limassolgardens.info Open in urlscan Pro
66.147.240.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://limassolgardens.info/.hitaccess/.well-known/suntrust/UI/login.html
Submission: On July 05 via automatic, source openphish (July 5th 2019, 10:06:16 pm UTC)

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 13 HTTP transactions. The main IP is 66.147.240.153, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is limassolgardens.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 2nd 2019. Valid for: 3 months.

This is the only time limassolgardens.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	66.147.240.153 66.147.240.153	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
1	192.243.255.29 192.243.255.29	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	216.58.206.6 216.58.206.6	15169 (GOOGLE) (GOOGLE - Google LLC)
13	4

1 66.147.240.153 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: host353.hostmonster.com

limassolgardens.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.255.29 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: suntrust.com.ssl.sc.omtrdc.net

somni.suntrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f6.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	doubleclick.net fls.doubleclick.net	574 B
1	suntrust.com somni.suntrust.com login.onlinebanking.suntrust.com Failed	4 KB
1	limassolgardens.info limassolgardens.info	23 KB
0	ensighten.com Failed nexus.ensighten.com Failed
13	4

	Domain	Requested by
1	fls.doubleclick.net	limassolgardens.info
1	somni.suntrust.com	limassolgardens.info
1	limassolgardens.info
0	login.onlinebanking.suntrust.com Failed	limassolgardens.info
0	nexus.ensighten.com Failed	limassolgardens.info
13	5

This site contains no links.

Subject Issuer	Validity	Valid
adrakse.com Let's Encrypt Authority X3	`2019-07-02` - `2019-09-30`	3 months	crt.sh
somni.suntrust.com DigiCert SHA2 Secure Server CA	`2018-03-20` - `2020-03-20`	2 years	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://limassolgardens.info/.hitaccess/.well-known/suntrust/UI/login.html
Frame ID: EC2869950AA00A37152079781AFFC02C
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

23 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

28 kB
Transfer

64 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.html Show response
limassolgardens.info/.hitaccess/.well-known/suntrust/UI/ 60 KB
23 KB 1956ms
371ms Document
text/html 66.147.240.153
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://limassolgardens.info/.hitaccess/.well-known/suntrust/UI/login.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.147.240.153 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS: host353.hostmonster.com
Software: nginx/1.14.1 /
Resource Hash: f6436bd0b2d446310ba7fcad0cc3fe74ff83eff49ae175299268b9b5580173d6

Request headers

:method: GET
:authority: limassolgardens.info
:scheme: https
:path: /.hitaccess/.well-known/suntrust/UI/login.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx/1.14.1
date: Fri, 05 Jul 2019 22:05:39 GMT
content-type: text/html
content-length: 23790
last-modified: Fri, 05 Jul 2019 12:05:54 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip

GET
H/1.1 200
OK s6297296026551 Show response
somni.suntrust.com/b/ss/suntrustprod/10/JS-2.9.0/ 3 KB
4 KB 2058ms
66ms Script
application/x-javascript 192.243.255.29
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://somni.suntrust.com/b/ss/suntrustprod/10/JS-2.9.0/s6297296026551?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F6%2F2019%204%3A48%3A28%205%20-120&cid.&st_adobeanalytics.&id=50725014038451132751917373849236225380&.st_adobeanalytics&.cid&d.&nsid=0&jsonv=1&.d&mid=50725014038451132751917373849236225380&aamlh=6&ce=UTF-8&ns=suntrust&pageName=STcom%7COLB%7CSignOnDedicated&g=https%3A%2F%2Flogin.onlinebanking.suntrust.com%2Folb%2Flogin&c.&vidAPICheck=VisitorAPI%20Present&EVENTS=event11%2C&.c&cc=USD&ch=STcom&server=https%3A%2F%2Flogin.onlinebanking.suntrust.com%2Folb%2Flogin&events=event11&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=STcom%7COLB&c7=9%3A48%20PM%7CThursday&v7=9%3A48%20PM%7CThursday&v10=D%3Dch&c11=STcom%7COLB&c12=STcom%7COLB&c13=STcom%7COLB&c14=STcom%7COLB&v18=Data%20definition%20specified%20does%20not%20exist%20on%20the%20page&v39=p&v40=%2B1&c50=SunTrust%20s_code%20v5.20%7COmniture%20Base%20Code%20AM%202.9.0&v50=nh&s=1600x900&c=24&j=1.6&v=N&k=Y&bw=1600&bh=757&mcorgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: limassolgardens.info
URL: https://limassolgardens.info/.hitaccess/.well-known/suntrust/UI/login.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.243.255.29 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

suntrust.com.ssl.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

70c0562a1eae280a439795763cf947a41dd106ffe50fa6c9c0236aba5dcf9fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://limassolgardens.info/.hitaccess/.well-known/suntrust/UI/login.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-AAM-TID: YSaMIm+LSco=
Date: Fri, 05 Jul 2019 22:05:42 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.8.1
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 3535
X-XSS-Protection: 1; mode=block
DCS: dcs-prod-irl1-v037-0b8b7be60.edge-irl1.demdex.com 5.55.3.20190702115514 9ms
Pragma: no-cache
Last-Modified: Sat, 06 Jul 2019 22:05:42 GMT
Server: Omniture DC/2.0.0
xserver: www250
ETag: "3355151876750376960-6038061726702838460"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Keep-Alive: timeout=15
Expires: Thu, 04 Jul 2019 22:05:42 GMT

GET
H2 200 json Show response
fls.doubleclick.net/ 40 B
574 B 15692ms
77ms Script
text/javascript 216.58.206.6
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fls.doubleclick.net/json?spot=2409535&src=5934&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=7289747130401

Requested by

Host: limassolgardens.info
URL: https://limassolgardens.info/.hitaccess/.well-known/suntrust/UI/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://limassolgardens.info/.hitaccess/.well-known/suntrust/UI/login.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 22:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 60
x-xss-protection: 0
pragma: no-cache
server: cafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET f48b60f8ce302cc9c9bb8d5f9e69e21a.js
nexus.ensighten.com/suntrust/olb/code/ 0
0

GET 275a75f8354869c16dcdb1629c680ff7.js
nexus.ensighten.com/suntrust/olb/code/ 0
0

GET serverComponent.php
nexus.ensighten.com/suntrust/olb/ 0
0

GET styles.899876b836a17214f6da.css
login.onlinebanking.suntrust.com/olb/dist/ 0
0

GET defaultlogoutoffer.jpg
login.onlinebanking.suntrust.com/uicontent/images/ 0
0

GET runtime.7d6aba6a1596ee0b757c.js
login.onlinebanking.suntrust.com/olb/dist/ 0
0

GET polyfills.65913a8531010587b6fe.js
login.onlinebanking.suntrust.com/olb/dist/ 0
0

GET scripts.46e57c2d57ad1b3d210d.js
login.onlinebanking.suntrust.com/olb/dist/ 0
0

GET vendor.43f2240dc35276d98b10.js
login.onlinebanking.suntrust.com/olb/dist/ 0
0

GET main.25ba5780a94a6f633899.js
login.onlinebanking.suntrust.com/olb/dist/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nexus.ensighten.com
URL: https://nexus.ensighten.com/suntrust/olb/code/f48b60f8ce302cc9c9bb8d5f9e69e21a.js?conditionId0=423122

Domain: nexus.ensighten.com
URL: https://nexus.ensighten.com/suntrust/olb/code/275a75f8354869c16dcdb1629c680ff7.js?conditionId0=374851

Domain: nexus.ensighten.com
URL: https://nexus.ensighten.com/suntrust/olb/serverComponent.php?r=44794904.695123486&ClientID=1642&PageID=https%3A%2F%2Flogin.onlinebanking.suntrust.com%2Folb%2Flogin%3F

Domain: login.onlinebanking.suntrust.com
URL: https://login.onlinebanking.suntrust.com/olb/dist/styles.899876b836a17214f6da.css

Domain: login.onlinebanking.suntrust.com
URL: https://login.onlinebanking.suntrust.com/uicontent/images/defaultlogoutoffer.jpg

Domain: login.onlinebanking.suntrust.com
URL: https://login.onlinebanking.suntrust.com/olb/dist/runtime.7d6aba6a1596ee0b757c.js

Domain: login.onlinebanking.suntrust.com
URL: https://login.onlinebanking.suntrust.com/olb/dist/polyfills.65913a8531010587b6fe.js

Domain: login.onlinebanking.suntrust.com
URL: https://login.onlinebanking.suntrust.com/olb/dist/scripts.46e57c2d57ad1b3d210d.js

Domain: login.onlinebanking.suntrust.com
URL: https://login.onlinebanking.suntrust.com/olb/dist/vendor.43f2240dc35276d98b10.js

Domain: login.onlinebanking.suntrust.com
URL: https://login.onlinebanking.suntrust.com/olb/dist/main.25ba5780a94a6f633899.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| s_3_Integrate_DFA_get_0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fls.doubleclick.net
limassolgardens.info
login.onlinebanking.suntrust.com
nexus.ensighten.com
somni.suntrust.com
login.onlinebanking.suntrust.com
nexus.ensighten.com
192.243.255.29
216.58.206.6
66.147.240.153
70c0562a1eae280a439795763cf947a41dd106ffe50fa6c9c0236aba5dcf9fb3
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
f6436bd0b2d446310ba7fcad0cc3fe74ff83eff49ae175299268b9b5580173d6

limassolgardens.info Open in urlscan Pro 66.147.240.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

23 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

28 kBTransfer

64 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

limassolgardens.info Open in urlscan Pro
66.147.240.153 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

23 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

28 kB
Transfer

64 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions