accounting.lightsight.net Open in urlscan Pro
208.80.138.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accounting.lightsight.net/
Effective URL:
https://accounting.lightsight.net/auth/login
Submission: On February 25 via automatic, source certstream-suspicious (February 25th 2021, 8:09:03 pm UTC)

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 208.80.138.148, located in Claremont, United States and belongs to WILINE, US. The main domain is accounting.lightsight.net.
TLS certificate: Issued by R3 on February 25th 2021. Valid for: 3 months.

This is the only time accounting.lightsight.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 4	208.80.138.148 208.80.138.148		33544 (WILINE) (WILINE)
16	2

4 208.80.138.148 (Claremont, United States) 2 redirects

ASN33544 (WILINE, US)
PTR: 208-80-138-148.static.wiline.com

accounting.lightsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	lightsight.net 2 redirects accounting.lightsight.net	17 KB
16	1

	Domain	Requested by
4	accounting.lightsight.net	2 redirects accounting.lightsight.net
16	1

This site contains links to these domains. Also see Links.

Domain
akaunting.com

Subject Issuer	Validity	Valid
accounting.lightsight.net R3	`2021-02-25` - `2021-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://accounting.lightsight.net/auth/login
Frame ID: 3CFE0EBAF1A503F1C340C44037EE46B1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://accounting.lightsight.net/ HTTP 302
http://accounting.lightsight.net/auth/login HTTP 301
https://accounting.lightsight.net/auth/login Page URL

Detected technologies

Akaunting (Accounting) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+akaunting-green\.css/i
html /Powered By Akaunting: <a [^>]*href="https?:\/\/(?:www\.)?akaunting\.com[^>]+>/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+akaunting-green\.css/i
html /Powered By Akaunting: <a [^>]*href="https?:\/\/(?:www\.)?akaunting\.com[^>]+>/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+akaunting-green\.css/i
html /Powered By Akaunting: <a [^>]*href="https?:\/\/(?:www\.)?akaunting\.com[^>]+>/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

13 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

16 kB
Transfer

19 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://akaunting.com/
Title: Free Accounting Software

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accounting.lightsight.net/ HTTP 302
http://accounting.lightsight.net/auth/login HTTP 301
https://accounting.lightsight.net/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response accounting.lightsight.net/auth/ Redirect Chain https://accounting.lightsight.net/ http://accounting.lightsight.net/auth/login https://accounting.lightsight.net/auth/login	5 KB 2 KB	222ms 221ms	Document text/html	208.80.138.148 WILINE
General Check archive.org Show headers Download Go to Full URL https://accounting.lightsight.net/auth/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.80.138.148 Claremont, United States, ASN33544 (WILINE, US), Reverse DNS 208-80-138-148.static.wiline.com Software openresty / Resource Hash `dc6d2ad50969854788a665553d973ef88815edb2964c885334104b5702123d9e` Request headers :method GET :authority accounting.lightsight.net :scheme https :path /auth/login pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie XSRF-TOKEN=eyJpdiI6InFsVmNMN0E4dVhTbG4yYkxvQWpUbWc9PSIsInZhbHVlIjoiMDdsQU5GeldibUY3NnZ5UXpwbWMyWGxvK3FhTTRHMkc0Mk1DcjdseHFnQU1SRnNlUVREN2dzMTI5K0lRd3diTHBpSzdGSlFDSlBwcUUzRmdZbkhuanc9PSIsIm1hYyI6ImZmYTI1OGI2M2M0YTE0YTAxZmQ1ZDFhMjgzZDMwY2ViYjlkNjA2YzA3ZjhjYTNhMzVmMjA3Mjc2Y2JlNjQ1MzgifQ%3D%3D; laravel_session=eyJpdiI6InZUaXhcLzVpTXZzVEJPU0lUakczZWpRPT0iLCJ2YWx1ZSI6ImdCYlRCTk9vdGJtMEZ6XC9VdHdlZ2Q1ZlBaR0U4bVZZOXh3aG5RMk9SMVhUT1RRb1c0NVpGenVkVG5DOElSR0pjckhXSmtZcFowYTl1eUJqbGw1MWZGdz09IiwibWFjIjoiMWI1OWNjODkyMDNmMGI4NzU0MGRhMzkyMGUxNDAxZDA2ZTJmNzM3MWMzZDQxYzZmNDdmN2JiZjVlZGVmYzE2NiJ9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server openresty date Thu, 25 Feb 2021 20:08:46 GMT content-type text/html; charset=UTF-8 cache-control no-cache, private x-akaunting Free Accounting Software set-cookie XSRF-TOKEN=eyJpdiI6Im9HbGNqVythTk5jXC9IVnVwVkdoc1pRPT0iLCJ2YWx1ZSI6Ik5sYnJHdVNwV2xhSUVESUtUcG9rVWJBXC83cStKdEExaTkwNFVpUWZTWnduUjFva3haU1FjdXN0NTVzcU5lQzVscW1xZE96eWxDZDVuczJuV2oxT0FCQT09IiwibWFjIjoiYTZiZDJlOTMxMWE4OWUzOThiYjI4NGRhOTdmYWI0YTU2NzllNzE4YmFiOGE0YzVkODkyMTZiYjQ2ZTVkNjhhNyJ9; expires=Thu, 25-Feb-2021 20:38:43 GMT; Max-Age=1800; path=/ laravel_session=eyJpdiI6IjJsZFZFcGxEVGNUdmk5UStMdGI4QlE9PSIsInZhbHVlIjoid092WjVOOTJOVXRiSWx5ODB3NUNuMERocVh0N3hBOXI5SkU0dzExYnFuV1RaSnh2WEUwZ2lIUXpteEZveXpLYWJ5UVlMN0g0enQyeTkwXC9EK2s0ZVZ3PT0iLCJtYWMiOiJjZTA1ODNjMzliMmZkZWNkY2ZhZDhkYzA2Y2UzNjBiZjc0M2E3OWM2YmQ2ZTEyODNkYWNhMTcwZGY1ZGE4YmU3In0%3D; expires=Thu, 25-Feb-2021 20:38:43 GMT; Max-Age=1800; path=/; httponly content-encoding gzip x-served-by accounting.lightsight.net Redirect headers Server openresty Date Thu, 25 Feb 2021 20:08:45 GMT Content-Type text/html Content-Length 166 Connection keep-alive Location https://accounting.lightsight.net/auth/login X-Served-By accounting.lightsight.net
GET H2	200	akaunting-logo-white.png accounting.lightsight.net/public/img/	14 KB 14 KB	213ms 213ms	Image image/png	208.80.138.148 WILINE
General Check archive.org Show headers Download Go to Show image Full URL https://accounting.lightsight.net/public/img/akaunting-logo-white.png Requested by Host: accounting.lightsight.net URL: https://accounting.lightsight.net/auth/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.80.138.148 Claremont, United States, ASN33544 (WILINE, US), Reverse DNS 208-80-138-148.static.wiline.com Software openresty / Resource Hash `2b05762364ffcbb2e4e9555a8a9360fff5437d7d8ec21d00b2fc1e7a2bc07745` Request headers Referer https://accounting.lightsight.net/auth/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 25 Feb 2021 20:08:46 GMT last-modified Thu, 14 Sep 2017 22:21:26 GMT server openresty etag "59bb00e6-3737" content-type image/png accept-ranges bytes content-length 14135 x-served-by accounting.lightsight.net
GET		bootstrap.min.css accounting.lightsight.net/vendor/almasaeed2010/adminlte/bootstrap/css/	0 0

GET		font-awesome.min.css accounting.lightsight.net/public/css/	0 0

GET		ionicons.min.css accounting.lightsight.net/public/css/	0 0

GET		AdminLTE.min.css accounting.lightsight.net/vendor/almasaeed2010/adminlte/dist/css/	0 0

GET		skin-green-light.min.css accounting.lightsight.net/vendor/almasaeed2010/adminlte/dist/css/skins/	0 0

GET		app.css accounting.lightsight.net/public/css/	0 0

GET		akaunting-green.css accounting.lightsight.net/public/css/	0 0

GET		green.css accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/iCheck/square/	0 0

GET		jquery-2.2.3.min.js accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/jQuery/	0 0

GET		bootstrap.min.js accounting.lightsight.net/vendor/almasaeed2010/adminlte/bootstrap/js/	0 0

GET		jquery.slimscroll.min.js accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/slimScroll/	0 0

GET		app.min.js accounting.lightsight.net/vendor/almasaeed2010/adminlte/dist/js/	0 0

GET		app.js accounting.lightsight.net/public/js/	0 0

GET		icheck.min.js accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/iCheck/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/bootstrap/css/bootstrap.min.css

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/public/css/font-awesome.min.css

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/public/css/ionicons.min.css

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/dist/css/AdminLTE.min.css

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/dist/css/skins/skin-green-light.min.css

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/public/css/app.css?v=1.3.9

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/public/css/akaunting-green.css?v=1.3.9

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/iCheck/square/green.css

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/jQuery/jquery-2.2.3.min.js

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/bootstrap/js/bootstrap.min.js

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/slimScroll/jquery.slimscroll.min.js

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/dist/js/app.min.js

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/public/js/app.js?v=1.3.9

Domain: accounting.lightsight.net
URL: http://accounting.lightsight.net/vendor/almasaeed2010/adminlte/plugins/iCheck/icheck.min.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounting.lightsight.net/	1970-01-19 16:24:45	Name: laravel_session Value: eyJpdiI6IjJsZFZFcGxEVGNUdmk5UStMdGI4QlE9PSIsInZhbHVlIjoid092WjVOOTJOVXRiSWx5ODB3NUNuMERocVh0N3hBOXI5SkU0dzExYnFuV1RaSnh2WEUwZ2lIUXpteEZveXpLYWJ5UVlMN0g0enQyeTkwXC9EK2s0ZVZ3PT0iLCJtYWMiOiJjZTA1ODNjMzliMmZkZWNkY2ZhZDhkYzA2Y2UzNjBiZjc0M2E3OWM2YmQ2ZTEyODNkYWNhMTcwZGY1ZGE4YmU3In0%3D
			accounting.lightsight.net/	1970-01-19 16:24:45	Name: XSRF-TOKEN Value: eyJpdiI6Im9HbGNqVythTk5jXC9IVnVwVkdoc1pRPT0iLCJ2YWx1ZSI6Ik5sYnJHdVNwV2xhSUVESUtUcG9rVWJBXC83cStKdEExaTkwNFVpUWZTWnduUjFva3haU1FjdXN0NTVzcU5lQzVscW1xZE96eWxDZDVuczJuV2oxT0FCQT09IiwibWFjIjoiYTZiZDJlOTMxMWE4OWUzOThiYjI4NGRhOTdmYWI0YTU2NzllNzE4YmFiOGE0YzVkODkyMTZiYjQ2ZTVkNjhhNyJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounting.lightsight.net
accounting.lightsight.net
208.80.138.148
2b05762364ffcbb2e4e9555a8a9360fff5437d7d8ec21d00b2fc1e7a2bc07745
dc6d2ad50969854788a665553d973ef88815edb2964c885334104b5702123d9e