actions.mrsool.co Open in urlscan Pro
52.47.174.149  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set verifyEmail Show response actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/	8 KB 3 KB	152ms 30ms	Document text/html	52.47.174.149 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.47.174.149 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-47-174-149.eu-west-3.compute.amazonaws.com Software nginx/1.14.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60 Resource Hash 40bcef3ed247c55429c91e430d80b4afbe9a2393ed558ccda13321bd05d5ee8a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host actions.mrsool.co Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Cache-Control no-cache, no-store Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 17 Jun 2019 16:18:39 GMT Expires Fri, 01 Jan 1990 00:00:00 GMT Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Server nginx/1.14.1 + Phusion Passenger 4.0.60 Set-Cookie _mkra_ctxt=cd18167266355cb28295dc2c9b342652--200; path=/; max-age=5; HttpOnly Status 200 OK Vary Accept-Encoding X-Content-Type-Options nosniff X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Powered-By Phusion Passenger 4.0.60 X-Request-Id 1d77baa1-5f57-48af-8a1f-ba36d17391c4 X-Runtime 0.008053 X-XSS-Protection 1; mode=block transfer-encoding chunked Connection keep-alive
GET H2	200	pure-min.css cdn.jsdelivr.net/pure/0.6.0/	17 KB 4 KB	20ms 16ms	Stylesheet text/css	2606:4700::6810:5914 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/pure/0.6.0/pure-min.css Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://actions.mrsool.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 17 Jun 2019 16:18:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cf-ray 4e8657356a4ed6b5-FRA x-cache HIT, HIT status 200 vary Accept-Encoding x-served-by cache-ams21024-AMS, cache-fra19138-FRA server cloudflare etag W/"4386-jPfqPp4A51LeY/vEQ+kwA2YyfNk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin *
GET H2	200	grids-responsive-min.css cdn.jsdelivr.net/pure/0.6.0/	10 KB 1 KB	18ms 14ms	Stylesheet text/css	2606:4700::6810:5914 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/pure/0.6.0/grids-responsive-min.css Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 1d956eb8fa1a6ae55667e0f9d19de66bf41ea27faec1f45e9c255a2816ffbeed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://actions.mrsool.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 17 Jun 2019 16:18:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cf-ray 4e8657356a4fd6b5-FRA x-cache HIT, HIT status 200 vary Accept-Encoding x-served-by cache-ams21033-AMS, cache-fra19170-FRA server cloudflare etag W/"2646-cDgmUIGTy+IfJ0XT6DclbiJOtRI" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin *
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 19 KB	12ms 9ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://actions.mrsool.co/ Origin https://actions.mrsool.co Response headers date Mon, 17 Jun 2019 16:18:39 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:34:07 GMT access-control-allow-origin * etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 status 200 cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 19740
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/	27 KB 6 KB	24ms 21ms	Stylesheet text/css	2606:4700::6813:c397 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://actions.mrsool.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 17 Jun 2019 16:18:39 GMT content-encoding br cf-cache-status HIT status 200 strict-transport-security max-age=15780000; includeSubDomains timing-allow-origin * last-modified Thu, 17 May 2018 09:19:53 GMT server cloudflare etag W/"5afd4939-6b4a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css access-control-allow-origin * expires Sat, 06 Jun 2020 16:18:39 GMT cache-control public, max-age=30672000 cf-ray 4e8657356f712352-FRA served-in-seconds 0.001
GET H2	200	bootstrap-theme.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	23 KB 3 KB	13ms 10ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://actions.mrsool.co/ Origin https://actions.mrsool.co Response headers date Mon, 17 Jun 2019 16:18:39 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:34:07 GMT access-control-allow-origin * etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 status 200 cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 2776
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/	84 KB 29 KB	31ms 29ms	Script application/javascript	2606:4700::6813:c397 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://actions.mrsool.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 17 Jun 2019 16:18:39 GMT content-encoding br cf-cache-status HIT status 200 strict-transport-security max-age=15780000; includeSubDomains timing-allow-origin * last-modified Thu, 17 May 2018 09:21:00 GMT server cloudflare etag W/"5afd497c-14e55" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sat, 06 Jun 2020 16:18:39 GMT cache-control public, max-age=30672000 cf-ray 4e8657356f732352-FRA served-in-seconds 0.025
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/	36 KB 10 KB	15ms 13ms	Script text/javascript	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://actions.mrsool.co/ Origin https://actions.mrsool.co Response headers date Mon, 17 Jun 2019 16:18:39 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:33:51 GMT access-control-allow-origin * etag "1544639631" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 status 200 cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 9832
GET H/1.1	200 OK	fastclick.js Show response actions.mrsool.co/assets2/	25 KB 8 KB	24ms 22ms	Script application/x-javascript	52.47.174.149 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://actions.mrsool.co/assets2/fastclick.js Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.47.174.149 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-47-174-149.eu-west-3.compute.amazonaws.com Software nginx/1.14.1 / Resource Hash 1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5 Request headers Referer https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 17 Jun 2019 16:18:39 GMT Content-Encoding gzip Last-Modified Mon, 17 Jun 2019 12:02:02 GMT Server nginx/1.14.1 ETag W/"5d07813a-656d" Content-Type application/x-javascript Connection keep-alive Content-Length 7934
GET H/1.1	200 OK	logo.png actions.mrsool.co/images/	48 KB 48 KB	47ms 22ms	Image image/png	52.47.174.149 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://actions.mrsool.co/images/logo.png Requested by Host: actions.mrsool.co URL: https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.47.174.149 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-47-174-149.eu-west-3.compute.amazonaws.com Software nginx/1.14.1 / Resource Hash 7300aabc6e228d80e654474027302062ff01f3914472db3b903b8f15ecf58122 Request headers Referer https://actions.mrsool.co/NHWJ_jaccBg7OizbSu6Tdg/verifyEmail User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 17 Jun 2019 16:18:39 GMT Last-Modified Mon, 17 Jun 2019 12:02:02 GMT Server nginx/1.14.1 ETag "5d07813a-bf40" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 48960

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actions.mrsool.co
cdn.jsdelivr.net
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
209.197.3.15
2606:4700::6810:5914
2606:4700::6813:c397
52.47.174.149
00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747
1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5
1d956eb8fa1a6ae55667e0f9d19de66bf41ea27faec1f45e9c255a2816ffbeed
40bcef3ed247c55429c91e430d80b4afbe9a2393ed558ccda13321bd05d5ee8a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
7300aabc6e228d80e654474027302062ff01f3914472db3b903b8f15ecf58122
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c