Effective URL: https://new.ustrinitycustom.com/xBananaV3/customer_center/Secure988/myaccount/signin/?country.x=DE&locale.x=en_DE
Submission: On February 11 via manual
Summary
The main IP is 64.207.176.165, located in Culver City, United States and belongs to MEDIATEMPLE - Media Temple, Inc., US. The main domain is new.ustrinitycustom.com.
The TLS certificate was issued by cPanel, Inc. Certification Authority on December 24th 2018 with a validity of 3 months.
This is the first time this domain was scanned on urlscan.io!
Potentially malicious content or behaviour on this page! Show Details
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 7 | 64.207.176.165 64.207.176.165 | 31815 (MEDIATEMPLE) (MEDIATEMPLE - Media Temple) | |
4 | 1 |
Domain Subdomains |
Transfer | |
---|---|---|
7 |
ustrinitycustom.com
3 redirects
|
40 KB |
4 | 1 |
Domain | Requested by | |
---|---|---|
7 | new.ustrinitycustom.com |
3 redirects
new.ustrinitycustom.com
|
4 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
Subject / Issuer | Validity | Valid |
---|---|---|
new.ustrinitycustom.com cPanel, Inc. Certification Authority |
2018-12-24 - 2019-03-24 |
3 months |
Screenshot

Detected technologies
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Stats
0
Requests
0
Ad-blocked
0
Malicious
0
%
HTTPS
0
%
IPv6
0
Domains
0
Subdomains
0
IPs
0
Countries
0
kB
Transfer
0
kB
Size
0
Cookies
0 Outgoing links
These are links going to different origins than the main page. For each link, only the first name is shown.
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
?country.x=DE&locale.x=en_DE
/xBananaV3/customer_center/Secure988/myaccount/signin Redirect Chain
|
7 KB 3 KB |
Document text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
L-xBanana.css
/xBananaV3/customer_center/Secure988/lib/css |
13 KB 4 KB |
Stylesheet text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
/xBananaV3/customer_center/Secure988/lib/js |
84 KB 30 KB |
Script application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kl_h4aXX6987PO.svg
/xBananaV3/customer_center/Secure988/lib/img |
5 KB 2 KB |
Image image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Redirect requests
There were HTTP redirects (301, 302) for the following requests:
Request 0- https://new.ustrinitycustom.com/xBananaV3/
- https://new.ustrinitycustom.com/xBananaV3/customer_center/Secure988
- https://new.ustrinitycustom.com/xBananaV3/customer_center/Secure988/
- https://new.ustrinitycustom.com/xBananaV3/customer_center/Secure988/myaccount/signin/?country.x=DE&locale.x=en_DE
Malicious behaviour and content
Google Safe Browsing
There was 1 malicious URLs contacted according to Google Safe Browsing! See report
SOCIAL_ENGINEERING | https://new.ustrinitycustom.com/xBananaV3/customer_center/Secure988/lib/img/kl_h4aXX6987PO.svg |
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
new.ustrinitycustom.com/ | Name: PHPSESSID Value: 331a0fcaf3096660c08c8f891b043161 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators of compromise (IoCs)
This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.
new.ustrinitycustom.com 64.207.176.165 1bcda772b32139bbd18696ba5a08fc2da9731cecf88d6b904cb953107484f55f 2a1f1370eb7b24a307312112427dfd544fb838a8bef66babc936f5e870a22e52 6d3d65096d7b7426ae703b2a177168788dd1b036d176f015dabd4bbd85257f40 b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5