login.payment.ninja
Open in
urlscan Pro
52.87.35.92
Public Scan
Submission: On September 28 via api from US
Summary
This is the only time login.payment.ninja was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 52.87.35.92 52.87.35.92 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 54.152.127.232 54.152.127.232 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 54.230.95.173 54.230.95.173 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c00::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:816::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 205.185.216.10 205.185.216.10 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 205.185.216.42 205.185.216.42 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
19 | 12 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-87-35-92.compute-1.amazonaws.com
login.payment.ninja |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
stackpath.bootstrapcdn.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-152-127-232.compute-1.amazonaws.com
login.payment.ninja |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-173.fra2.r.cloudfront.net
js.driftt.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
static.hotjar.com | |
script.hotjar.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
vars.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
payment.ninja
login.payment.ninja |
2 MB |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
82 KB |
2 |
facebook.com
www.facebook.com |
441 B |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
16 KB |
2 |
driftt.com
js.driftt.com |
40 KB |
2 |
facebook.net
connect.facebook.net |
32 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
191 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
159 B |
1 |
googletagmanager.com
www.googletagmanager.com |
27 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
7 KB |
1 |
googleapis.com
fonts.googleapis.com |
478 B |
19 | 12 |
Domain | Requested by | |
---|---|---|
5 | login.payment.ninja |
login.payment.ninja
|
2 | www.facebook.com |
login.payment.ninja
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | js.driftt.com |
login.payment.ninja
js.driftt.com |
2 | connect.facebook.net |
login.payment.ninja
connect.facebook.net |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
login.payment.ninja
|
1 | www.google.de |
login.payment.ninja
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googletagmanager.com |
login.payment.ninja
|
1 | stackpath.bootstrapcdn.com |
login.payment.ninja
|
1 | fonts.googleapis.com |
login.payment.ninja
|
19 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googleapis.com Google Internet Authority G3 |
2018-09-11 - 2018-12-04 |
3 months | crt.sh |
*.bootstrapcdn.com Let's Encrypt Authority X3 |
2018-09-14 - 2018-12-13 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2018-08-28 - 2018-11-20 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
drift.com Amazon |
2017-11-01 - 2018-12-01 |
a year | crt.sh |
www.google.de Google Internet Authority G3 |
2018-08-28 - 2018-11-20 |
3 months | crt.sh |
*.hotjar.com Let's Encrypt Authority X3 |
2018-09-22 - 2018-12-21 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://login.payment.ninja/
Frame ID: A55F1C0503E598E6059B564AA44C2DE9
Requests: 17 HTTP requests in this frame
Frame:
https://js.driftt.com/deploy/assets/index.html
Frame ID: 746E4A6F5F9B74CE39B391F5461E8688
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: 17FCDCD17F8D64FB17C56A999CEBD8AA
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Erlang (Programming Languages) ExpandDetected patterns
- headers server /Cowboy/i
Cowboy (Web Frameworks) Expand
Detected patterns
- headers server /Cowboy/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
Hotjar (Analytics) Expand
Detected patterns
- script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1086631662&t=pageview&_s=1&dl=http%3A%2F%2Flogin.payment.ninja%2F&ul=en-us&de=UTF-8&dt=Payment.Ninja&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=692495470&gjid=1104734897&cid=755027639.1538164292&tid=UA-96016389-2&_gid=1441851649.1538164292&_r=1>m=u9o&z=836641655 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96016389-2&cid=755027639.1538164292&jid=692495470&_gid=1441851649.1538164292&gjid=1104734897&_v=j69&z=836641655 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96016389-2&cid=755027639.1538164292&jid=692495470&_v=j69&z=836641655 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96016389-2&cid=755027639.1538164292&jid=692495470&_v=j69&z=836641655&slf_rd=1&random=3843604491
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
login.payment.ninja/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
icon
fonts.googleapis.com/ |
574 B 478 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
77 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.172c7154.css
login.payment.ninja/static/css/ |
155 KB 155 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.5d0a19f5.js
login.payment.ninja/static/js/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fbevents.js
connect.facebook.net/en_US/ |
45 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nvbsfwuw7rgh.js
js.driftt.com/include/1538164500000/ |
120 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
309869299438708
connect.facebook.net/signals/config/ |
87 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
39 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
login.payment.ninja/ |
370 B 590 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
js.driftt.com/deploy/assets/ Frame 746E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hotjar-947531.js
static.hotjar.com/c/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
payment.ninja-logo.dfcbf5e3.png
login.payment.ninja/static/media/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modules-bb7206a0de901543c7a6cc62a661f510.js
script.hotjar.com/ |
399 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame 17FC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 144 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| fbq function| _fbq function| gtag object| dataLayer function| drift function| driftt object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData object| __core-js_shared__ boolean| __DRIFTT_WIDGET_INCLUDED__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__ object| __SECRET_EMOTION__ number| __global_unique_id__ function| Payment function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.payment.ninja/ | Name: _gat_gtag_UA_96016389_2 Value: 1 |
|
.payment.ninja/ | Name: _gid Value: GA1.2.1441851649.1538164292 |
|
login.payment.ninja/ | Name: driftt_aid Value: fcac4bea-28b4-41af-81e5-6a1b31258e4a |
|
.payment.ninja/ | Name: _ga Value: GA1.2.755027639.1538164292 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
fonts.googleapis.com
js.driftt.com
login.payment.ninja
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
205.185.216.10
205.185.216.42
209.197.3.15
2a00:1450:4001:815::2008
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:81d::200e
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.87.35.92
54.152.127.232
54.230.95.173
0481dd681ea5109380a8c83990a97adfb4a1f1c9bc45f9e573cd3ff0f979c413
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
189ec5ce05218ce5ddfe44b82ab4aef5980a3088954c802dd8ec9593fa0e6bdb
26e92e807834cdb7d95afa83e0935a24ca3b655932b871a2a630e3a923158f93
41e4a21b61eedcc507c8852c65fecc08e7c2226ea25803bb9e496f83c05ab0c8
49dfac33f98d2f19e8f9946058c8aa19c04bae8aab8e5ed6c687957f429797e0
5e4fb5563218c9d2c6548a50764e052853fe611f3bd3e9e6b353c079a16b618f
64c732b416d738eadb61e9893a9f6b258a2683c029b1a4ee5d2a6fb2b1d060be
6ebdbdf01e78babe586c8cc981e09e38b3c080a54a8fdc16d5e4d757a866307b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
bc3dcb4286a8f195e508cbf6395a98962b169c522edd38e67b414e7ec62b6f0d
c2e8201c0aed0bc83ec72760c38ba072e5a600744db6301bea901a3acf7d0529
d815e0a2dc01ad311602deba3950031a6f648fae891987d8525375cc9d60e61d
e12d83526643c0aa35879fb498ab6a1770436c8b6a921f287f60e3dbbe91dc60
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629