Submitted URL: https://spenenergynetworks.co.uk/
Effective URL: https://flowerself.xyz/c.html?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unk...
Submission: On February 08 via manual — Scanned from GB

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 5.45.112.153, located in Estonia and belongs to PAGM-AS, EE. The main domain is flowerself.xyz.
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.
This is the only time flowerself.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.33.18.44 63949 (AKAMAI-AP...)
1 2 45.33.30.197 63949 (AKAMAI-AP...)
9 151.101.66.137 54113 (FASTLY)
2 54.237.193.255 14618 (AMAZON-AES)
1 162.247.241.14 23467 (NEWRELIC-...)
1 2 195.201.136.171 24940 (HETZNER-AS)
1 5.45.112.153 198068 (PAGM-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 142.132.255.57 24940 (HETZNER-AS)
19 9
Apex Domain
Subdomains
Transfer
9 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 325
20 KB
3 spenenergynetworks.co.uk
spenenergynetworks.co.uk
22 KB
2 awasrqp.xyz
awasrqp.xyz — Cisco Umbrella Rank: 918206
1 KB
2 alia-iso.com
alia-iso.com — Cisco Umbrella Rank: 452115
3 KB
1 pushtorm.net
pushtorm.net — Cisco Umbrella Rank: 96343
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 687
31 KB
1 flowerself.xyz
flowerself.xyz
6 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 208
532 B
19 8
Domain Requested by
9 js-agent.newrelic.com spenenergynetworks.co.uk
3 spenenergynetworks.co.uk 2 redirects
2 awasrqp.xyz 1 redirects alia-iso.com
2 alia-iso.com spenenergynetworks.co.uk
alia-iso.com
1 pushtorm.net flowerself.xyz
1 code.jquery.com flowerself.xyz
1 flowerself.xyz
1 bam.nr-data.net js-agent.newrelic.com
19 8

This site contains no links.

Subject Issuer Validity Valid
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
alia-iso.com
Amazon RSA 2048 M02
2022-12-19 -
2024-01-17
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
awasrqp.xyz
R3
2023-01-01 -
2023-04-01
3 months crt.sh
flowerself.xyz
R3
2023-01-09 -
2023-04-09
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
pushtorm.net
R3
2022-12-16 -
2023-03-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://flowerself.xyz/c.html?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown
Frame ID: 677C6AF222701D0C50DFBCDD01B3422F
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Notification Confirmation

Page URL History Show full URLs

  1. https://spenenergynetworks.co.uk/ HTTP 302
    http://spenenergynetworks.co.uk/ Page URL
  2. http://spenenergynetworks.co.uk/?gp=1&js=1&uuid=1675871078.0027426376&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjo... HTTP 302
    https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76d... Page URL
  3. https://alia-iso.com/zcredirect?visitid=7f129c54-a7c7-11ed-a383-1249f6eecbe5&type=js&browserWidth... Page URL
  4. https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zr7f129c54a7c711eda3831249f6eecbe5681... HTTP 302
    https://awasrqp.xyz/nlp/index.php?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=... Page URL
  5. https://flowerself.xyz/c.html?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

84 %
HTTPS

11 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

86 kB
Transfer

216 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://spenenergynetworks.co.uk/ HTTP 302
    http://spenenergynetworks.co.uk/ Page URL
  2. http://spenenergynetworks.co.uk/?gp=1&js=1&uuid=1675871078.0027426376&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
    https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b Page URL
  3. https://alia-iso.com/zcredirect?visitid=7f129c54-a7c7-11ed-a383-1249f6eecbe5&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zr7f129c54a7c711eda3831249f6eecbe56813268c1b574bf79836c8965eb73b8907105543071a9c1a54&vsc=0.126000&trgt=romeo-bis-1ewpx754lx&src=erythraean-weasel&kwd=&vrt=NON-ADULT HTTP 302
    https://awasrqp.xyz/nlp/index.php?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html Page URL
  5. https://flowerself.xyz/c.html?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://spenenergynetworks.co.uk/ HTTP 302
  • http://spenenergynetworks.co.uk/
Request Chain 10
  • http://spenenergynetworks.co.uk/?gp=1&js=1&uuid=1675871078.0027426376&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
  • https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Request Chain 15
  • https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zr7f129c54a7c711eda3831249f6eecbe56813268c1b574bf79836c8965eb73b8907105543071a9c1a54&vsc=0.126000&trgt=romeo-bis-1ewpx754lx&src=erythraean-weasel&kwd=&vrt=NON-ADULT HTTP 302
  • https://awasrqp.xyz/nlp/index.php?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
spenenergynetworks.co.uk/
Redirect Chain
  • https://spenenergynetworks.co.uk/
  • http://spenenergynetworks.co.uk/
54 KB
21 KB
Document
General
Full URL
http://spenenergynetworks.co.uk/
Protocol
HTTP/1.1
Server
45.33.30.197 Richardson, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
li1047-197.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
d79de0219c714bd65a886838d558d05bd6adffff7ba4dbe5fbc6ab1866246d04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-type
text/html
date
Wed, 08 Feb 2023 15:44:38 GMT
server
openresty/1.13.6.1
transfer-encoding
chunked

Redirect headers

Connection
close
Content-Length
167
Content-Type
text/html
Date
Wed, 08 Feb 2023 15:44:38 GMT
Location
http://spenenergynetworks.co.uk/
Server
openresty/1.13.6.1
692.215647de-1223.js
js-agent.newrelic.com/
2 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/692.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
I.n_PBR7fU5g2cmlAwgMlzr4Oik5bP_f
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NGNKCXB4RFK4AE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1087
x-amz-id-2
nZHhVyPtr48wydxYbTmNbAtrCib1032XGzveX00y2+8SbTvdVYhYnYEjk5bp9cjWV16Tf/OFErw=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.786398,VS0,VE0
etag
"2a9c8457fef96067bf92a4ec54fb10b8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13653
779.215647de-1223.js
js-agent.newrelic.com/
8 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/779.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
d0hMUd3mWD9ItciiSIXCSy8OWToOTtsf
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NMFKKJZF5JCWTH
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3516
x-amz-id-2
bOuzlBIHscksjphdq/G59RvIksN1xzWx/B1qsG3iJr4bITv81D3MqyRfP2J+ipKjUKGhU7W0lDM=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.787151,VS0,VE0
etag
"1f9dc6167676d6db728e844d20a97ad5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13654
823.215647de-1223.js
js-agent.newrelic.com/
3 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/823.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
W2tA0gkaWp6JlPnYeFhc2plzNBl_myPN
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NK2KQ8A98MWNSZ
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1365
x-amz-id-2
4MEnCXdoz/+QsX5B2zNrl1dQNXa6ZlLWaaKzWcfc6h7UQYgGk4qDgB8zI1zPOMtnPXdHUI6Jz+w=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.786772,VS0,VE0
etag
"ce7762cf4b6665f79c15503dbccd6c68"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13657
785.215647de-1223.js
js-agent.newrelic.com/
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/785.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
24gfKeCbKAAA6djjTUpWk6gRfGGq6MlZ
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NYW0G51MANQ7GN
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2103
x-amz-id-2
HWh1C7wSSBb8uvMrpuW9xzKix6LLIHsadEh030pGQPju5E23XBGjKY7L1IV4v11ZrXpQXK0xX1E=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.786747,VS0,VE0
etag
"85340359c90104ea511047eb2b57ebb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13672
325.215647de-1223.js
js-agent.newrelic.com/
1 KB
767 B
Script
General
Full URL
https://js-agent.newrelic.com/325.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
TZXfN40R6cv9QsF3fTfxRxppzwQ_LugL
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NHXG18BJ3TDFCV
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
560
x-amz-id-2
HuRRin9KASwqudYYowiK+wdFxp7++SkP66y1RfA59bvIcRUTZdDgirQz1zFDN50MxkrgjuruRbU=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.786734,VS0,VE0
etag
"8bfb1318203f2143642fa7f2620e90b9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13680
112.215647de-1223.js
js-agent.newrelic.com/
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/112.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
9bSPwe8fMEYRcVSv2EMBWMHRAeUObfWk
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NZZ5M11EJKCTQW
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2800
x-amz-id-2
WbTrcRKiq0TgGZYoFs5ddsk7daHZ+eMTDo21WW/fxRfaxUdbpQZgZfPe7tjjhPfLM5AGxU1ICkU=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.787196,VS0,VE0
etag
"b225b095bddb200dcb67ba7625a14e0b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9375
960.215647de-1223.js
js-agent.newrelic.com/
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/960.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
iCdpSHjuiF_zf7kNvVpWKcwVkVeojeJa
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NS5844XJG9Y7P0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2233
x-amz-id-2
uwDXDnvtGcT8iTUChBzvMmHtmfFbNDvi2A0Xd8njmoPOdIB8CrByv+5hfI1l6Msk/4nTKRLtGck=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.819299,VS0,VE0
etag
"57e420fb6a7c52d0c27d5548fef4de16"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9125
307.215647de-1223.js
js-agent.newrelic.com/
9 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/307.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
ED2qEQGkNHGjLDyC2ELlsbsj8AXnsN9k
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NNRGQCFNXAPHQM
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3648
x-amz-id-2
8AwZchrRF+/V/qkI27Wwpja567y7hYzkAj6NxNeusg37hRb7TJ60/l/hbAMXbDavY2sHwTJAt2U=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.819271,VS0,VE0
etag
"cca13aa273adc25aced599968bea0601"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9342
817.215647de-1223.js
js-agent.newrelic.com/
2 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/817.215647de-1223.js
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
fbj3lJUaysglBYTWHHCwffYncZ19MQ50
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 Feb 2023 15:44:38 GMT
x-amz-request-id
Y3NKX4Y241GQRN9C
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1044
x-amz-id-2
mJRrbkZchzsLPIU7V2XF9/3ZQvNKDKPm26A9AxYP2HhwexwTilbLGhIwrFab6kzwZbN+aXMyqJM=
x-served-by
cache-lcy-eglc8600027-LCY
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1675871079.819251,VS0,VE0
etag
"a5dc24e5a104adfcf70621ff7fb620ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9343
f8472a30-a5e5-11ec-9226-0a76dcc61f13
alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/
Redirect Chain
  • http://spenenergynetworks.co.uk/?gp=1&js=1&uuid=1675871078.0027426376&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBs...
  • https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
1 KB
2 KB
Document
General
Full URL
https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Requested by
Host: spenenergynetworks.co.uk
URL: http://spenenergynetworks.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.193.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-193-255.compute-1.amazonaws.com
Software
iPVPfODg /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://spenenergynetworks.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 08 Feb 2023 15:44:39 GMT
server
iPVPfODg
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

connection
close
content-language
en-gb
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 08 Feb 2023 15:44:39 GMT
location
https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
referrer-policy
no-referrer
server
openresty/1.13.6.1
vary
Accept-Language
0d385ba8a0
bam.nr-data.net/1/
49 B
532 B
Script
General
Full URL
https://bam.nr-data.net/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=1095&ck=0&s=0&ref=http://spenenergynetworks.co.uk/&be=960&fe=19&dc=17&perf=%7B%22timing%22:%7B%22of%22:1675871077718,%22n%22:0,%22f%22:552,%22dn%22:552,%22dne%22:552,%22c%22:552,%22ce%22:685,%22rq%22:685,%22rp%22:824,%22rpe%22:956,%22dl%22:827,%22di%22:976,%22ds%22:976,%22de%22:977,%22dc%22:977,%22l%22:977,%22le%22:985%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/692.215647de-1223.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://spenenergynetworks.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 15:44:39 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
79657ce74c944057-LHR
0d385ba8a0
bam.nr-data.net/events/1/
0
0

0d385ba8a0
bam.nr-data.net/jserrors/1/
0
0

zcredirect
alia-iso.com/
628 B
1 KB
Document
General
Full URL
https://alia-iso.com/zcredirect?visitid=7f129c54-a7c7-11ed-a383-1249f6eecbe5&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: alia-iso.com
URL: https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.193.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-193-255.compute-1.amazonaws.com
Software
QWpStMpi /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://alia-iso.com/zcvisitor/7f129c54-a7c7-11ed-a383-1249f6eecbe5/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 08 Feb 2023 15:44:40 GMT
redirected
JS
server
QWpStMpi
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
index.php
awasrqp.xyz/nlp/
Redirect Chain
  • https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zr7f129c54a7c711eda3831249f6eecbe56813268c1b574bf79836c8965eb73b8907105543071a9c1a54&vsc=0.126000&trgt=romeo-bis-1ewpx754lx&src=erythraean...
  • https://awasrqp.xyz/nlp/index.php?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html
168 B
406 B
Document
General
Full URL
https://awasrqp.xyz/nlp/index.php?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html
Requested by
Host: alia-iso.com
URL: https://alia-iso.com/zcredirect?visitid=7f129c54-a7c7-11ed-a383-1249f6eecbe5&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.201.136.171 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.136.201.195.clients.your-server.de
Software
nginx/1.22.0 /
Resource Hash
2084cb3360f80cc3f5902a8c495486319c91437e06718135a980c674f8479cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://alia-iso.com/zcredirect?visitid=7f129c54-a7c7-11ed-a383-1249f6eecbe5&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 15:44:40 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 15:44:40 GMT
Location
https://awasrqp.xyz/nlp/index.php?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Primary Request c.html
flowerself.xyz/
16 KB
6 KB
Document
General
Full URL
https://flowerself.xyz/c.html?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.45.112.153 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
s5ff4df57.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
8a7a84a433198c7f2cec520e6bed7bdb973b34c1aeadaa5f96c023c920a6c65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://awasrqp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 08 Feb 2023 15:44:40 GMT
etag
W/"62d02426-3ef2"
last-modified
Thu, 14 Jul 2022 14:11:50 GMT
server
nginx/1.18.0
strict-transport-security
max-age=31536000
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: flowerself.xyz
URL: https://flowerself.xyz/c.html?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://flowerself.xyz/
Origin
https://flowerself.xyz
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 15:44:40 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPiij58GEo4BCiRmOWU5ZjA4MC01MGY3LTQwMzMtYjYxNi1hMWU3ZjlmNzA5N2QQqKenrJKE/QIaBgjoho+fBiITMmEwMjo4Yzg6YzEwOjMwOjoxNyiomAMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDllOGFiMzFlLTcwZmQtNGI4YS05NDU4LTk4NzE0Y2JlYWVlMBib8QEiGAgCEhRjZHMwODEubG80Lmh3Y2RuLm5ldA==.9UjjwQcBpHttftoEBb5c65Vltzjo4jXWuZNqKSOD1WM=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1675871080.dop261.lo4.t,1675871080.cds074.lo4.hn,1675871080.cds081.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
subscription.js
pushtorm.net/
14 KB
4 KB
Script
General
Full URL
https://pushtorm.net/subscription.js
Requested by
Host: flowerself.xyz
URL: https://flowerself.xyz/c.html?clickid=980e1us6jtl1617a&t1=1222&t2=17&t3=980e1us6jtl1617a&t4=romeo-bis-1ewpx754lx&t5=Unknown
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
142.132.255.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.255.132.142.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d2cfe72bfbc69132aea6712ba2f460cafec47237707b28a8be26f4a8724a17ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://flowerself.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 15:44:41 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 07 Feb 2023 17:36:04 GMT
Server
nginx/1.14.2
ETag
"1d93b1aa6eeedec"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=2202&ck=0&s=0&ref=http://spenenergynetworks.co.uk/
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=2204&ck=0&s=0&ref=http://spenenergynetworks.co.uk/

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| getUrlParameter object| lang object| pushService

4 Cookies

Domain/Path Name / Value
.spenenergynetworks.co.uk/ Name: mtmssl
Value: 1
spenenergynetworks.co.uk/ Name: mtm_delivered
Value: ""
awasrqp.xyz/ Name: uclick
Value: us6jtl16
awasrqp.xyz/ Name: uclickhash
Value: us6jtl16-us6jtl16-17he-0-gme8-ejoc-ej4p-198e4d