urlscan.io logo urlscan.io
SecurityTrails logo

www.realtylion.com Open in urlscan Pro
18.232.120.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u4716461.ct.sendgrid.net/ls/click?upn=tWVUvx-2FUBL48udEPsjOmCwutC7gZNiUC-2BVSi1QzTi3Qxd6hoq9p2OrrjdimCaeyASlwjBLnwLLtCqJT...
Effective URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Submission: On July 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 18.232.120.147, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.realtylion.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 12th 2020. Valid for: 2 years.
This is the only time www.realtylion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.121 11377 (SENDGRID)
9 18.232.120.147 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.92.132.176 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 8
1    167.89.115.121 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net
u4716461.ct.sendgrid.net
9    18.232.120.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-120-147.compute-1.amazonaws.com
www.realtylion.com
www.liondesk.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    52.92.132.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.liondesk.com www.realtylion.com
4 s3-us-west-2.amazonaws.com www.realtylion.com
3 www.realtylion.com ajax.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com www.realtylion.com
1 fonts.googleapis.com www.realtylion.com
1 maxcdn.bootstrapcdn.com www.realtylion.com
1 u4716461.ct.sendgrid.net 1 redirects
18 8

This site contains links to these domains. Also see Links.

Domain
www.liondesk.com
Subject Issuer Validity Valid
www.realtylion.com
Go Daddy Secure Certificate Authority - G2		 2020-02-12 -
2022-02-12		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.liondesk.com
Go Daddy Secure Certificate Authority - G2		 2020-02-11 -
2022-02-11		 2 years crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Frame ID: 293735B96D6188467F9E5ED641B7C700
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u4716461.ct.sendgrid.net/ls/click?upn=tWVUvx-2FUBL48udEPsjOmCwutC7gZNiUC-2BVSi1QzTi3Qxd6hoq9p2Orrjdim... HTTP 302
    https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^<]+class="[^"]*[^-](?:e-control|e-lib)/i

Page Statistics

18
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

2337 kB
Transfer

3219 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u4716461.ct.sendgrid.net/ls/click?upn=tWVUvx-2FUBL48udEPsjOmCwutC7gZNiUC-2BVSi1QzTi3Qxd6hoq9p2OrrjdimCaeyASlwjBLnwLLtCqJT9206cIL-2FPAntSnE7RnIgZBBH5jQA-2FVHtjoQjCRnRL1oo-2FS4BeocAFb6AyHAIqefi06agkIw-3D-3DZ3LO_fMC4oIinZPuq1V-2FqrxpZAt5B6sFL0c-2Bdu8YXE1PEw2Jvwug011-2FpUd75zIIeLuA4KgP8Pon2bxHBQirsBm8s8YEn-2BtA4FI8WuP8zU0TUTiM8ODMkEivgaocouhhATm-2FaOIKfOsk7P4tgz0QRTDNpJ5T17cofQJsaRR-2B969q6K5hEI9h-2FrmmGvq9-2BuQBwNtuecvJnaZDOltl9i2sllEtisgP-2BPbV-2BFzaXAYY7C-2FSbJKyJ1c9jYtVgGQQCmqXPC9lzUPrpDg9QUDr60J-2Bfpu-2FeXFMlv9SiDb58MvnLLN9AC6THAiEVEpR4hKflauC-2Fdcf3TwmvzxbwN7r-2BVmhFFx-2FVZs6Ma36hoL-2FSnotm53eth6ga3-2Bj6WOolRQ2kTe4T4lxwZxoanzGMBq0M17xYUqeyClxCm5KU4rrtLDLUkuUoWjySwPyZMHC4-2B19glOGrgtAD HTTP 302
    https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request videoemail.html
www.realtylion.com/
Redirect Chain
  • https://u4716461.ct.sendgrid.net/ls/click?upn=tWVUvx-2FUBL48udEPsjOmCwutC7gZNiUC-2BVSi1QzTi3Qxd6hoq9p2OrrjdimCaeyASlwjBLnwLLtCqJT9206cIL-2FPAntSnE7RnIgZBBH5jQA-2FVHtjoQjCRnRL1oo-2FS4BeocAFb6AyHAIqe...
  • https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / PHP/7.3.7
Resource Hash
efe6c81cf2cf9f76fda8ae1bad34938d19cbf61782f6bbd420cab43109b9175a

Request headers

:method
GET
:authority
www.realtylion.com
:scheme
https
:path
/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
PHP/7.3.7
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST,GET
date
Tue, 13 Jul 2021 20:35:32 GMT
content-length
10349

Redirect headers

Server
nginx
Date
Tue, 13 Jul 2021 20:35:32 GMT
Content-Type
text/html; charset=utf-8
Content-Length
120
Connection
keep-alive
Location
https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
X-Robots-Tag
noindex, nofollow
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.realtylion.com
Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 20:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
26
cdn-cachedat
2021-06-08 21:14:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e6f2070307db1137d79e5f1a44a0f0e3
cf-ray
66e54c64d8c7062d-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,700italic|Roboto+Mono:400,700
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e084833b09f4f55fa20b0e9357f173fd26cc1c41a71cd53a114b90dc0ffe2320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 20:35:33 GMT
server
ESF
date
Tue, 13 Jul 2021 20:35:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 20:35:33 GMT
video-js.min.css
www.liondesk.com/admin/video/videojs/css/ 		39 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.liondesk.com/admin/video/videojs/css/video-js.min.css
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d08e2908941cab8361861835a43adba83d5ad5d6dadade35fb2cc983a9e3779d

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 20:35:33 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 20:33:06 GMT
server
Microsoft-IIS/10.0
etag
"0ada24c51e0d51:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
text/css
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
12979
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 16:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 16:04:05 GMT
lodash.js
www.liondesk.com/admin/assets/js/ 		504 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.liondesk.com/admin/assets/js/lodash.js
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6de6d7d9fbc51ed4699afada2c7c9fdf64e918b2b8ba565cdb3ee5e5d2c35bd4

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 20:35:33 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 18:26:29 GMT
server
Microsoft-IIS/10.0
etag
"8078789c3fe0d51:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
application/javascript
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
91766
video.min.js
www.liondesk.com/admin/video/videojs/js/ 		255 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.liondesk.com/admin/video/videojs/js/video.min.js
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
66028bdf106e9d9a5be6200c370f79f276738ea78fb24c002c214ad449a809ac

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 20:35:33 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 20:33:12 GMT
server
Microsoft-IIS/10.0
etag
"034365051e0d51:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
application/javascript
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
60095
rl6.js
www.liondesk.com/admin/rl6/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.liondesk.com/admin/rl6/js/rl6.js
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
dd6ca1ed760b89f7d13b14f8f5c49c873b14285b2c21f077c26e3ef0c46e173b

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 20:35:33 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 22:33:12 GMT
server
Microsoft-IIS/10.0
etag
"04bf1362e0d51:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
application/javascript
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
4891
rl6._utils.js
www.liondesk.com/admin/rl6/js/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.liondesk.com/admin/rl6/js/rl6._utils.js
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c6cd7a5072816249a70ffe7c1436362b2cedf1e6fe7fdf9a2c43330fe3ab7ea2

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 20:35:33 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 07:45:35 GMT
server
Microsoft-IIS/10.0
etag
"80b9f1ffca26d71:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
application/javascript
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
12414
cover.gif
s3-us-west-2.amazonaws.com/liondesk-userdata01/video-image/9a936006-eeae-482b-a6f5-b46be2f49759/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/liondesk-userdata01/video-image/9a936006-eeae-482b-a6f5-b46be2f49759/cover.gif
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.132.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b6c64b30b4c18b129cf0be30b2aa1712510015674ac681ac508ceb9b83304919

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 20:35:35 GMT
Last-Modified
Thu, 01 Jul 2021 15:27:17 GMT
Server
AmazonS3
x-amz-meta-userid
0
ETag
"99675e066bd89ab832b50f8517677d45"
Content-Type
image/gif
x-amz-request-id
ZAPWJQN48N36RX2D
Accept-Ranges
bytes
Content-Length
1861913
x-amz-id-2
z4n7drQQmcMyzH+gV0TTCa+K9r2CIhAKSnAaPRd6KdbGzHzp+9l0UZkj6zNsv6ffw9PQs28ZONA=
esig-greg-gasco.jpg
s3-us-west-2.amazonaws.com/liondesk-userdata01/idLionDeskUser14628/83565/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/liondesk-userdata01/idLionDeskUser14628/83565/esig-greg-gasco.jpg
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.132.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3f180c4af6ea7552fca0ecd28c090a746f1b522ad6de2c25ee885cea95d30361

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 20:35:35 GMT
Last-Modified
Tue, 29 Dec 2020 15:56:52 GMT
Server
AmazonS3
x-amz-meta-userid
14628
ETag
"e54efc5163c80b075f693754d202c5e6"
Content-Type
image/jpeg
x-amz-request-id
ZAPWDYVWA2Y63A86
Accept-Ranges
bytes
Content-Length
123100
x-amz-id-2
odQusAIUSQvhVqZXW/WdtRzcy2DAbvT47D8M+6isPkgAVlbqf46LDjz5RHvAS9dpfjD7hqUur5Y=
LionDesk.png
www.liondesk.com/admin/assets/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.liondesk.com/admin/assets/images/LionDesk.png
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
8b1f7fcea411337bc6af15b3ec6f97f2bca142f3152cea3475c0b179d1b0e55d

Request headers

Referer
https://www.realtylion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 20:35:33 GMT
last-modified
Tue, 11 Feb 2020 02:42:15 GMT
server
Microsoft-IIS/10.0
etag
"33ef7de84e0d51:0"
access-control-allow-methods
POST,GET
content-type
image/png
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39454
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,700italic|Roboto+Mono:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.realtylion.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 17:17:27 GMT
x-content-type-options
nosniff
age
11887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 17:17:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,700italic|Roboto+Mono:400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.realtylion.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 06:52:18 GMT
x-content-type-options
nosniff
age
49396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 06:52:18 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
852f89e9a8ebd41b3d371a9ca8365d559e272146a586e62ff5799f74fa509713

Request headers

Origin
https://www.realtylion.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
video.mp4
s3-us-west-2.amazonaws.com/liondesk-userdata01/video/9a936006-eeae-482b-a6f5-b46be2f49759/ 		34 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/liondesk-userdata01/video/9a936006-eeae-482b-a6f5-b46be2f49759/video.mp4
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.132.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.realtylion.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 13 Jul 2021 20:35:36 GMT
Last-Modified
Thu, 01 Jul 2021 15:27:13 GMT
Server
AmazonS3
x-amz-meta-userid
0
ETag
"f8c7eecbd1d50d11437833c66efcccab"
Content-Type
video/mp4
Content-Range
bytes 0-6739586/6739587
x-amz-request-id
AZXB4RADM7HBDEJA
Accept-Ranges
bytes
Content-Length
6739587
x-amz-id-2
Z4qnfZM5HocturtJABGkjWpzojZ85ey3eeOHQI2L+ZT9pFoJwPkl0H+8eFd8y4jPMXQhmsoPFsU=
video.mp4
s3-us-west-2.amazonaws.com/liondesk-userdata01/video/9a936006-eeae-482b-a6f5-b46be2f49759/ 		86 KB
86 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/liondesk-userdata01/video/9a936006-eeae-482b-a6f5-b46be2f49759/video.mp4
Requested by
Host: www.realtylion.com
URL: https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.132.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5201ac35fb619c25149734d8fdf9e4cabcbab7bb96648048e5eb70fb3b7f3727

Request headers

Referer
https://www.realtylion.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=6651904-

Response headers

Date
Tue, 13 Jul 2021 20:35:36 GMT
Last-Modified
Thu, 01 Jul 2021 15:27:13 GMT
Server
AmazonS3
x-amz-meta-userid
0
ETag
"f8c7eecbd1d50d11437833c66efcccab"
Content-Type
video/mp4
Content-Range
bytes 6651904-6739586/6739587
x-amz-request-id
AZXC3C56FH90ESTZ
Accept-Ranges
bytes
Content-Length
87683
x-amz-id-2
2kNJzBqtRhWSB7zuNVF598Yo8fSGWSkV8oANoDf2ekkAS9cAe0vvCFmQyFhpndP8OKqMYjHBb9o=
videoemail.html
www.realtylion.com/ 		285 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.realtylion.com/videoemail.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / PHP/7.3.7
Resource Hash
bee7d6a70090da536ab3ec031ac553df000d84f08480c5819fe8ac9db25aa503

Request headers

sec-fetch-mode
cors
origin
https://www.realtylion.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
content-length
311
:path
/videoemail.html
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.realtylion.com
referer
https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 13 Jul 2021 20:35:35 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-powered-by
PHP/7.3.7
content-length
285
access-control-allow-methods
POST,GET
content-type
application/json
videoemail.html
www.realtylion.com/ 		225 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.realtylion.com/videoemail.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.232.120.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-120-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / PHP/7.3.7
Resource Hash
90ce93bfc5b5ff48946279463c80a705dfdff33970e4abc330adc0d65661c0aa

Request headers

sec-fetch-mode
cors
origin
https://www.realtylion.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
content-length
237
:path
/videoemail.html
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.realtylion.com
referer
https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://www.realtylion.com/videoemail.html?token=eyJtZWRpYSI6IjExNTI4MiIsImVtYWlsIjo4MzI5MzE2NzB9
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 13 Jul 2021 20:35:35 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-powered-by
PHP/7.3.7
content-length
225
access-control-allow-methods
POST,GET
content-type
application/json

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| _ function| videojs object| vttjs function| VTTRegion function| WebVTT object| RL6 object| Base64 object| players object| device object| track function| sizeVideo function| calcSize object| siteData

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
s3-us-west-2.amazonaws.com
u4716461.ct.sendgrid.net
www.liondesk.com
www.realtylion.com
167.89.115.121
18.232.120.147
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
52.92.132.176
3f180c4af6ea7552fca0ecd28c090a746f1b522ad6de2c25ee885cea95d30361
5201ac35fb619c25149734d8fdf9e4cabcbab7bb96648048e5eb70fb3b7f3727
66028bdf106e9d9a5be6200c370f79f276738ea78fb24c002c214ad449a809ac
6de6d7d9fbc51ed4699afada2c7c9fdf64e918b2b8ba565cdb3ee5e5d2c35bd4
852f89e9a8ebd41b3d371a9ca8365d559e272146a586e62ff5799f74fa509713
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b1f7fcea411337bc6af15b3ec6f97f2bca142f3152cea3475c0b179d1b0e55d
90ce93bfc5b5ff48946279463c80a705dfdff33970e4abc330adc0d65661c0aa
b6c64b30b4c18b129cf0be30b2aa1712510015674ac681ac508ceb9b83304919
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bee7d6a70090da536ab3ec031ac553df000d84f08480c5819fe8ac9db25aa503
c6cd7a5072816249a70ffe7c1436362b2cedf1e6fe7fdf9a2c43330fe3ab7ea2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d08e2908941cab8361861835a43adba83d5ad5d6dadade35fb2cc983a9e3779d
dd6ca1ed760b89f7d13b14f8f5c49c873b14285b2c21f077c26e3ef0c46e173b
e084833b09f4f55fa20b0e9357f173fd26cc1c41a71cd53a114b90dc0ffe2320
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
efe6c81cf2cf9f76fda8ae1bad34938d19cbf61782f6bbd420cab43109b9175a