freim-regulation.hostfree.pw Open in urlscan Pro
185.27.134.222  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://freim-regulation.hostfree.pw/ Page URL
2. http://freim-regulation.hostfree.pw/?i=1 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response freim-regulation.hostfree.pw/	839 B 831 B	427ms 88ms	Document text/html	185.27.134.222 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://freim-regulation.hostfree.pw/ Protocol HTTP/1.1 Server 185.27.134.222 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash 09bc03deef596fae14add51fc997a74b5706e3324b53ae654a940141ab76797b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 09 Jun 2022 15:18:17 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	aes.js Show response freim-regulation.hostfree.pw/	30 KB 31 KB	394ms 394ms	Script application/javascript	185.27.134.222 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://freim-regulation.hostfree.pw/aes.js Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/ Protocol HTTP/1.1 Server 185.27.134.222 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 09 Jun 2022 15:18:17 GMT Last-Modified Sat, 08 Aug 2015 08:12:23 GMT Server nginx ETag "55c5b9e7-79e6" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 31206
GET H/1.1	200 OK	Primary Request / Show response freim-regulation.hostfree.pw/	110 KB 20 KB	427ms 427ms	Document text/html	185.27.134.222 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://freim-regulation.hostfree.pw/?i=1 Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/ Protocol HTTP/1.1 Server 185.27.134.222 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash 349b21999b2ff55c8a6cde0e6c59d8de30c8174eb477102026fac3daa04a2207 Request headers Referer http://freim-regulation.hostfree.pw/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 09 Jun 2022 15:18:18 GMT Expires Thu, 09 Jun 2022 15:18:17 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	Default1.css freim-regulation.hostfree.pw/index_files/	16 KB 4 KB	88ms 88ms	Stylesheet text/css	185.27.134.222 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://freim-regulation.hostfree.pw/index_files/Default1.css Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Server 185.27.134.222 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash 815f48ded9f8de365f0843f95781f21fe108ad84cbc9fec2db8260365e036c7c Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/?i=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 09 Jun 2022 15:18:18 GMT Content-Encoding gzip Last-Modified Tue, 07 Jun 2022 03:29:52 GMT Server nginx Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate Transfer-Encoding chunked Connection keep-alive Expires Sat, 09 Jul 2022 15:18:18 GMT
GET H/1.1	404 Not Found	preact-incoming-feedback.417f8858abb528f56b1d.js freim-regulation.hostfree.pw/index_files/	0 0	170ms 89ms	Script text/html	185.27.134.222 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://freim-regulation.hostfree.pw/index_files/preact-incoming-feedback.417f8858abb528f56b1d.js Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Server 185.27.134.222 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/?i=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 09 Jun 2022 15:18:18 GMT Content-Encoding gzip Last-Modified Sun, 16 Sep 2018 19:14:37 GMT Server nginx Vary Accept-Encoding Content-Type text/html Cache-Control max-age=5, public, proxy-revalidate, public, proxy-revalidate Transfer-Encoding chunked Connection keep-alive
GET H2	200	preact-incoming-feedback.563a27a83688364f89f9.js Show response script.hotjar.com/	153 KB 31 KB	40ms 7ms	Script application/javascript	143.204.146.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/preact-incoming-feedback.563a27a83688364f89f9.js Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.146.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-146-14.ewr52.r.cloudfront.net Software / Resource Hash e7187f115b4479924d6a12618adb811fd4376fb97666ed433a8afddd54160931 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 10:09:31 GMT content-encoding br x-content-type-options nosniff age 1228127 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 31521 access-control-allow-origin * last-modified Wed, 13 Apr 2022 08:30:26 GMT etag "097cb79e983c8076614a6d4f7117b3c3" vary Accept-Encoding content-type application/javascript via 1.1 c855cfdfac580e3b58f1c68c8d67dcf6.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop EWR52-C2 accept-ranges bytes x-robots-tag none x-amz-cf-id YlybPVajsv6HXL4Ku7SB5AwN3UskfkxLiwGOU2afksUMP12G0seWvQ==
GET H/1.1	200 OK	botonAceptar.png freim-regulation.hostfree.pw/index_files/	2 KB 2 KB	88ms 87ms	Image image/png	185.27.134.222 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL http://freim-regulation.hostfree.pw/index_files/botonAceptar.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Server 185.27.134.222 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash fdd025456871d99b45cf95a30a097d5c168a62c91fd86852cba4802321f6e36a Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/?i=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 09 Jun 2022 15:18:18 GMT Last-Modified Tue, 07 Jun 2022 03:29:51 GMT Server nginx Content-Type image/png Cache-Control max-age=2592000, public, proxy-revalidate, public, proxy-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 1699 Expires Sat, 09 Jul 2022 15:18:18 GMT
GET H/1.1	200 OK	bannerPortal.PNG www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	19 KB 20 KB	340ms 7ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/bannerPortal.PNG Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/index_files/Default1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash ce4c41a5f975970fa6b4dcca965882e19c3e32ec39cbbac1bf6aef06d0b3f898 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "d676dfc44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 9-1873033-0 0CNN RT(1654787899266 18) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-16275489" Accept-Ranges bytes Content-Length 19954 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton7.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	390 B 1 KB	342ms 8ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton7.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 2d0daec75f26c52c01310f34eb530f1bb7be8a63a5255c921342f900c6289997 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "91d9e2c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 6-1811985-0 0CNN RT(1654787899266 22) q(0 -1 -1 1) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-24297894" Accept-Ranges bytes Content-Length 390 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton2.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	488 B 1 KB	344ms 7ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton2.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 12fc39cdac1886eba91a0882380f130d9cff3534eec583aaaa349e5afcde14a4 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "1ecce0c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 6-1811986-0 0CNN RT(1654787899266 24) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="361897069" Accept-Ranges bytes Content-Length 488 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton1.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	329 B 1 KB	347ms 6ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton1.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 2411bc81e5dd4fdc795a7c765c31646965ff3fdbcaba38b9796b23ca3e817191 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "877ce0c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 7-2197806-0 0CNN RT(1654787899266 28) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="540025462" Accept-Ranges bytes Content-Length 329 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton6.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	517 B 1 KB	349ms 5ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton6.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash a4713e3c1063ab18c1319bf940a36bc597d7e85407f2568642b114845a9b9e5d Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "c02ae2c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 6-1811985-0 0CNN RT(1654787899266 30) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-2094870073" Accept-Ranges bytes Content-Length 517 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton8.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	490 B 1 KB	559ms 215ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton8.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash d31390e89366f51a42e5520688b7c602c5f7235d71b721eea5f5ec8b0af7b071 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "cf37e3c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 9-1873032-0 0CNN RT(1654787899266 240) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-607367210" Accept-Ranges bytes Content-Length 490 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton3.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	526 B 1 KB	324ms 6ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton3.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 45cac3045106999a87b8f867765d0487a6580553db77eb2fdbb79210ef72dd96 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "1518e1c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 7-2197806-0 0CNN RT(1654787899266 18) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-654513288" Accept-Ranges bytes Content-Length 526 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton0.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	478 B 1 KB	321ms 12ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton0.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 8dda372f4a3d8531c00fae6565385ca7e4236e4f650260a387fd86dbfb36a39c Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "b930e0c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 6-1811986-0 0CNN RT(1654787899266 13) q(0 -1 -1 2) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="1742454657" Accept-Ranges bytes Content-Length 478 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton4.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	430 B 1 KB	319ms 11ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton4.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 9e92deeeefa3bc60c2ce77feb04cebb5cbd0696eb184d52530db195661e96ce5 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "9967e1c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 6-1811985-0 0CNN RT(1654787899266 12) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-1925579468" Accept-Ranges bytes Content-Length 430 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton5.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	487 B 1 KB	316ms 8ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton5.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 00cb7af9fe26b7938c6dae7dadeef23dcffd61ac52df210615514d29d5beef51 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "42b4e1c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 7-2197806-0 0CNN RT(1654787899266 8) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="1625967238" Accept-Ranges bytes Content-Length 487 x-xss-protection 1; mode=block
GET H/1.1	200 OK	boton9.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	517 B 1 KB	544ms 236ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/boton9.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 29bb7140bb550ab6462f97744b0517fb8a7c2df23f452a9e6be930f588ca1f7e Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "2984e3c44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 6-1811987-0 0CNN RT(1654787899266 236) q(0 -1 -1 2) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="187860834" Accept-Ranges bytes Content-Length 517 x-xss-protection 1; mode=block
GET H/1.1	200 OK	BotonBorrar.png www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	845 B 2 KB	317ms 9ms	Image image/png	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/BotonBorrar.png Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/index_files/Default1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 0bb4bb2a713120f9e011d7c58f39f5efcbe8ccde211fc91683e0828bbdcb39d8 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "f6bcdac44136d81:0" X-Frame-Options DENY Content-Type image/png X-Iinfo 9-1873033-0 0CNN RT(1654787899266 8) q(0 -1 -1 1) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-849729534" Accept-Ranges bytes Content-Length 845 x-xss-protection 1; mode=block
GET H/1.1	200 OK	PublicidadPortal.JPG www.tuya.com.co/PortalTransaccionalTuya/App_Themes/Imagenes/	77 KB 78 KB	298ms 13ms	Image image/jpeg	45.60.44.18 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.tuya.com.co:8461/PortalTransaccionalTuya/App_Themes/Imagenes/PublicidadPortal.JPG Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/index_files/Default1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.44.18 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 883d0861ea6fc9fb497342decbc083f5a6c56ce1215c325c1d323886f0763155 Security Headers Name Value Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://freim-regulation.hostfree.pw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-content-type nosniff strict-transport-security 1; mode=max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff Last-Modified Sat, 12 Mar 2022 18:48:31 GMT X-CDN Imperva Etag "1851ddc44136d81:0" X-Frame-Options DENY Content-Type image/jpeg X-Iinfo 9-1873032-0 0CNN RT(1654787899266 13) q(0 -1 -1 0) r(0 -1) Cache-Control max-age=0 Date Thu, 09 Jun 2022 15:18:19 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="-961879105" Accept-Ranges bytes Content-Length 78850 x-xss-protection 1; mode=block
GET H2	200	font-hotjar_5.65042d.woff2 script.hotjar.com/	2 KB 3 KB	265ms 4ms	Font font/woff2	143.204.146.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/font-hotjar_5.65042d.woff2 Requested by Host: freim-regulation.hostfree.pw URL: http://freim-regulation.hostfree.pw/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.146.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-146-14.ewr52.r.cloudfront.net Software / Resource Hash fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://freim-regulation.hostfree.pw/ Origin http://freim-regulation.hostfree.pw accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:19:17 GMT content-encoding gzip x-content-type-options nosniff age 17092742 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Tue, 23 Nov 2021 12:26:27 GMT etag "c9fb9163f8b7be37023ebe649688bebf" vary Accept-Encoding content-type font/woff2 via 1.1 f0f871e82b1bc21a8b78c1d73717a40a.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop EWR52-C2 accept-ranges bytes x-robots-tag none x-amz-cf-id 3SjFIlD6UbVdmi7pU298-weUQwVf77uowb5zejpZjbc8T3KG_mEVMA==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tuya (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| key_new string| key object| theForm function| __doPostBack function| key_pass function| clear_key function| soloNumeros

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			freim-regulation.hostfree.pw/	1970-01-25 20:05:16	Name: __test Value: 095e46917960c8f0734644a879c7e8e3
			.tuya.com.co/	1970-01-20 12:24:51	Name: visid_incap_1881794 Value: Ylh/1Or7TCeAKUWCVnoMtzsPomIAAAAAQUIPAAAAAAAgDGjZpL5oA0l2C6TGGhkp
			.tuya.com.co/	1969-12-31 23:59:59	Name: incap_ses_1170_1881794 Value: NLnZD2nA1GsFcoUHfq08EDsPomIAAAAAbMVB64MVB40EMyuJOQUOxA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://freim-regulation.hostfree.pw/index_files/preact-incoming-feedback.417f8858abb528f56b1d.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

freim-regulation.hostfree.pw
script.hotjar.com
www.tuya.com.co
143.204.146.14
185.27.134.222
45.60.44.18
00cb7af9fe26b7938c6dae7dadeef23dcffd61ac52df210615514d29d5beef51
09bc03deef596fae14add51fc997a74b5706e3324b53ae654a940141ab76797b
0bb4bb2a713120f9e011d7c58f39f5efcbe8ccde211fc91683e0828bbdcb39d8
12fc39cdac1886eba91a0882380f130d9cff3534eec583aaaa349e5afcde14a4
2411bc81e5dd4fdc795a7c765c31646965ff3fdbcaba38b9796b23ca3e817191
29bb7140bb550ab6462f97744b0517fb8a7c2df23f452a9e6be930f588ca1f7e
2d0daec75f26c52c01310f34eb530f1bb7be8a63a5255c921342f900c6289997
349b21999b2ff55c8a6cde0e6c59d8de30c8174eb477102026fac3daa04a2207
45cac3045106999a87b8f867765d0487a6580553db77eb2fdbb79210ef72dd96
815f48ded9f8de365f0843f95781f21fe108ad84cbc9fec2db8260365e036c7c
883d0861ea6fc9fb497342decbc083f5a6c56ce1215c325c1d323886f0763155
8dda372f4a3d8531c00fae6565385ca7e4236e4f650260a387fd86dbfb36a39c
9e92deeeefa3bc60c2ce77feb04cebb5cbd0696eb184d52530db195661e96ce5
a4713e3c1063ab18c1319bf940a36bc597d7e85407f2568642b114845a9b9e5d
ce4c41a5f975970fa6b4dcca965882e19c3e32ec39cbbac1bf6aef06d0b3f898
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
d31390e89366f51a42e5520688b7c602c5f7235d71b721eea5f5ec8b0af7b071
e7187f115b4479924d6a12618adb811fd4376fb97666ed433a8afddd54160931
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fdd025456871d99b45cf95a30a097d5c168a62c91fd86852cba4802321f6e36a