online3.listerhill.com

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 96.45.82.93, located in United States and belongs to TIGGEE, US. The main domain is online3.listerhill.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on March 21st 2024. Valid for: a year.

This is the only time online3.listerhill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	96.45.82.93 96.45.82.93	16552 (TIGGEE) (TIGGEE)
1	208.80.120.70 208.80.120.70	16552 (TIGGEE) (TIGGEE)
1 2	18.245.60.24 18.245.60.24	16509 (AMAZON-02) (AMAZON-02)
4	3

2 96.45.82.93 (United States)

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com

online3.listerhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.80.120.70 (Ashburn, United States)

ASN16552 (TIGGEE, US)
PTR: systems.tiggee.net

rumjs.rumito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.24 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-24.fra60.r.cloudfront.net

zlcuma.banking.apiture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	apiture.com 1 redirects zlcuma.banking.apiture.com	1 KB
2	listerhill.com online3.listerhill.com	2 KB
1	rumito.net rumjs.rumito.net — Cisco Umbrella Rank: 798332	2 KB
4	3

	Domain	Requested by
2	zlcuma.banking.apiture.com	1 redirects online3.listerhill.com
2	online3.listerhill.com
1	rumjs.rumito.net	online3.listerhill.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid
*.dnsmadeeasy.com GeoTrust TLS RSA CA G1	`2024-03-21` - `2025-04-21`	a year	crt.sh
*.rumito.net GeoTrust TLS RSA CA G1	`2024-03-20` - `2025-04-20`	a year	crt.sh
prod-fxweb.apiture-comm-prod.com Amazon RSA 2048 M03	`2024-01-23` - `2025-02-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://online3.listerhill.com/
Frame ID: 8924B2E922EBC86CDCC537F80C2FFCDB
Requests: 3 HTTP requests in this frame

Frame: https://zlcuma.banking.apiture.com/DigitalBanking/fx?iid=ZLCUMA
Frame ID: 345C1E9089F72D45BBF0FE7AD8037631
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking

Page URL History Show full URLs

http://online3.listerhill.com/ HTTP 307
https://online3.listerhill.com/ Page URL

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

4 kB
Transfer

4 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://online3.listerhill.com/ HTTP 307
https://online3.listerhill.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://zlcuma.banking.apiture.com/DigitalBanking/fx?iid=ZLCUMA HTTP 307
https://zlcuma.banking.apiture.com/DigitalBanking/fx?iid=ZLCUMA

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
online3.listerhill.com/
Redirect Chain

http://online3.listerhill.com/
https://online3.listerhill.com/

927 B
1 KB

376ms
113ms

Document
text/html

96.45.82.93
TIGGEE

General

Check archive.org

Show headers Download Go to

Full URL: https://online3.listerhill.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.45.82.93 , United States, ASN16552 (TIGGEE, US),
Reverse DNS: redirection.dnsmadeeasy.com
Software: DNSME HTTP Redirection /
Resource Hash: 554b472126af450b80a6aec0be2d3569fc1820a85cedf0e5ce99b42f9a1dbd32

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: close
Content-Length: 927
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 10 Jun 2024 14:09:08 GMT
Server: DNSME HTTP Redirection

Redirect headers

Location: https://online3.listerhill.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200 56441 Show response
rumjs.rumito.net/rumjs/script/ 2 KB
2 KB 341ms
107ms Script
text/javascript 208.80.120.70
TIGGEE

General

Check archive.org

Show headers Download Go to

Full URL: https://rumjs.rumito.net/rumjs/script/56441
Requested by: Host: online3.listerhill.com
URL: https://online3.listerhill.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 208.80.120.70 Ashburn, United States, ASN16552 (TIGGEE, US),
Reverse DNS: systems.tiggee.net
Software: /
Resource Hash: 2426010dd1304d923d0f8847fe96d6cb59d72e5be47d1b2e566de6222f8c0a77

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://online3.listerhill.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 10 Jun 2024 14:09:09 GMT
Connection: keep-alive
Content-Length: 2168
Content-Type: text/javascript

GET
H/1.1

200
OK

fx
zlcuma.banking.apiture.com/DigitalBanking/ Frame 345C
Redirect Chain

https://zlcuma.banking.apiture.com/DigitalBanking/fx?iid=ZLCUMA
https://zlcuma.banking.apiture.com/DigitalBanking/fx?iid=ZLCUMA

0
0

416ms
416ms

Document
text/html

18.245.60.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zlcuma.banking.apiture.com/DigitalBanking/fx?iid=ZLCUMA

Requested by

Host: online3.listerhill.com
URL: https://online3.listerhill.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-24.fra60.r.cloudfront.net

Software

/

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online3.listerhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-control: no-store, no-cache, private, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=ISO-8859-1
Content-security-policy: frame-ancestors 'self'
Date: Mon, 10 Jun 2024 14:09:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Transfer-Encoding: chunked
Via: 1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7THxOZogvoYY2I97SxV9jHxF4Gp8gC-MF8MEerm51Qzg2U-QC_Hmkw==
X-Amz-Cf-Pop: FRA60-P5
X-Cache: Miss from cloudfront
X-frame-options: SAMEORIGIN

Redirect headers

Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Mon, 10 Jun 2024 14:09:09 GMT
Location: /DigitalBanking/fx?iid=ZLCUMA
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Brt1Oolp0ZKIo0bavtqye3De06BzUgYwSt3k0mtQqkZPBGbSPFLWcA==
X-Amz-Cf-Pop: FRA60-P5
X-Cache: Miss from cloudfront

GET
H/1.1 200
OK favicon.ico
online3.listerhill.com/ 951 B
1 KB 319ms
107ms Other
text/html 96.45.82.93
TIGGEE

General

Check archive.org

Show headers Download Go to

Full URL: https://online3.listerhill.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.45.82.93 , United States, ASN16552 (TIGGEE, US),
Reverse DNS: redirection.dnsmadeeasy.com
Software: DNSME HTTP Redirection /
Resource Hash: 671de7476f65b016aa788cff150a6121771f66048cb223d0e766cab209cb35d8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://online3.listerhill.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 10 Jun 2024 14:09:09 GMT
Server: DNSME HTTP Redirection
Connection: close
Content-Length: 951
Content-Type: text/html;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.banking.apiture.com/	1969-12-31 23:59:59	Name: secure.fx.sid.fxweb Value: login%232%23c541f61aae78b966%2389b7e8159b14eb47972e2359b2a4185e4e7998123f7f9064656584f9c4955bb811686eeb95c2c89f238b2b63cb21d8e41df44bb2b7bb590a
zlcuma.banking.apiture.com/	1969-12-31 23:59:59	Name: TS01d09e1e Value: 01c6fb4b6c6ab1ddc01ae6b97e8a61fae88e4b92464a35362453971f758bcad6c8ac8b70e5cbd047ca311b2a4815b9b668a171877c
.banking.apiture.com/	1969-12-31 23:59:59	Name: TS01550d88 Value: 01c6fb4b6c6ab1ddc01ae6b97e8a61fae88e4b92464a35362453971f758bcad6c8ac8b70e5cbd047ca311b2a4815b9b668a171877c
zlcuma.banking.apiture.com/	1970-01-20 21:13:48	Name: TS8aa168cd029 Value: 0894bc7510ab280068292c970771ff46df854b1e2b32ed1454bb4a006b13a82649f6a4599b02d0472aa4c699e117edf8
zlcuma.banking.apiture.com/	1969-12-31 23:59:59	Name: TS481daac3027 Value: 0894bc7510ab2000e1a7464d413028a1ac31acd793eec8b09386200e022c4e6b16e62b631cdee96c08fb8f773f11300096dd084c412ef685504207eaf0ac3fd1fb82aafd0f02e9718e33d05129162639731d3bf81fdb13263e1a07002764649d

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online3.listerhill.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	Message: Refused to frame 'https://zlcuma.banking.apiture.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online3.listerhill.com
rumjs.rumito.net
zlcuma.banking.apiture.com
18.245.60.24
208.80.120.70
96.45.82.93
2426010dd1304d923d0f8847fe96d6cb59d72e5be47d1b2e566de6222f8c0a77
554b472126af450b80a6aec0be2d3569fc1820a85cedf0e5ce99b42f9a1dbd32
671de7476f65b016aa788cff150a6121771f66048cb223d0e766cab209cb35d8

online3.listerhill.com Open in urlscan Pro 96.45.82.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

4 kBTransfer

4 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

11 Console Messages

Indicators

online3.listerhill.com Open in urlscan Pro
96.45.82.93 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

4 kB
Transfer

4 kB
Size

5
Cookies

4 HTTP transactions
0 data transactions