URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Submission: On October 29 via manual from IN — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 63.33.11.214, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is support-eu.lionnets.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 3rd 2024. Valid for: a year.
This is the only time support-eu.lionnets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 63.33.11.214 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:276... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
10 4
Apex Domain
Subdomains
Transfer
4 unlayer.com
assets.unlayer.com — Cisco Umbrella Rank: 63065
47 KB
3 lionnets.com
support-eu.lionnets.com
65 KB
2 cymulate.com
app.cymulate.com — Cisco Umbrella Rank: 292493
423 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
30 KB
10 4
Domain Requested by
4 assets.unlayer.com support-eu.lionnets.com
3 support-eu.lionnets.com support-eu.lionnets.com
2 app.cymulate.com support-eu.lionnets.com
1 ajax.googleapis.com support-eu.lionnets.com
10 4

This site contains no links.

Subject Issuer Validity Valid
lionnets.com
Amazon RSA 2048 M02
2024-08-03 -
2025-09-01
a year crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
assets.unlayer.com
Amazon RSA 2048 M02
2024-03-23 -
2025-04-22
a year crt.sh
cymulate.com
WE1
2024-09-15 -
2024-12-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Frame ID: 7AC06B4FFD92F01D57D96E682BD6EB6B
Requests: 9 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

143 kB
Transfer

195 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request registration.php
support-eu.lionnets.com/
10 KB
11 KB
Document
General
Full URL
https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.33.11.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-11-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
58231d64287222daaccafe0700a1e614438f6dbd4f74e3c84407a625a4e02da4
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
10697
content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 29 Oct 2024 09:51:15 GMT
etag
W/"29c9-Y0JUzRLVTxxwVfgEGZ2w+6UZjpw"
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-cym
true
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: support-eu.lionnets.com
URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
49953
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Tue, 28 Oct 2025 19:58:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 19:58:42 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30399
x-xss-protection
0
server
sffe
plugindetect.js
support-eu.lionnets.com/
53 KB
53 KB
Script
General
Full URL
https://support-eu.lionnets.com/plugindetect.js
Requested by
Host: support-eu.lionnets.com
URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.33.11.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-11-214.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
9348face47feceea53c59d2d675efbbfd417be6d1566c64b95b043442971a980

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0
etag
W/"d438-1928bae1e28"
accept-ranges
bytes
content-length
54328
date
Tue, 29 Oct 2024 09:51:15 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
last-modified
Mon, 14 Oct 2024 15:38:17 GMT
1688900994017-Screenshot_20230707_035951.png
assets.unlayer.com/projects/2690/
5 KB
5 KB
Image
General
Full URL
https://assets.unlayer.com/projects/2690/1688900994017-Screenshot_20230707_035951.png
Requested by
Host: support-eu.lionnets.com
URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:8200:1e:5470:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0803457612852188af108267fec2643027f61af8e4f9df6345a7f5d6f2d31931

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

age
273
x-amzn-requestid
7ae0d22e-de62-4f3b-ba99-ab53cb28fece
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KF6XujY29BNJcrYFBKWbWDubvxuxivjz6OmbTx2VaEvHHVnqElZ_CA==
date
Tue, 29 Oct 2024 09:46:41 GMT
content-type
image/png
x-amz-cf-pop
FRA60-P8
1688901673405-Screenshot_20230709_034355.png
assets.unlayer.com/projects/2690/
14 KB
15 KB
Image
General
Full URL
https://assets.unlayer.com/projects/2690/1688901673405-Screenshot_20230709_034355.png
Requested by
Host: support-eu.lionnets.com
URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:8200:1e:5470:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
850cfe83e0963c57a97ab5e0bb06e079a1a09be82e316bbd925791f00dcd93de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

age
274
x-amzn-requestid
9add4349-50ed-47ee-8084-0b255f5f7c10
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
30GYBJ1hJxJUtW70jMEBYbKBaSuVrr7i8bTF81ZJaINs9nPY1nwipQ==
date
Tue, 29 Oct 2024 09:46:41 GMT
content-type
image/png
x-amz-cf-pop
FRA60-P8
1688901768536-Screenshot_20230709_040526.png
assets.unlayer.com/projects/2690/
3 KB
3 KB
Image
General
Full URL
https://assets.unlayer.com/projects/2690/1688901768536-Screenshot_20230709_040526.png
Requested by
Host: support-eu.lionnets.com
URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:8200:1e:5470:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9fe3dcff8c1465330c9bc5811f7d33b5c10c8c2f699db3f45cee9b0722f40c15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

age
273
x-amzn-requestid
0bb92063-8930-44fe-b394-275417102ee2
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
N9Jha_bpFNwRouE83npzvPniuDudcXxLMxQ-iV-AzJZqzVNDuD50ow==
date
Tue, 29 Oct 2024 09:46:42 GMT
content-type
image/png
x-amz-cf-pop
FRA60-P8
67207ab7b46fe384e4fc3228
app.cymulate.com/api/phishing/clicked/
84 B
423 B
XHR
General
Full URL
https://app.cymulate.com/api/phishing/clicked/67207ab7b46fe384e4fc3228
Requested by
Host: support-eu.lionnets.com
URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f24af0bc7bdcd4180c1c15245ac120001a0d35c8b094bdef28e8e90503fdf8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"54-X7De8mJbRNoHWQq8p4q7lAGyI+c"
x-permitted-cross-domain-policies
none
x-cym
true
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
lPanHv7b3DbA1lJD5ZiryHpY12s-oydOtsVmuEVdBZ8WVD92sRs3hg==
date
Tue, 29 Oct 2024 09:51:16 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
access-control-allow-credentials
true
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cross-origin-embedder-policy
require-corp
cf-ray
8da2441cfbc79f15-FRA
access-control-allow-origin
*
x-xss-protection
1
origin-agent-cluster
?1
x-amz-cf-pop
FRA56-P3
server
cloudflare
67207ab7b46fe384e4fc3228
app.cymulate.com/api/phishing/clicked/
0
0
Preflight
General
Full URL
https://app.cymulate.com/api/phishing/clicked/67207ab7b46fe384e4fc3228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://support-eu.lionnets.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,Set-Cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8da2441c8b599f15-FRA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
date
Tue, 29 Oct 2024 09:51:15 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-id
OykNMy4LIkBmqAjuRdv-3vd_RpjCIAYMWq1mV8xmmYIo-bfGz2cfdA==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1
1688973133171-Screenshot_20230710_124158.png
assets.unlayer.com/projects/2690/
24 KB
24 KB
Image
General
Full URL
https://assets.unlayer.com/projects/2690/1688973133171-Screenshot_20230710_124158.png
Requested by
Host: support-eu.lionnets.com
URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:8200:1e:5470:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3699c0d1dda61b3bc3864602b09cc2db2cb89427d14dd3d0d2b734e60198b20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support-eu.lionnets.com/

Response headers

age
273
x-amzn-requestid
c24c5ec5-6adf-44a8-86f1-babf2192d16f
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
lY8QiW-GMHqnEQ11fn5_Hc7a3NPNwjIY3Bs7rDWa2N-FvTdWj-q9iA==
date
Tue, 29 Oct 2024 09:46:42 GMT
content-type
image/png
x-amz-cf-pop
FRA60-P8
favicon.ico
support-eu.lionnets.com/
150 B
634 B
Other
General
Full URL
https://support-eu.lionnets.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.33.11.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-11-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-permitted-cross-domain-policies
none
x-cym
true
x-content-type-options
nosniff
date
Tue, 29 Oct 2024 09:51:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'none'
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
access-control-allow-credentials
true
referrer-policy
no-referrer
x-download-options
noopen
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
content-length
150
x-xss-protection
0
origin-agent-cluster
?1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| PluginDetect function| send object| plugins string| plugin object| xhttp

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://support-eu.lionnets.com/registration.php?id=67207ab7b46fe384e4fc3228&tid=default
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://support-eu.lionnets.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0