norcalpropertyfinders.com Open in urlscan Pro
107.178.251.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://norcalpropertyfinders.com/
Submission: On February 18 via api (February 18th 2019, 10:41:35 am UTC) from DE

Summary HTTP 4 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 107.178.251.146, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is norcalpropertyfinders.com.

This is the only time norcalpropertyfinders.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	107.178.251.146 107.178.251.146		15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::200a		15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2606:4700:30:... 2606:4700:30::681f:4ca6		13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	107.178.250.23 107.178.250.23		15169 (GOOGLE) (GOOGLE - Google LLC)
4	3

2 107.178.251.146 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 146.251.178.107.bc.googleusercontent.com

norcalpropertyfinders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:4ca6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.findmynextdeal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.23 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 23.250.178.107.bc.googleusercontent.com

u100422.h.automatedgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	automatedgenius.com 1 redirects u100422.h.automatedgenius.com	544 B
2	norcalpropertyfinders.com norcalpropertyfinders.com	10 KB
1	findmynextdeal.com 1 redirects www.findmynextdeal.com	1 KB
1	googleapis.com fonts.googleapis.com	1 KB
4	4

	Domain	Requested by
2	u100422.h.automatedgenius.com	1 redirects norcalpropertyfinders.com
2	norcalpropertyfinders.com	norcalpropertyfinders.com
1	www.findmynextdeal.com	1 redirects
1	fonts.googleapis.com	norcalpropertyfinders.com
4	4

This site contains no links.

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://norcalpropertyfinders.com/
Frame ID: 44599EA3D20EAAE14CAACB6763B40F4E
Requests: 3 HTTP requests in this frame

Frame: http://u100422.h.automatedgenius.com/looking_for_property_finders/
Frame ID: 1F8AD5A842431005829BEA2903BDB3A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

4
Requests

25 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

12 kB
Transfer

29 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.findmynextdeal.com/birddog/new/100422 HTTP 302
http://u100422.h.automatedgenius.com/?p=1061 HTTP 301
http://u100422.h.automatedgenius.com/looking_for_property_finders/

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
norcalpropertyfinders.com/ 10 KB
5 KB 334ms
207ms Document
text/html 107.178.251.146
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://norcalpropertyfinders.com/
Protocol: HTTP/1.1
Server: 107.178.251.146 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 146.251.178.107.bc.googleusercontent.com
Software: openresty/1.9.15.1 / PHP/5.6.26
Resource Hash: 1636c4e3da2c008c459d214402ee5ae933425df0d21d4eac9cc7b0ffcc1808e4

Request headers

Host: norcalpropertyfinders.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: openresty/1.9.15.1
Date: Mon, 18 Feb 2019 10:41:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4464
X-Powered-By: PHP/5.6.26
Set-Cookie: 9e6a43d3e0e54cc6dd291ff6f811bb2227ffde3c=ab26c61a212a070a035fae81cea5fbd3; expires=Mon, 18-Feb-2019 22:41:16 GMT; Max-Age=43200; path=/; domain=.norcalpropertyfinders.com 9e6a43d3e0e54cc6dd291ff6f811bb2227ffde3c=ab26c61a212a070a035fae81cea5fbd3; expires=Mon, 18-Feb-2019 09:41:16 GMT; Max-Age=-3600; path=/; domain=.norcalpropertyfinders.com 9e6a43d3e0e54cc6dd291ff6f811bb2227ffde3c=ab26c61a212a070a035fae81cea5fbd3; expires=Mon, 18-Feb-2019 09:41:16 GMT; Max-Age=-3600; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Via: 1.1 google

GET
H/1.1 200
OK Cookie set font-awesome.min.css
norcalpropertyfinders.com/public/fonts/fontawesome/css/ 10 KB
5 KB 193ms
192ms Stylesheet
text/html 107.178.251.146
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://norcalpropertyfinders.com/public/fonts/fontawesome/css/font-awesome.min.css
Requested by: Host: norcalpropertyfinders.com
URL: http://norcalpropertyfinders.com/
Protocol: HTTP/1.1
Server: 107.178.251.146 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 146.251.178.107.bc.googleusercontent.com
Software: openresty/1.9.15.1 / PHP/5.6.26
Resource Hash: 65431aba8caa663cfa67e7f1a36f984c26c52a3730fa0b9d51688238b3a505f5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norcalpropertyfinders.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://norcalpropertyfinders.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norcalpropertyfinders.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Feb 2019 10:41:16 GMT
Content-Encoding: gzip
Server: openresty/1.9.15.1
X-Powered-By: PHP/5.6.26
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Via: 1.1 google
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: 9e6a43d3e0e54cc6dd291ff6f811bb2227ffde3c=85d129fa36656f6a5931d75c9aa17953; expires=Mon, 18-Feb-2019 22:41:16 GMT; Max-Age=43200; path=/; domain=.norcalpropertyfinders.com 9e6a43d3e0e54cc6dd291ff6f811bb2227ffde3c=85d129fa36656f6a5931d75c9aa17953; expires=Mon, 18-Feb-2019 09:41:16 GMT; Max-Age=-3600; path=/; domain=.norcalpropertyfinders.com 9e6a43d3e0e54cc6dd291ff6f811bb2227ffde3c=85d129fa36656f6a5931d75c9aa17953; expires=Mon, 18-Feb-2019 09:41:16 GMT; Max-Age=-3600; path=/
Content-Length: 4464
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Caveat|Coming+Soon|Covered+By+Your+Grace|Crafty+Girls|Gochi+Hand|Great+Vibes|Homemade+Apple|Just+Me+Again+Down+Here|Patrick+Hand|Permanent+Marker|Rock+Salt|Schoolbell|Shadows+Into+Light+Two|Walter+Turncoat

Requested by

Host: norcalpropertyfinders.com
URL: http://norcalpropertyfinders.com/

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

96ecbbb239e28e7b4cb8134571a235a86beeb8c655871d29f9b1879596ea8f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://norcalpropertyfinders.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 18 Feb 2019 10:41:16 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 18 Feb 2019 10:41:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 18 Feb 2019 10:41:16 GMT

GET
H/1.1

200
OK

/
u100422.h.automatedgenius.com/looking_for_property_finders/ Frame 1F8A
Redirect Chain

http://www.findmynextdeal.com/birddog/new/100422
http://u100422.h.automatedgenius.com/?p=1061
http://u100422.h.automatedgenius.com/looking_for_property_finders/

0
0

534ms
533ms

Document
text/html

107.178.250.23
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://u100422.h.automatedgenius.com/looking_for_property_finders/
Requested by: Host: norcalpropertyfinders.com
URL: http://norcalpropertyfinders.com/
Protocol: HTTP/1.1
Server: 107.178.250.23 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 23.250.178.107.bc.googleusercontent.com
Software: openresty/1.9.15.1 / PHP/5.6.26
Resource Hash

Request headers

Host: u100422.h.automatedgenius.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://norcalpropertyfinders.com/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=qeelrvtrch18ul4oetknp4d123
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://norcalpropertyfinders.com/

Response headers

Server: openresty/1.9.15.1
Date: Mon, 18 Feb 2019 10:41:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.26
X-Pj-Cache-Status: miss
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex
Link: <http://u100422.h.automatedgenius.com/?p=1061>; rel=shortlink
Content-Encoding: gzip
Vary: Accept-Encoding
Via: 1.1 google

Redirect headers

Server: openresty/1.9.15.1
Date: Mon, 18 Feb 2019 10:41:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 20
X-Powered-By: PHP/5.6.26
X-Pj-Cache-Status: miss
Set-Cookie: PHPSESSID=qeelrvtrch18ul4oetknp4d123; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Robots-Tag: noindex
Location: http://u100422.h.automatedgenius.com/looking_for_property_finders/
Content-Encoding: gzip
Vary: Accept-Encoding
Via: 1.1 google

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| login_redirect function| app_logout function| app_verify_call function| app_verify function| app_verify_success function| mobilecheck object| isMobile function| mobilecheck_new

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			u100422.h.automatedgenius.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1lqj1igt4a4s4kahvm6ijld3k5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
norcalpropertyfinders.com
u100422.h.automatedgenius.com
www.findmynextdeal.com
107.178.250.23
107.178.251.146
2606:4700:30::681f:4ca6
2a00:1450:4001:80b::200a
1636c4e3da2c008c459d214402ee5ae933425df0d21d4eac9cc7b0ffcc1808e4
65431aba8caa663cfa67e7f1a36f984c26c52a3730fa0b9d51688238b3a505f5
96ecbbb239e28e7b4cb8134571a235a86beeb8c655871d29f9b1879596ea8f3f