urlscan.io logo urlscan.io
SecurityTrails logo

banking.ninjacard.com Open in urlscan Pro
3.141.232.125  Public Scan

Go To Rescan Add Verdict Report
URL: https://banking.ninjacard.com/
Submission: On January 03 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 3.141.232.125, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is banking.ninjacard.com.
TLS certificate: Issued by R3 on January 3rd 2023. Valid for: 3 months.
This is the only time banking.ninjacard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 3.141.232.125 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.240.152.58 16509 (AMAZON-02)
1 18.211.47.128 14618 (AMAZON-AES)
1 100.20.58.101 16509 (AMAZON-02)
19 7
12    3.141.232.125 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-232-125.us-east-2.compute.amazonaws.com
banking.ninjacard.com
1    2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gbqofs.com
1    44.240.152.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-152-58.us-west-2.compute.amazonaws.com
dx.mountain.com
1    18.211.47.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-47-128.compute-1.amazonaws.com
report.creditninja.gbqofs.io
1    100.20.58.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-58-101.us-west-2.compute.amazonaws.com
100.20.58.101
Apex Domain
Subdomains		 Transfer
12 ninjacard.com
banking.ninjacard.com
185 KB
1 gbqofs.io
report.creditninja.gbqofs.io
1 KB
1 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 8458
px.mountain.com Failed
4 KB
1 gbqofs.com
cdn.gbqofs.com — Cisco Umbrella Rank: 12358
132 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
39 KB
19 5
Domain Requested by
12 banking.ninjacard.com banking.ninjacard.com
1 report.creditninja.gbqofs.io cdn.gbqofs.com
1 dx.mountain.com banking.ninjacard.com
1 cdn.gbqofs.com banking.ninjacard.com
1 www.googletagmanager.com banking.ninjacard.com
0 px.mountain.com Failed dx.mountain.com
19 6

This site contains links to these domains. Also see Links.

Domain
ninjacard.com
Subject Issuer Validity Valid
banking.ninjacard.com
R3		 2023-01-03 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-11 -
2023-11-11		 a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2022-05-21 -
2023-06-22		 a year crt.sh
report.creditninja.gbqofs.io
Amazon		 2022-10-09 -
2023-11-08		 a year crt.sh
100.20.58.101
Sectigo RSA Domain Validation Secure Server CA		 2022-09-26 -
2023-09-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://banking.ninjacard.com/
Frame ID: 6946C8487614263775A618BCCFCABF4C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Started

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

89 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

362 kB
Transfer

1224 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
banking.ninjacard.com/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 / Next.js
Resource Hash
5d45982481e1a7af5b2e29c5d7f00db4c1ee14e44838826f8604f7ef36a50740
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Jan 2023 18:12:09 GMT
etag
"3y3wv5182mdp3"
server
openresty/1.15.8.2
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-powered-by
Next.js
28053efbeaa0b5a9.css
banking.ninjacard.com/_next/static/css/ 		216 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/css/28053efbeaa0b5a9.css
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
81766bb0192407c0361710fc2a70be1ab54342463ba5395e9e3478ceedad7189
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"35e1b-1852bc61158"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
3ed56e49b5135eb0.css
banking.ninjacard.com/_next/static/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/css/3ed56e49b5135eb0.css
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
8fac44832b5eb27c4c34a59546ddca1b45d238e1d5befb8fa34b3750d6af9f64
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"1ef9-1852bc61158"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-a24c71d9d4741c93.js
banking.ninjacard.com/_next/static/chunks/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/chunks/webpack-a24c71d9d4741c93.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
113d4385e8e855ab2401fe04980ccfe53e5dc8f9f21ee2eb3856407018f1f674
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"140a-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
framework-114634acb84f8baa.js
banking.ninjacard.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/chunks/framework-114634acb84f8baa.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
cc76e8d9def9ded50761a877750bab9afab8d4873351a0088e44811c8a4f54e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"226fe-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-66ca454f7bdf962f.js
banking.ninjacard.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/chunks/main-66ca454f7bdf962f.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
d96d73c3955d4aa15146778bf079a54a6f93dcf48e5f011cd8b6ced6c69c25bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"15ba1-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app-acb4025a3ec94693.js
banking.ninjacard.com/_next/static/chunks/pages/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/chunks/pages/_app-acb4025a3ec94693.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
d4e1a49a9afdb0e2043b67dd2ad32ecd2e9c56f7cb68532e9d2cc0203fdc0733
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"1405a-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
273-fa410829e9f26bcb.js
banking.ninjacard.com/_next/static/chunks/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/chunks/273-fa410829e9f26bcb.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
3e2d292bbb218b8afbbaa900e201ce87632f5523d68312f19a525b26979e0f61
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"16d1c-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
166-d9a7a270ee6b8277.js
banking.ninjacard.com/_next/static/chunks/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/chunks/166-d9a7a270ee6b8277.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
0feab8b60ba15c0bf64575ad82f515942a6d7feb6805e9df557c4bd37f7d2b79
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"393c-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
index-d1f991e7127d2020.js
banking.ninjacard.com/_next/static/chunks/pages/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/chunks/pages/index-d1f991e7127d2020.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
f9d8d81d8957777ff4f30bf8904831c51db28f100ade1852f658b7c0780f2acd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"30c4-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_buildManifest.js
banking.ninjacard.com/_next/static/8POzuyEjJu69qqxnUegy5/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/8POzuyEjJu69qqxnUegy5/_buildManifest.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
d6ad0597786e568500454d1fb434f4094918539888a155df9e40ed6dabef24ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"11bc-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_ssgManifest.js
banking.ninjacard.com/_next/static/8POzuyEjJu69qqxnUegy5/ 		77 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.ninjacard.com/_next/static/8POzuyEjJu69qqxnUegy5/_ssgManifest.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.141.232.125 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-232-125.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 19 Dec 2022 19:04:39 GMT
server
openresty/1.15.8.2
etag
W/"4d-1852bc61158"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
77
gtm.js
www.googletagmanager.com/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-559VNXB
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa532b7f4d05d6c0c2cd556c00534d185041718349bbf41faf9f91c313fd97c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
39126
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 03 Jan 2023 18:12:10 GMT
detector-dom.min.js
cdn.gbqofs.com/creditninja/card/p/ 		439 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/creditninja/card/p/detector-dom.min.js
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e1b711f3e51c90b2f12771f75e3d8d8a2b04eba470f6e16124a0b2ce88a2b1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:10 GMT
x-amz-version-id
oV_LaJqcloIQr8Z9WTqp7jP7vxWl3_No
content-encoding
gzip
cf-cache-status
MISS
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Mon, 12 Dec 2022 14:45:18 GMT
server
cloudflare
etag
W/"bd1ce46db66e66d87505713810e6aa11"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
783db37c5d362be4-FRA
x-amz-cf-id
zocZrJspesDDxUm6-XA31y4U4Xphzh_4tP11zrimiyujC1uSELnyOw==
expires
Tue, 03 Jan 2023 22:12:10 GMT
spx
dx.mountain.com/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=32603&tdr=&plh=https%3A%2F%2Fbanking.ninjacard.com%2F&cb=85694173785313800term=value
Requested by
Host: banking.ninjacard.com
URL: https://banking.ninjacard.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.240.152.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-152-58.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e33802ed173cfc3870d375fe1e98a87d8022264eed5a5c13a0872afa56a3a838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:10 GMT
content-encoding
gzip
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
x-envoy-upstream-service-time
1
connection
close
expires
Thu, 01 Jan 1970 00:00:00 GMT
cls_report
report.creditninja.gbqofs.io/reporting/1ba53eae-7021-2b94-4e37-42ba8e33243a/ 		182 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.creditninja.gbqofs.io/reporting/1ba53eae-7021-2b94-4e37-42ba8e33243a/cls_report?_cls_s=77ae48bd-38f9-4bb7-978d-29e0ccef56c4%3A0&_cls_v=a740138c-3c0c-4e1d-9a04-1693c2cd2346&pv=2&f_cls_s=true
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/creditninja/card/p/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.47.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-47-128.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
fc64119234704722aac521bcdbe1d928df25094f5e4c15572b509a5fe2206cfe
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 18:12:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
163
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
GlassBox Cligate
X-Frame-Options
SAMEORIGIN
vary
origin
Content-Type
application/json
access-control-allow-origin
https://banking.ninjacard.com
access-control-allow-credentials
true
GB-Server
g5025
X-Robots-Tag
noindex
is
100.20.58.101/ 		32 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://100.20.58.101/is
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/creditninja/card/p/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.20.58.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-58-101.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
fbe09ffe2e7c31d5302a91315abac0fa7f6d8d0f218e0de9eff3cfcd31e3d077

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.ninjacard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:12:11 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
32
x-application-context
application:prod:8080
25548fd0-ab28-4967-9de4-6a71d1b7208b
https://banking.ninjacard.com/ 		75 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://banking.ninjacard.com/25548fd0-ab28-4967-9de4-6a71d1b7208b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
75
Content-Type
application/javascript
st
px.mountain.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.mountain.com
URL
https://px.mountain.com/st?ga_tracking_id=UA-116164741-2&shpt=Get%20Started&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-116164741-2%22%2C%22shpt%22%3A%22Get%20Started%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dxver=4.0.0&shaid=32603&plh=https%3A%2F%2Fbanking.ninjacard.com%2F&cb=85694173785313800term%3Dvalue&shoamt=0.00&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| dataLayer object| google_tag_manager object| script object| _cls_config object| _detector object| optimizely object| convertize undefined| dcm_cid undefined| dcm_tid undefined| dcm_gid

3 Cookies

Domain/Path Name / Value
.ninjacard.com/ Name: _cls_v
Value: a740138c-3c0c-4e1d-9a04-1693c2cd2346
.ninjacard.com/ Name: _cls_s
Value: 77ae48bd-38f9-4bb7-978d-29e0ccef56c4:0
report.creditninja.gbqofs.io/ Name: AWSALBCORS
Value: o73tUizUC4AWFUHDDVoyYP5jvEkDti5qOu6QjmdFLw5G5ZFZ7RgWfOaBNDfQ1fn3grQv0S0Prw4IYVyReXesVNBgrySgt/04kHua5L7IVPTP12iOjiNLUw7OrjpY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.ninjacard.com
cdn.gbqofs.com
dx.mountain.com
px.mountain.com
report.creditninja.gbqofs.io
www.googletagmanager.com
px.mountain.com
100.20.58.101
18.211.47.128
2606:4700::6812:190d
2a00:1450:400d:80e::2008
3.141.232.125
44.240.152.58
0feab8b60ba15c0bf64575ad82f515942a6d7feb6805e9df557c4bd37f7d2b79
113d4385e8e855ab2401fe04980ccfe53e5dc8f9f21ee2eb3856407018f1f674
3e2d292bbb218b8afbbaa900e201ce87632f5523d68312f19a525b26979e0f61
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
5d45982481e1a7af5b2e29c5d7f00db4c1ee14e44838826f8604f7ef36a50740
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
81766bb0192407c0361710fc2a70be1ab54342463ba5395e9e3478ceedad7189
8e1b711f3e51c90b2f12771f75e3d8d8a2b04eba470f6e16124a0b2ce88a2b1c
8fac44832b5eb27c4c34a59546ddca1b45d238e1d5befb8fa34b3750d6af9f64
aa532b7f4d05d6c0c2cd556c00534d185041718349bbf41faf9f91c313fd97c5
cc76e8d9def9ded50761a877750bab9afab8d4873351a0088e44811c8a4f54e3
d4e1a49a9afdb0e2043b67dd2ad32ecd2e9c56f7cb68532e9d2cc0203fdc0733
d6ad0597786e568500454d1fb434f4094918539888a155df9e40ed6dabef24ed
d96d73c3955d4aa15146778bf079a54a6f93dcf48e5f011cd8b6ced6c69c25bc
e33802ed173cfc3870d375fe1e98a87d8022264eed5a5c13a0872afa56a3a838
f9d8d81d8957777ff4f30bf8904831c51db28f100ade1852f658b7c0780f2acd
fbe09ffe2e7c31d5302a91315abac0fa7f6d8d0f218e0de9eff3cfcd31e3d077
fc64119234704722aac521bcdbe1d928df25094f5e4c15572b509a5fe2206cfe