login.gemini.ursaleo.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 52.222.214.43, located in United States and belongs to AMAZON-02, US. The main domain is login.gemini.ursaleo.com.
TLS certificate: Issued by Amazon on August 11th 2022. Valid for: a year.

This is the only time login.gemini.ursaleo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	52.222.214.43 52.222.214.43		16509 (AMAZON-02) (AMAZON-02)
6	1

6 52.222.214.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-43.fra56.r.cloudfront.net

login.gemini.ursaleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ursaleo.com login.gemini.ursaleo.com	572 KB
6	1

	Domain	Requested by
6	login.gemini.ursaleo.com	login.gemini.ursaleo.com
6	1

This site contains no links.

Subject Issuer	Validity	Valid
*.gemini.ursaleo.com Amazon	`2022-08-11` - `2023-09-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.gemini.ursaleo.com/
Frame ID: D26666B29D28571DC3990ABE0D52B80D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gemini

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

572 kB
Transfer

1361 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response login.gemini.ursaleo.com/	4 KB 3 KB	123ms 19ms	Document text/html	52.222.214.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.gemini.ursaleo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-43.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `1914aeea15cb4e321e84515ddafbac532090035d06747ad8e038854b3202b03f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 6703 content-encoding br content-type text/html date Thu, 11 Aug 2022 15:52:09 GMT etag W/"b201b73816b7d0d4da3a6e67787a9f90" last-modified Thu, 11 Aug 2022 15:50:46 GMT server AmazonS3 vary Accept-Encoding via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) x-amz-cf-id wbcjeeSst3Q80QpHmfasCZ2ZJePAgQnaPcuB9TKcHKle5l2yAddZEg== x-amz-cf-pop FRA56-P3 x-cache Hit from cloudfront
GET H2	200	index.86b973ae.js Show response login.gemini.ursaleo.com/assets/	233 KB 69 KB	20ms 19ms	Script application/javascript	52.222.214.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.gemini.ursaleo.com/assets/index.86b973ae.js Requested by Host: login.gemini.ursaleo.com URL: https://login.gemini.ursaleo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-43.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `291278201457772ab0aa9d7d737e5d9a78b6475d3d632f8221b84a80fa863caa` Request headers Referer https://login.gemini.ursaleo.com/ Origin https://login.gemini.ursaleo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 15:52:09 GMT content-encoding br last-modified Thu, 11 Aug 2022 15:50:46 GMT server AmazonS3 age 6703 etag W/"2b5a4b2dbc3506cd9c64fc9c791349f2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 x-amz-cf-id JBe5NMcCq4gwZi_8Nl1r4yi_3wtlrA7AQNHQrTYqeTKOl7WOuBGLGg==
GET H2	200	index.3237366d.css login.gemini.ursaleo.com/assets/	3 KB 1 KB	35ms 35ms	Stylesheet text/css	52.222.214.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.gemini.ursaleo.com/assets/index.3237366d.css Requested by Host: login.gemini.ursaleo.com URL: https://login.gemini.ursaleo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-43.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `3813c9839106f12d9c9bd1ce3aea2afc7f8925ecef5246f09d4326cc49fa8b91` Request headers accept-language de-DE,de;q=0.9 Referer https://login.gemini.ursaleo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 15:52:09 GMT content-encoding br last-modified Thu, 11 Aug 2022 15:50:46 GMT server AmazonS3 age 6703 etag W/"1af67f59a675b88c73cc73308a002f6b" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 x-amz-cf-id N86kh52k_g4sXBi_6L9tCECwi6WAVpP_343w-Su4duc2zHxlR7CZXw==
GET H2	200	GeminiHorizontal@4x2.39cfa304.png login.gemini.ursaleo.com/assets/	35 KB 35 KB	22ms 21ms	Image image/png	52.222.214.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.gemini.ursaleo.com/assets/GeminiHorizontal@4x2.39cfa304.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-43.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `39cfa3040e61cd1e874c4a61000dbc76f807f59172f5c37822c60b8888feda57` Request headers accept-language de-DE,de;q=0.9 Referer https://login.gemini.ursaleo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 15:52:10 GMT via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) last-modified Thu, 11 Aug 2022 15:50:46 GMT server AmazonS3 age 6702 etag "55a59475074225230965908d0cf7f697" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA56-P3 accept-ranges bytes content-length 35465 x-amz-cf-id re-LOKBa3h5WRMy1y4UOzGoNi59aHeMXJGiIGQuc4SKVfV6HqxwS7Q==
GET H2	200	NotoSans-Regular.4c8d6700.ttf login.gemini.ursaleo.com/assets/	543 KB 229 KB	34ms 34ms	Font font/ttf	52.222.214.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.gemini.ursaleo.com/assets/NotoSans-Regular.4c8d6700.ttf Requested by Host: login.gemini.ursaleo.com URL: https://login.gemini.ursaleo.com/assets/index.3237366d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-43.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `4c8d67001d3c2977e5d6bf0a4f8add80cd564bd1df60b7569fd23751e7dda02a` Request headers Referer https://login.gemini.ursaleo.com/assets/index.3237366d.css Origin https://login.gemini.ursaleo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 15:52:10 GMT content-encoding br last-modified Thu, 11 Aug 2022 15:50:46 GMT server AmazonS3 age 6702 etag W/"ac08e269b7f479624b266c0ea20013b4" vary Accept-Encoding x-cache Hit from cloudfront content-type font/ttf via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 x-amz-cf-id jvaE3ZUxppvdo12OiEv0614Y2ZOZCJ402tL50ZG-lmt7ZasnI8pd0Q==
GET H2	200	NotoSans-SemiBold.3760806c.ttf login.gemini.ursaleo.com/assets/	544 KB 234 KB	29ms 28ms	Font font/ttf	52.222.214.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.gemini.ursaleo.com/assets/NotoSans-SemiBold.3760806c.ttf Requested by Host: login.gemini.ursaleo.com URL: https://login.gemini.ursaleo.com/assets/index.3237366d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-43.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `3760806c6e1a9d312b3f884e072e6ce043e0118f624d607360b4d57993ce29a2` Request headers Referer https://login.gemini.ursaleo.com/assets/index.3237366d.css Origin https://login.gemini.ursaleo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 15:52:10 GMT content-encoding br last-modified Thu, 11 Aug 2022 15:50:46 GMT server AmazonS3 age 6702 etag W/"63bbc52e6ef89a5b1a50f1c9c4710d1b" vary Accept-Encoding x-cache Hit from cloudfront content-type font/ttf via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 x-amz-cf-id YaHwo9BdqzsNWQYLfvnrGguz7A1DD6FqTAfsxuGPUrKYgHIIAz6zbg==

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.gemini.ursaleo.com
52.222.214.43
1914aeea15cb4e321e84515ddafbac532090035d06747ad8e038854b3202b03f
291278201457772ab0aa9d7d737e5d9a78b6475d3d632f8221b84a80fa863caa
3760806c6e1a9d312b3f884e072e6ce043e0118f624d607360b4d57993ce29a2
3813c9839106f12d9c9bd1ce3aea2afc7f8925ecef5246f09d4326cc49fa8b91
39cfa3040e61cd1e874c4a61000dbc76f807f59172f5c37822c60b8888feda57
4c8d67001d3c2977e5d6bf0a4f8add80cd564bd1df60b7569fd23751e7dda02a

login.gemini.ursaleo.com Open in urlscan Pro 52.222.214.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

572 kBTransfer

1361 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

login.gemini.ursaleo.com Open in urlscan Pro
52.222.214.43 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

572 kB
Transfer

1361 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions