urlscan.io logo urlscan.io
SecurityTrails logo

neosfunds.com Open in urlscan Pro
151.101.130.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fun.riadatabase.com/MDAxLVFZVy01NTgAAAGWp2KGv0RYRpSH_7GV8ciIJ00tQ9SFC0G9nf7TYqNVQqWcmFu81wW1qr_zFsX-kvKVmIPRuFM=
Effective URL: https://neosfunds.com/wp-content/uploads/CSHI-Prospectus.pdf?mkt_tok=MDAxLVFZVy01NTgAAAGWp2KGvygV2fRmCu3H0Hf3RyMoZoWix...
Submission: On November 07 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 151.101.130.159, located in San Francisco, United States and belongs to FASTLY, US. The main domain is neosfunds.com.
TLS certificate: Issued by R11 on October 14th 2024. Valid for: 3 months.
This is the only time neosfunds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.71.206 13335 (CLOUDFLAR...)
2 151.101.130.159 54113 (FASTLY)
3 2
Apex Domain
Subdomains		 Transfer
2 neosfunds.com
neosfunds.com
254 B
1 riadatabase.com
fun.riadatabase.com — Cisco Umbrella Rank: 211998
1 KB
3 2
Domain Requested by
2 neosfunds.com fun.riadatabase.com
1 fun.riadatabase.com
3 2

This site contains no links.

Subject Issuer Validity Valid
fun.riadatabase.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
neosfunds.com
R11		 2024-10-14 -
2025-01-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://neosfunds.com/wp-content/uploads/CSHI-Prospectus.pdf?mkt_tok=MDAxLVFZVy01NTgAAAGWp2KGvygV2fRmCu3H0Hf3RyMoZoWixHVDQPPvGym63D2NzvtvHr4FRP3AaxyDxb61f9ueFcECPOk_gMzBsQs2Qqow4a4mQtynIsNmup7rXV1UKw
Frame ID: 18C6C47432419E97F51EDAEBC0019A3C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fun.riadatabase.com/MDAxLVFZVy01NTgAAAGWp2KGv0RYRpSH_7GV8ciIJ00tQ9SFC0G9nf7TYqNVQqWcmFu81wW1qr_z... Page URL
  2. https://neosfunds.com/wp-content/uploads/CSHI-Prospectus.pdf?mkt_tok=MDAxLVFZVy01NTgAAAGWp2KGvygV2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fun.riadatabase.com/MDAxLVFZVy01NTgAAAGWp2KGv0RYRpSH_7GV8ciIJ00tQ9SFC0G9nf7TYqNVQqWcmFu81wW1qr_zFsX-kvKVmIPRuFM= Page URL
  2. https://neosfunds.com/wp-content/uploads/CSHI-Prospectus.pdf?mkt_tok=MDAxLVFZVy01NTgAAAGWp2KGvygV2fRmCu3H0Hf3RyMoZoWixHVDQPPvGym63D2NzvtvHr4FRP3AaxyDxb61f9ueFcECPOk_gMzBsQs2Qqow4a4mQtynIsNmup7rXV1UKw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MDAxLVFZVy01NTgAAAGWp2KGv0RYRpSH_7GV8ciIJ00tQ9SFC0G9nf7TYqNVQqWcmFu81wW1qr_zFsX-kvKVmIPRuFM=
fun.riadatabase.com/ 		552 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fun.riadatabase.com/MDAxLVFZVy01NTgAAAGWp2KGv0RYRpSH_7GV8ciIJ00tQ9SFC0G9nf7TYqNVQqWcmFu81wW1qr_zFsX-kvKVmIPRuFM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70aa47140fa42a2cb2cfe442dade5226765176579bd9a31b311cc788dd06b31
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-MrZRg/O7Fw4+qYNIQydeFyUit6KvURlX6jG3N+bRT+c=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8df052111ab83773-YYZ
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-MrZRg/O7Fw4+qYNIQydeFyUit6KvURlX6jG3N+bRT+c=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type
text/html;charset=UTF-8
date
Thu, 07 Nov 2024 21:12:17 GMT
referrer-policy
strict-origin
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
c69a35c6f1dafa67
Primary Request CSHI-Prospectus.pdf
neosfunds.com/wp-content/uploads/ 		345 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://neosfunds.com/wp-content/uploads/CSHI-Prospectus.pdf?mkt_tok=MDAxLVFZVy01NTgAAAGWp2KGvygV2fRmCu3H0Hf3RyMoZoWixHVDQPPvGym63D2NzvtvHr4FRP3AaxyDxb61f9ueFcECPOk_gMzBsQs2Qqow4a4mQtynIsNmup7rXV1UKw
Requested by
Host: fun.riadatabase.com
URL: https://fun.riadatabase.com/MDAxLVFZVy01NTgAAAGWp2KGv0RYRpSH_7GV8ciIJ00tQ9SFC0G9nf7TYqNVQqWcmFu81wW1qr_zFsX-kvKVmIPRuFM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
6b0fbb359cb6937ac57bbd40721abb0ee1f725e57f8cf8438a91a863f7e7f87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://fun.riadatabase.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=31536000
content-length
382998
content-type
application/pdf
date
Thu, 07 Nov 2024 21:12:17 GMT
etag
"666b9cb0-5d816"
fastly-restarts
1
last-modified
Fri, 14 Jun 2024 01:28:16 GMT
referrer-policy
no-referrer-when-downgrade
server
Flywheel/5.1.0
vary
Authorization
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cacheable
YES
x-content-type-options
nosniff
x-fw-hash
va7kdd6or5
x-fw-serve
TRUE
x-fw-server
Flywheel/5.1.0
x-fw-static
NO
x-fw-type
VISIT
x-fw-version
5.0.0
x-served-by
cache-yyz4543-YYZ, cache-yyz4531-YYZ
x-timer
S1731013937.141378,VS0,VE114
x-xss-protection
1
favicon.ico
neosfunds.com/ 		146 B
254 B 		Other
General
Check archive.org
Download Go to
Full URL
https://neosfunds.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://neosfunds.com/wp-content/uploads/CSHI-Prospectus.pdf?mkt_tok=MDAxLVFZVy01NTgAAAGWp2KGvygV2fRmCu3H0Hf3RyMoZoWixHVDQPPvGym63D2NzvtvHr4FRP3AaxyDxb61f9ueFcECPOk_gMzBsQs2Qqow4a4mQtynIsNmup7rXV1UKw

Response headers

x-fw-hash
va7kdd6or5
content-encoding
gzip
x-fw-version
5.0.0
x-content-type-options
nosniff
x-cacheable
YES
x-cache
MISS, HIT
x-fw-server
Flywheel/5.1.0
date
Thu, 07 Nov 2024 21:12:17 GMT
content-type
text/html
x-served-by
cache-yyz4552-YYZ, cache-yyz4531-YYZ
x-cache-hits
0, 0
vary
Accept-Encoding, Authorization
x-fw-static
NO
x-fw-serve
TRUE
x-timer
S1731013937.341001,VS0,VE1
referrer-policy
no-referrer-when-downgrade
x-fw-type
VISIT
accept-ranges
bytes
content-length
106
x-xss-protection
1
fastly-restarts
1
server
Flywheel/5.1.0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.fun.riadatabase.com/ Name: __cf_bm
Value: x0GGKWe.K53730y6Uz6ikin0.9IjJF4iQ_y0HExMdDo-1731013937-1.0.1.1-BV40bBQyK0zbpsUSUcSyYm_j.Vm.gDCbunox93cS.vkXDxsTTOpCkDu57kU7sjzv6apEiW7y1OQtr6F83QJQjA

1 Console Messages

Source Level URL
Text
network error URL: https://neosfunds.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-MrZRg/O7Fw4+qYNIQydeFyUit6KvURlX6jG3N+bRT+c=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fun.riadatabase.com
neosfunds.com
104.17.71.206
151.101.130.159
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
6b0fbb359cb6937ac57bbd40721abb0ee1f725e57f8cf8438a91a863f7e7f87e
c70aa47140fa42a2cb2cfe442dade5226765176579bd9a31b311cc788dd06b31