billing-config.nitrologistics.co
Open in
urlscan Pro
165.232.136.226
Public Scan
Submission Tags: phishingrod
Submission: On October 28 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 28th 2022. Valid for: 3 months.
This is the only time billing-config.nitrologistics.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 165.232.136.226 165.232.136.226 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 13.224.189.94 13.224.189.94 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 3 |
ASN14061 (DIGITALOCEAN-ASN, US)
billing-config.nitrologistics.co |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-94.fra2.r.cloudfront.net
cdn.plaid.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 15757 |
468 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293 |
31 KB |
1 |
nitrologistics.co
billing-config.nitrologistics.co |
1 KB |
8 | 3 |
Domain | Requested by | |
---|---|---|
6 | cdn.plaid.com |
billing-config.nitrologistics.co
cdn.plaid.com |
1 | ajax.googleapis.com |
billing-config.nitrologistics.co
|
1 | billing-config.nitrologistics.co | |
8 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
billing-config.nitrologistics.co R3 |
2022-10-28 - 2023-01-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
secure.plaid.com DigiCert SHA2 Extended Validation Server CA |
2022-03-08 - 2023-04-08 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://billing-config.nitrologistics.co/
Frame ID: 2DA8765D5359C1572004809AAB9F341C
Requests: 4 HTTP requests in this frame
Frame:
https://cdn.plaid.com/link/v2/stable/link.html?isHostedTrustedAuth=false&isLinkInitialize=true&origin=https%3A%2F%2Fbilling-config.nitrologistics.co&token=link-production-4b4ed04a-6329-484e-905b-43802dc1bc11&uniqueId=1&version=2.0.1415
Frame ID: 87272AF2CC493461B8ECAFCFD6E0206F
Requests: 4 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
billing-config.nitrologistics.co/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
link-initialize.js
cdn.plaid.com/link/v2/stable/ |
97 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
link-dynamic-loader.js
cdn.plaid.com/link/2.0.1415/ |
0 43 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
link.html
cdn.plaid.com/link/v2/stable/ Frame 8727 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flink.css
cdn.plaid.com/link/2.0.1415/ Frame 8727 |
72 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
cdn.plaid.com/link/2.0.1415/ Frame 8727 |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flink.js
cdn.plaid.com/link/2.0.1415/ Frame 8727 |
1 MB 374 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| Plaid object| webpackJsonpPlaid object| __core-js_shared__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
billing-config.nitrologistics.co
cdn.plaid.com
13.224.189.94
165.232.136.226
2a00:1450:4001:82a::200a
1b676621b170ad4afefa0d2a24828da93dc9ceba7415fa15be0f06f73db23705
1c5afa0a152bd41dbd3f8e5b7c52a56004aa1332bc551dd9d1a2c32e2fb18c9f
40760a32034bb52473c2a8f7d2206e18e5d7eee28bc4a12ddac315ccd530a49c
c037e17e9b88a9ad4c62b83fd44dd3929e12cbab7ea640ed063e3d276cdb4575
c2e898728de52fb6a98ad49a5b9cab82f13cd300a04b3c6fae4f4b21de153d8d
c3cf63a42c7ced86dba118b6672e9389d42f85543fad59cba571d0bf86444d4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d