flowerself.xyz
Open in
urlscan Pro
5.45.112.153
Public Scan
Effective URL: https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unk...
Submission: On February 10 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.
This is the only time flowerself.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 45.33.23.183 45.33.23.183 | 63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies) | |
9 | 151.101.66.137 151.101.66.137 | 54113 (FASTLY) (FASTLY) | |
2 | 54.237.193.255 54.237.193.255 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 162.247.241.14 162.247.241.14 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
1 2 | 195.201.136.171 195.201.136.171 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 5.45.112.153 5.45.112.153 | 198068 (PAGM-AS) (PAGM-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 142.132.255.57 142.132.255.57 | 24940 (HETZNER-AS) (HETZNER-AS) | |
19 | 9 |
ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li977-183.members.linode.com
kb.clssportwear.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-193-255.compute-1.amazonaws.com
alia-iso.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.171.136.201.195.clients.your-server.de
awasrqp.xyz |
ASN24940 (HETZNER-AS, DE)
PTR: static.57.255.132.142.clients.your-server.de
pushtorm.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 325 |
20 KB |
2 |
awasrqp.xyz
1 redirects
awasrqp.xyz — Cisco Umbrella Rank: 918206 |
1 KB |
2 |
alia-iso.com
alia-iso.com — Cisco Umbrella Rank: 452115 |
3 KB |
2 |
clssportwear.com
1 redirects
kb.clssportwear.com |
22 KB |
1 |
pushtorm.net
pushtorm.net — Cisco Umbrella Rank: 96343 |
4 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 687 |
31 KB |
1 |
flowerself.xyz
flowerself.xyz |
6 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 208 |
522 B |
19 | 8 |
Domain | Requested by | |
---|---|---|
9 | js-agent.newrelic.com |
kb.clssportwear.com
|
2 | awasrqp.xyz |
1 redirects
alia-iso.com
|
2 | alia-iso.com |
kb.clssportwear.com
alia-iso.com |
2 | kb.clssportwear.com | 1 redirects |
1 | pushtorm.net |
flowerself.xyz
|
1 | code.jquery.com |
flowerself.xyz
|
1 | flowerself.xyz | |
1 | bam.nr-data.net |
js-agent.newrelic.com
|
19 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-07-10 - 2023-08-11 |
a year | crt.sh |
alia-iso.com Amazon RSA 2048 M02 |
2022-12-19 - 2024-01-17 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
awasrqp.xyz R3 |
2023-01-01 - 2023-04-01 |
3 months | crt.sh |
flowerself.xyz R3 |
2023-01-09 - 2023-04-09 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
pushtorm.net R3 |
2022-12-16 - 2023-03-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown
Frame ID: 1F54E7FDEC539E3468F49E9E8BEC4250
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Notification ConfirmationPage URL History Show full URLs
- http://kb.clssportwear.com/ Page URL
-
http://kb.clssportwear.com/?gp=1&js=1&uuid=1676026729.0042894042&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjo...
HTTP 302
https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76d... Page URL
- https://alia-iso.com/zcredirect?visitid=e667fe21-a931-11ed-a96e-12772c2a18ef&type=js&browserWidth... Page URL
-
https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zre667fe21a93111eda96e12772c2a18efd7d...
HTTP 302
https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=... Page URL
- https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-s... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://kb.clssportwear.com/ Page URL
-
http://kb.clssportwear.com/?gp=1&js=1&uuid=1676026729.0042894042&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0=
HTTP 302
https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b Page URL
- https://alia-iso.com/zcredirect?visitid=e667fe21-a931-11ed-a96e-12772c2a18ef&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
-
https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zre667fe21a93111eda96e12772c2a18efd7da540113184fe3be8fef9542a067e8071098250fd1abfff8&vsc=0.033600&trgt=delta-son-vmj403q35m&src=erythraean-weasel&kwd=&vrt=NON-ADULT
HTTP 302
https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html Page URL
- https://flowerself.xyz/c.html?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- http://kb.clssportwear.com/?gp=1&js=1&uuid=1676026729.0042894042&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
- https://alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/f8472a30-a5e5-11ec-9226-0a76dcc61f13?campaignid=746a9bd0-9d7d-11ed-99a2-12beee04f19b
- https://awasrqp.xyz/click.php?key=u8d0kxj09shrhg6mdr3f&cid=zre667fe21a93111eda96e12772c2a18efd7da540113184fe3be8fef9542a067e8071098250fd1abfff8&vsc=0.033600&trgt=delta-son-vmj403q35m&src=erythraean-weasel&kwd=&vrt=NON-ADULT HTTP 302
- https://awasrqp.xyz/nlp/index.php?clickid=d2c88xsh946gx0a1&t1=1222&t2=17&t3=d2c88xsh946gx0a1&t4=delta-son-vmj403q35m&t5=Unknown&url_bnm_redirect=https://flowerself.xyz/c.html
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
kb.clssportwear.com/ |
54 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
692.215647de-1223.js
js-agent.newrelic.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
779.215647de-1223.js
js-agent.newrelic.com/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
823.215647de-1223.js
js-agent.newrelic.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
785.215647de-1223.js
js-agent.newrelic.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
325.215647de-1223.js
js-agent.newrelic.com/ |
1 KB 767 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
112.215647de-1223.js
js-agent.newrelic.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
960.215647de-1223.js
js-agent.newrelic.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
307.215647de-1223.js
js-agent.newrelic.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
817.215647de-1223.js
js-agent.newrelic.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f8472a30-a5e5-11ec-9226-0a76dcc61f13
alia-iso.com/zcvisitor/e667fe21-a931-11ed-a96e-12772c2a18ef/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0d385ba8a0
bam.nr-data.net/1/ |
49 B 522 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
0d385ba8a0
bam.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
0d385ba8a0
bam.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zcredirect
alia-iso.com/ |
628 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
awasrqp.xyz/nlp/ Redirect Chain
|
168 B 407 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
c.html
flowerself.xyz/ |
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
subscription.js
pushtorm.net/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/jserrors/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=2096&ck=0&s=0&ref=http://kb.clssportwear.com/
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1223.PROD&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aA1sAXkESA1lRUEsOXAdADkNQEBReVlQWTUYIWwxvWQ0DU1BD&rst=2100&ck=0&s=0&ref=http://kb.clssportwear.com/
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| getUrlParameter object| lang object| pushService3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kb.clssportwear.com/ | Name: mtm_delivered Value: "" |
|
awasrqp.xyz/ | Name: uclick Value: xsh946gx |
|
awasrqp.xyz/ | Name: uclickhash Value: xsh946gx-xsh946gx-17he-0-gme8-ejoc-ej4p-f82d2b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alia-iso.com
awasrqp.xyz
bam.nr-data.net
code.jquery.com
flowerself.xyz
js-agent.newrelic.com
kb.clssportwear.com
pushtorm.net
bam.nr-data.net
142.132.255.57
151.101.66.137
162.247.241.14
195.201.136.171
2001:4de0:ac18::1:a:2b
45.33.23.183
5.45.112.153
54.237.193.255
8a7a84a433198c7f2cec520e6bed7bdb973b34c1aeadaa5f96c023c920a6c65a
d2cfe72bfbc69132aea6712ba2f460cafec47237707b28a8be26f4a8724a17ce
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e