nk5teoydeb.freedomsoftsites.com Open in urlscan Pro
34.205.42.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mangotreeinvestments.familyapples.com/
Effective URL:
https://nk5teoydeb.freedomsoftsites.com/
Submission Tags: @phishunt_io
Submission: On February 19 via api (February 19th 2021, 4:15:17 am UTC) from ES

Summary HTTP 11 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 11 HTTP transactions. The main IP is 34.205.42.6, located in United States and belongs to AMAZON-AES, US. The main domain is nk5teoydeb.freedomsoftsites.com.
TLS certificate: Issued by R3 on January 28th 2021. Valid for: 3 months.

This is the only time nk5teoydeb.freedomsoftsites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.241.224.233 162.241.224.233	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	34.205.42.6 34.205.42.6	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:218... 2600:9000:2182:c600:a:edc7:b200:21	16509 (AMAZON-02) (AMAZON-02)
6	54.231.11.147 54.231.11.147	16509 (AMAZON-02) (AMAZON-02)
1 2	52.20.64.127 52.20.64.127	14618 (AMAZON-AES) (AMAZON-AES)
11	5

1 162.241.224.233 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5220.bluehost.com

mangotreeinvestments.familyapples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.42.6 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-42-6.compute-1.amazonaws.com

nk5teoydeb.freedomsoftsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:c600:a:edc7:b200:21 (United States)

ASN16509 (AMAZON-02, US)

d1pze5dd826keg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.231.11.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.64.127 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-64-127.compute-1.amazonaws.com

my.reisimple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	amazonaws.com s3.amazonaws.com	3 MB
3	cloudfront.net d1pze5dd826keg.cloudfront.net	562 KB
2	reisimple.com 1 redirects my.reisimple.com	4 KB
1	freedomsoftsites.com nk5teoydeb.freedomsoftsites.com	8 KB
1	familyapples.com 1 redirects mangotreeinvestments.familyapples.com	195 B
11	5

	Domain	Requested by
6	s3.amazonaws.com	nk5teoydeb.freedomsoftsites.com
3	d1pze5dd826keg.cloudfront.net	nk5teoydeb.freedomsoftsites.com
2	my.reisimple.com	1 redirects nk5teoydeb.freedomsoftsites.com
1	nk5teoydeb.freedomsoftsites.com
1	mangotreeinvestments.familyapples.com	1 redirects
11	5

This site contains links to these domains. Also see Links.

Domain
1kktaqfzal.freedomsoftsites.com
www.renttoownstl.com
reisimple.com

Subject Issuer	Validity	Valid
redstateproperty.freedomsoftsites.com R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.reisimple.com Amazon	`2020-09-20` - `2021-10-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nk5teoydeb.freedomsoftsites.com/
Frame ID: CD407C656AAEF9C5BD7416A8D2A635A6
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mangotreeinvestments.familyapples.com/ HTTP 301
https://nk5teoydeb.freedomsoftsites.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Phusion Passenger (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Phusion Passenger ([\d.]+)/i

Page Statistics

11
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

3217 kB
Transfer

3238 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://1kktaqfzal.freedomsoftsites.com/home
Title: Selling A Home? START HERE...

Search URL Search Domain Scan URL

URL: http://www.renttoownstl.com/go/rent-to-own/
Title: START

Search URL Search Domain Scan URL

URL: http://reisimple.com/
Title: REI Simple

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mangotreeinvestments.familyapples.com/ HTTP 301
https://nk5teoydeb.freedomsoftsites.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://my.reisimple.com/forms/public.js HTTP 302
https://d1pze5dd826keg.cloudfront.net/assets/forms-7330530334a1e52cf3ca22399411d682bddbc6e63c3cf040ac06f16616b930ce.js

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
nk5teoydeb.freedomsoftsites.com/
Redirect Chain

https://mangotreeinvestments.familyapples.com/
https://nk5teoydeb.freedomsoftsites.com/

23 KB
8 KB

490ms
200ms

Document
text/html

34.205.42.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://nk5teoydeb.freedomsoftsites.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.205.42.6 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-42-6.compute-1.amazonaws.com

Software

nginx/1.17.6 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

0da4c78ae513fc1ae3b6c7e5070a61bf32693aac2ea423f3b3a96b2dd17d3c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: nk5teoydeb.freedomsoftsites.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
X-Request-Id: 3b6c976e-ffd6-4d62-9f44-7b92694273a0
Link: <https://nk5teoydeb.freedomsoftsites.com/>; rel="canonical"
X-Download-Options: noopen
ETag: W/"0da4c78ae513fc1ae3b6c7e5070a61bf"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.029094
X-Content-Type-Options: nosniff
Date: Fri, 19 Feb 2021 04:14:57 GMT
X-Powered-By: Phusion Passenger 6.0.4
Server: nginx/1.17.6 + Phusion Passenger 6.0.4
Content-Encoding: gzip

Redirect headers

date: Fri, 19 Feb 2021 04:14:56 GMT
server: nginx/1.19.5
content-type: text/html; charset=iso-8859-1
content-length: 248
location: https://nk5teoydeb.freedomsoftsites.com/
cache-control: max-age=300
expires: Fri, 19 Feb 2021 04:19:56 GMT
x-server-cache: false
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 theme-224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348.css
d1pze5dd826keg.cloudfront.net/assets/websites/ 8 KB
3 KB 73ms
17ms Stylesheet
text/css 2600:9000:2182:c600:a:edc7:b200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pze5dd826keg.cloudfront.net/assets/websites/theme-224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348.css
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c600:a:edc7:b200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 12:19:33 GMT
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
last-modified: Mon, 23 Dec 2019 17:07:37 GMT
server: nginx/1.17.6
age: 57324
etag: W/"5e00f459-1f5f"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: DUS51-C1
content-encoding: gzip
x-amz-cf-id: qS5hLehdgW6zLI6gktEHAWhFCHDyA27UTfGctCikKA6cLBlOupBuNg==

GET
H2 200 sites-dab303cc1fe08d640411022a5729b3e714c33ed9ac644ccdb4bc6e9df46a1900.js Show response
d1pze5dd826keg.cloudfront.net/assets/ 473 KB
474 KB 77ms
21ms Script
application/javascript 2600:9000:2182:c600:a:edc7:b200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pze5dd826keg.cloudfront.net/assets/sites-dab303cc1fe08d640411022a5729b3e714c33ed9ac644ccdb4bc6e9df46a1900.js
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c600:a:edc7:b200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: dab303cc1fe08d640411022a5729b3e714c33ed9ac644ccdb4bc6e9df46a1900

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 08:37:35 GMT
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 19:53:40 GMT
server: nginx/1.17.6
age: 70642
etag: "5fbc1344-765dc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 484828
x-amz-cf-id: xGX1Vgb1H-eE0NHabs0iVRMAWgkvqn9hejXeVqik7tuO_SQkdT44aw==

GET
H/1.1 200
OK Mango_Tree_Properties_LOGO.png
s3.amazonaws.com/com.reisimple.production/site/media/files/14572/original/ 142 KB
142 KB 587ms
181ms Image
image/png 54.231.11.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.reisimple.production/site/media/files/14572/original/Mango_Tree_Properties_LOGO.png
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.11.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8404c9ad1d4670c3e75884310f5bfd7f8af005b2cd77200b9873341ebf69aadb

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 04:14:58 GMT
Last-Modified: Sat, 19 Dec 2020 04:43:04 GMT
Server: AmazonS3
x-amz-request-id: 3A5C2AFCDA823A61
ETag: "dffd4a9ec18661e75f39d0ab5280686a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 145015
x-amz-id-2: C3TPPc77QvFxR0ciTUrqKup/16/ea2XAtmXYEJaBP0MWX1sS/khmCknmClvjGwT/

GET
H/1.1 200
OK home-top.png
s3.amazonaws.com/com.reisimple.production/site/media/files/3101/original/ 10 KB
10 KB 573ms
173ms Image
image/png 54.231.11.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.reisimple.production/site/media/files/3101/original/home-top.png
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.11.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fdd953e4d3199fed720aabbb434cfd1b213d584d496d5f8f6e14aeebc05575e8

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 04:14:58 GMT
Last-Modified: Sun, 06 Jan 2019 17:15:35 GMT
Server: AmazonS3
x-amz-request-id: 1F58ACB5D82F6487
ETag: "061ed80c7abfe76c75c3c595c84c8270"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9758
x-amz-id-2: PzMWjAEapDwInYzyXHLiryIFMNYYkknEDMvrUr4dCQufY4BcnlkyzwEnXycwwO4s

GET
H2 200 w3pu4IwfiXjGRQ.js Show response
my.reisimple.com/forms/public/ 7 KB
3 KB 528ms
173ms Script
text/javascript 52.20.64.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.reisimple.com/forms/public/w3pu4IwfiXjGRQ.js

Requested by

Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.64.127 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-64-127.compute-1.amazonaws.com

Software

nginx/1.17.6 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

bd5b75e1c7241b92695ae804dca6f17bd4fd8ea22da5b2c7c48f83c9767c14fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 6.0.4
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 9c1875f2-ea51-44b5-8297-4af229334b77
x-runtime: 0.020307
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.6 + Phusion Passenger 6.0.4
x-frame-options: SAMEORIGIN
etag: W/"bd5b75e1c7241b92695ae804dca6f17b"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
pragma: no-cache
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK exterior-house-design-modest_68858.jpg
s3.amazonaws.com/com.reisimple.production/site/media/files/15440/original/ 62 KB
62 KB 565ms
163ms Image
image/jpeg 54.231.11.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.reisimple.production/site/media/files/15440/original/exterior-house-design-modest_68858.jpg
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.11.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: af7978007614353cd8656ff9bcf474a00fed28ca838a5bb88ee469a799b02976

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 04:14:58 GMT
Last-Modified: Mon, 01 Feb 2021 23:16:38 GMT
Server: AmazonS3
x-amz-request-id: B82CDA1E1FAB5E55
ETag: "530907f38f16dd4058300c7557777c55"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 63286
x-amz-id-2: /H57qaQ+ckweSINpv++YCZ4qYK5vSwUc0+IDZU+dK+5lqAWzA4APSFwRoLlkeiBb

GET
H/1.1 200
OK home-kitchen.jpg
s3.amazonaws.com/com.reisimple.production/site/media/files/3093/original/ 14 KB
14 KB 579ms
172ms Image
image/jpeg 54.231.11.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.reisimple.production/site/media/files/3093/original/home-kitchen.jpg
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.11.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9ba3b18d2c7aba77b652e24b3d8497a0b1f45ca9d1fb8e50a584bb0f5eb60c3e

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 04:14:58 GMT
Last-Modified: Sat, 05 Jan 2019 07:29:05 GMT
Server: AmazonS3
x-amz-request-id: 2E3741365AFC32E7
ETag: "035507dd762364426850d4da6eba4c6a"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 14186
x-amz-id-2: AZJCUVRIxJmiauit5R8r58L11lfHp63sa9vTRe4VRCQC+qpLMuVHBLF2Tg3sEZHq

GET
H/1.1 200
OK Screen_Shot_on_2019-01-06_at_14_02_42.png
s3.amazonaws.com/com.reisimple.production/site/media/files/3107/original/ 307 KB
307 KB 596ms
189ms Image
image/png 54.231.11.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.reisimple.production/site/media/files/3107/original/Screen_Shot_on_2019-01-06_at_14_02_42.png
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.11.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d149c14a12371b79040fc8ef99a2d648ff4ef107f33e9e2623f622453a5a79b7

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 04:14:58 GMT
Last-Modified: Sun, 06 Jan 2019 20:03:41 GMT
Server: AmazonS3
x-amz-request-id: 8405063904DBB899
ETag: "6b1f361e104a7fb13e7a2f6e461d33ee"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 314322
x-amz-id-2: Z6Qr3jTL7hnKiNu7ymXf2qRxK9jH3oEtuJqu7NMal4M/hhO1CL2wlJ/18oO+KONj

GET
H/1.1 200
OK Medium_estate_home.jpg
s3.amazonaws.com/com.reisimple.production/site/media/files/15428/original/ 2 MB
2 MB 593ms
187ms Image
image/jpeg 54.231.11.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.reisimple.production/site/media/files/15428/original/Medium_estate_home.jpg
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.11.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ffd42a70c1614c0803a6f82ade8766b45c8e49d9208547baaa888f6662d77a6b

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 04:14:58 GMT
Last-Modified: Mon, 01 Feb 2021 22:24:46 GMT
Server: AmazonS3
x-amz-request-id: DE36B0295B8AC928
ETag: "9eff395aef9f12503b632a39acec62ef"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2157783
x-amz-id-2: MlwGnXkNG4dtKeSzTHt4pSyPYzDLasxiyfDh8Oqg6E/d9YFKcdJgVrzYZ9cvVI9T

GET
H2

200

forms-7330530334a1e52cf3ca22399411d682bddbc6e63c3cf040ac06f16616b930ce.js Show response
d1pze5dd826keg.cloudfront.net/assets/
Redirect Chain

https://my.reisimple.com/forms/public.js
https://d1pze5dd826keg.cloudfront.net/assets/forms-7330530334a1e52cf3ca22399411d682bddbc6e63c3cf040ac06f16616b930ce.js

85 KB
85 KB

15ms
15ms

Script
application/javascript

2600:9000:2182:c600:a:edc7:b200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pze5dd826keg.cloudfront.net/assets/forms-7330530334a1e52cf3ca22399411d682bddbc6e63c3cf040ac06f16616b930ce.js
Requested by: Host: nk5teoydeb.freedomsoftsites.com
URL: https://nk5teoydeb.freedomsoftsites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c600:a:edc7:b200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 7330530334a1e52cf3ca22399411d682bddbc6e63c3cf040ac06f16616b930ce

Request headers

Referer: https://nk5teoydeb.freedomsoftsites.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 08:37:37 GMT
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jul 2020 22:16:14 GMT
server: nginx/1.17.6
age: 70640
etag: "5f1617ae-153cd"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 86989
x-amz-cf-id: _5pDdmOn-lpAINDAJHrWzDl2qU5ZKeG_rdnmcArKHRM0G05z5NF5lg==

Redirect headers

date: Fri, 19 Feb 2021 04:14:57 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 6.0.4
status: 302 Found
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: ca4484af-52ec-453a-98a4-d7de89afc79d
x-runtime: 0.002471
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.6 + Phusion Passenger 6.0.4
location: //d1pze5dd826keg.cloudfront.net/assets/forms-7330530334a1e52cf3ca22399411d682bddbc6e63c3cf040ac06f16616b930ce.js
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
pragma: no-cache
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 566 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9dac174850ffb4361001e3738b49b6f835e78fa2028a8753909509bd131de05

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nk5teoydeb.freedomsoftsites.com/	1970-01-20 16:15:08	Name: timezone Value: 3600

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1pze5dd826keg.cloudfront.net
mangotreeinvestments.familyapples.com
my.reisimple.com
nk5teoydeb.freedomsoftsites.com
s3.amazonaws.com
162.241.224.233
2600:9000:2182:c600:a:edc7:b200:21
34.205.42.6
52.20.64.127
54.231.11.147
0da4c78ae513fc1ae3b6c7e5070a61bf32693aac2ea423f3b3a96b2dd17d3c37
224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348
7330530334a1e52cf3ca22399411d682bddbc6e63c3cf040ac06f16616b930ce
8404c9ad1d4670c3e75884310f5bfd7f8af005b2cd77200b9873341ebf69aadb
9ba3b18d2c7aba77b652e24b3d8497a0b1f45ca9d1fb8e50a584bb0f5eb60c3e
af7978007614353cd8656ff9bcf474a00fed28ca838a5bb88ee469a799b02976
bd5b75e1c7241b92695ae804dca6f17bd4fd8ea22da5b2c7c48f83c9767c14fc
c9dac174850ffb4361001e3738b49b6f835e78fa2028a8753909509bd131de05
d149c14a12371b79040fc8ef99a2d648ff4ef107f33e9e2623f622453a5a79b7
dab303cc1fe08d640411022a5729b3e714c33ed9ac644ccdb4bc6e9df46a1900
fdd953e4d3199fed720aabbb434cfd1b213d584d496d5f8f6e14aeebc05575e8
ffd42a70c1614c0803a6f82ade8766b45c8e49d9208547baaa888f6662d77a6b

nk5teoydeb.freedomsoftsites.com Open in urlscan Pro 34.205.42.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

5 IPs

1 Countries

3217 kBTransfer

3238 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

nk5teoydeb.freedomsoftsites.com Open in urlscan Pro
34.205.42.6 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

3217 kB
Transfer

3238 kB
Size

1
Cookies

11 HTTP transactions
1 data transactions