlnk.com |
lynku.jukminung.com
|
1 | theshiningtree.com | |
1 | thzss.mail.riaueventorganizer.com | 1 redirects |
20 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
theshiningtree.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-16 - 2023-12-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-20 - 2024-03-18 |
a year | crt.sh |
addlnk.com GTS CA 1P5 |
2023-04-15 - 2023-07-14 |
3 months | crt.sh |
*.megatrffc.com R3 |
2023-05-12 - 2023-08-10 |
3 months | crt.sh |
*.floureeshlands.com R3 |
2023-04-29 - 2023-07-28 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-03-22 - 2023-06-20 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/?clickid=j0nvxe&trackingid=ci3n40amidmc73eevn1g&affclickid=64877264067ca0000179dd38&sub1=1659&sub4=unknown&sub5=unknown&ssid=unknown
Frame ID: 83F88AC7124586921553E97F79C5C1F4
Requests: 18 HTTP requests in this frame
Frame:
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: 605A10FC6A899B71BE499164717D576D
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
FlourishPage URL History Show full URLs
-
http://thzss.mail.riaueventorganizer.com//t/mnk75x0ye/r7067471051x478x84579x25910703x2955555x7082228119x4511019
HTTP 302
https://theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/53033086 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1350915755&pubid=690416 Page URL
- https://1d706b4e081.megatrffc.com/?p=4379&media_type=mainstream&sub_id=pubdef50a7b567247a0a478700c4c18b307&pub... Page URL
-
https://romele.ru/cl/887d9c4bddf3b660?p1=5z84ih4wpafdw06zk1zk84c4g,16947913,5,4379&p2=4379&sou...
HTTP 302
https://pk.tendr.space/click?pid=1659&offer_id=9085&sub5=4675147161&sub1=29124&sub2=trafficcompany.com HTTP 302
https://wabotot.com/click?key=c1e16ace77d76f8662b8&partnerid=2&clickid=64877264067ca0000179dd38&... HTTP 307
https://trankingo.com/?utm_campaign=116&bclickid=ci3n40amidmc73eevn1g&pclickid=64877264067ca000017... HTTP 302
https://floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/?clickid=j0nvxe&trackingid=ci3n40amidmc73e... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://thzss.mail.riaueventorganizer.com//t/mnk75x0ye/r7067471051x478x84579x25910703x2955555x7082228119x4511019
HTTP 302
https://theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/53033086 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1350915755&pubid=690416 Page URL
- https://1d706b4e081.megatrffc.com/?p=4379&media_type=mainstream&sub_id=pubdef50a7b567247a0a478700c4c18b307&pubid=690416&pi=690416 Page URL
-
https://romele.ru/cl/887d9c4bddf3b660?p1=5z84ih4wpafdw06zk1zk84c4g,16947913,5,4379&p2=4379&source=mysite&site=trafficcompany.com
HTTP 302
https://pk.tendr.space/click?pid=1659&offer_id=9085&sub5=4675147161&sub1=29124&sub2=trafficcompany.com HTTP 302
https://wabotot.com/click?key=c1e16ace77d76f8662b8&partnerid=2&clickid=64877264067ca0000179dd38&pubid=1659&sourceid=29124&sub1=trafficcompany.com&sub2=&sub3=&sub4=&sub5=&sub6= HTTP 307
https://trankingo.com/?utm_campaign=116&bclickid=ci3n40amidmc73eevn1g&pclickid=64877264067ca0000179dd38&partnerid=2&pubid=1659&sourceid=29124&sub1=trafficcompany.com&sub2=&sub3=&sub4=&sub5=&sub6= HTTP 302
https://floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/?clickid=j0nvxe&trackingid=ci3n40amidmc73eevn1g&affclickid=64877264067ca0000179dd38&sub1=1659&sub4=unknown&sub5=unknown&ssid=unknown Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://thzss.mail.riaueventorganizer.com//t/mnk75x0ye/r7067471051x478x84579x25910703x2955555x7082228119x4511019 HTTP 302
- https://theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/53033086
- https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
53033086
theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/ Redirect Chain
|
137 B 450 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9e8aef8068
lynku.jukminung.com/rc/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 1017 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 605A Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7d64828a78bfbf6c
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 605A |
0 609 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1d706b4e081.megatrffc.com/ |
970 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Light.woff2
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/fonts/ |
64 KB 64 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff2
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/fonts/ |
64 KB 65 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Medium.woff2
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/fonts/ |
65 KB 65 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rubik-Regular.woff2
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/fonts/ |
48 KB 48 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getUrlParams.js
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/js/ |
114 B 284 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-main-logo.svg
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nbb.min.js
floureeshlands.com/scripts/ |
696 B 590 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-support.min.js
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/js/ |
2 KB 838 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax.min.js
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/js/ |
1 KB 616 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
108 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-arrow-ok.svg
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/img/ |
224 B 354 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-reCAPTCHA@2x.png
floureeshlands.com/edc/general/pl/qwe/lp10_tr_oirlrn/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend string| sub5 function| fbq function| _fbq function| newLand12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
theshiningtree.com/ | Name: uid15295 Value: 1350915755-20230612153042-80d84a77d8dcfb4279ed48830cf573d2- |
|
lynku.jukminung.com/ | Name: AWSALB Value: PB7+Z9Iu3VaOgKPPKJ9UJJUS0h8WPxni9TBc2EyhvrHEPkkA6I3lbMxHCFUaM0+bN+Xvz+J8OsmLC1b+Z5exRFD/MRAjopJpt2QqG5jtJrFI/ud2ixJL2a4hHqby |
|
.jukminung.com/ | Name: __cf_bm Value: vr4KSwFzmemfO3KPFuuk8kujQgmOQLiB8y0SqJHxBHc-1686598243-0-AWDvA68csFtZ5CUmjf92d3mCxnzhHdRuwctqpZYxgSloDFroZ8CGHSAg8TSn1p0BLQ== |
|
.1d706b4e081.megatrffc.com/ | Name: rts-trck Value: 1 |
|
.megatrffc.com/ | Name: t-uuid Value: 5z84ih4wu9qmk3kuzdfs4sg44 |
|
.megatrffc.com/ | Name: traffic-back Value: ok |
|
romele.ru/ | Name: sbc887d9c4bddf3b660 Value: eyJpdiI6IktrVXIvNlRFU3dYSVIyV2ZoQ3dTWmc9PSIsInZhbHVlIjoiQzV0eUtQdFZ3cVlXNTk4RWVONGg0UT09IiwibWFjIjoiYzJkNzcyNGE2Y2MxODE2ZDQzNzQ2ODEzZGRiMTc4NjQ0MzA5ZmJmMGZiZDk5MDA3NGMyM2Q3NzkzZDU2MDRjOCIsInRhZyI6IiJ9 |
|
romele.ru/ | Name: vis Value: eyJpdiI6ImxDcnBKWFFiWlNVVWVRVXJaRmtWb1E9PSIsInZhbHVlIjoiOHdtOFRHdGYvYjRRdGdoYnQ5Zk1Bdz09IiwibWFjIjoiOGEwNzZhYWVmZGVlMTQ3ZTc2Y2NhOTA3MWI4MGQ5OGU4OGJiOWJlZTc5MWE0YzYzNWRhY2RmZTg2NmYzMWMxNiIsInRhZyI6IiJ9 |
|
pk.tendr.space/ | Name: afclick Value: 64877264067ca0000179dd38 |
|
pk.tendr.space/ | Name: afoffers Value: {"9085":1686598244} |
|
wabotot.com/ | Name: uclick Value: mbzblAxcOIk1hePwPWCY4l7vksvxE009m3AZV2i0Ntf8YxySegjMa00uozwBhjsEuzRyYsE= |
|
wabotot.com/ | Name: clickinfo Value: ci3n40amidmc73eevn1g |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d706b4e081.megatrffc.com
cdn.addlnk.com
connect.facebook.net
floureeshlands.com
lynku.jukminung.com
pk.tendr.space
romele.ru
theshiningtree.com
thzss.mail.riaueventorganizer.com
trankingo.com
wabotot.com
104.21.52.175
104.21.74.141
155.94.219.251
157.240.0.6
167.235.108.179
172.67.146.238
172.67.208.183
188.114.96.3
188.114.97.3
5.187.52.246
94.237.103.119
2100d1ebab1fd063c524d8205c1eb57b00ba98f903c48bd884a3254c501616ec
343c77092df9876915f048639f9101b1a5ab18ec61c65f21e1d1304a7b2a4bcd
38b3b9c77cad693e758f6bfa35fb1e002b07d251f4c9ce7fc472393cb8253903
490acaa0236f48f46888f9040bce82280f8159ddb784724d0e50cac7f0e0ff05
4aa1fd4225c93a398f0cdcdd8d7c4b9323f7e0fa0c6da403ab68d6920ab58374
594c7ce13c4b74ab56f72981c6b5ad2e81fcfc4da0a0111ca7e041bfc636944c
5c30a530d6d776bb470367792552f4a725c90b83424433835eb91460ee0db4f8
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
69fdccd87375ed0eee8ffc09a2451ddf613e016301e6453157cdd608f4317671
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
8b0ba1b7fecf136fdfc182d244e3cc336eaa66b95de845e501c34c415b3990eb
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
b683dbc4c6c16119b8bc0fb46c65ae500aaca228785c7e53db9fa98359f138dd
b7647a0d506e3254bb9329e259cf95630bdc9795052c8ff8badaa428c5e9d7cb
d54f89f0f5d6a5acb2fd89af5707744583f374d95c89fb41b5e353662b20130f
e9ab50f17b9d30661cee2bd8952b9e489134e522a168afb7cb7c0e59075fef14
fa13158c850602d991655f5fb4dddd60294f0b79bd26cb02697e2fc9ae9f76b6