payment-terminal.ml
Open in
urlscan Pro
185.27.134.224
Malicious Activity!
Public Scan
Submitted URL: http://payment-terminal.ml/?i=1
Effective URL: http://payment-terminal.ml/?i=2
Submission: On January 31 via api from US — Scanned from US
Effective URL: http://payment-terminal.ml/?i=2
Submission: On January 31 via api from US — Scanned from US
Summary
This website contacted 3 IPs
in 2 countries
across 3 domains to perform 29 HTTP transactions.
The main IP is 185.27.134.224, located in
United Kingdom and
belongs to WILDCARD-AS Wildcard UK Limited, GB.
The main domain is payment-terminal.ml.
This is the only time payment-terminal.ml was scanned on urlscan.io!
This is the only time payment-terminal.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Transportation (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 25 | 185.27.134.224 185.27.134.224 | 34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited) | |
| 1 | 185.139.247.114 185.139.247.114 | 47957 (ING-AS) (ING-AS) | |
| 29 | 3 |
25
185.27.134.224
(United Kingdom)
ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
| payment-terminal.ml |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
payment-terminal.ml
payment-terminal.ml |
147 KB |
| 1 |
ogone.com
secure.ogone.com — Cisco Umbrella Rank: 191383 |
1 KB |
| 0 |
infinityfree.net
Failed
errors.infinityfree.net Failed |
|
| 29 | 3 |
| Domain | Requested by | |
|---|---|---|
| 25 | payment-terminal.ml |
payment-terminal.ml
|
| 1 | secure.ogone.com |
payment-terminal.ml
|
| 0 | errors.infinityfree.net Failed |
payment-terminal.ml
|
| 29 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| secure.ogone.com |
| www.mastercard.us |
| worldline.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| secure.ogone.com Sectigo RSA Organization Validation Secure Server CA |
2022-10-05 - 2023-10-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://payment-terminal.ml/?i=2
Frame ID: 505018C2785499D9A0A7180AAA9DD602
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Payment confirmationPage URL History Show full URLs
- http://payment-terminal.ml/?i=1 Page URL
- http://payment-terminal.ml/?i=2 Page URL
Detected technologies
RequireJS
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- require.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://secure.ogone.com/ncol/prod/card_verification_code.asp?lang=2&ABRAND=Eurocard&CSRFSP=%2Fncol%2Fprod%2Forderstandard%5Futf8%2Easp&CSRFKEY=FEDA90DD0A2ABF09FCC9BDF3EDE2FCD111A0ED02&CSRFTS=20230125163810
Title: Qu'est-ce que c'est?
Title: Qu'est-ce que c'est?
Search URL Search Domain Scan URL
URL: https://www.mastercard.us/en-us/frequently-asked-questions.html#securecode
Search URL Search Domain Scan URL
URL: https://secure.ogone.com/ncol/PSPabout.asp?lang=2&pspid=fondationdefrance&branding=OGONE&CSRFSP=%2Fncol%2Fprod%2Forderstandard%5Futf8%2Easp&CSRFKEY=318359FAE2DA39FFD9279258B8FDA137BEC49BE8&CSRFTS=20230125163810
Search URL Search Domain Scan URL
URL: https://worldline.com/?lang=2&pspid=fondationdefrance&branding=OGONE&CSRFSP=%2Fncol%2Fprod%2Forderstandard%5Futf8%2Easp&CSRFKEY=8217D1BDA4B7B21DDEE7D175A5B962CD29071314&CSRFTS=20230125163810
Title: A propos de Worldline
Title: A propos de Worldline
Search URL Search Domain Scan URL
URL: https://secure.ogone.com/ncol/security.asp?lang=2&mode=STD&branding=OGONE&CSRFSP=%2Fncol%2Fprod%2Forderstandard%5Futf8%2Easp&CSRFKEY=31D9BE573CAA8113969022FCFAD8F56CF5E11FB7&CSRFTS=20230125163810
Title: Sécurité
Title: Sécurité
Search URL Search Domain Scan URL
URL: https://worldline.com/en/home/main-navigation/git/office-locations.html?lang=2&mode=STD&branding=OGONE&CSRFSP=%2Fncol%2Fprod%2Forderstandard%5Futf8%2Easp&CSRFKEY=61BE167D5A7779F27A06CA83C0F0F2FBB6CF1A4A&CSRFTS=20230125163810
Title: Informations légales
Title: Informations légales
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://payment-terminal.ml/?i=1 Page URL
- http://payment-terminal.ml/?i=2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- http://payment-terminal.ml/Roboto-Light.ttf HTTP 302
- https://errors.infinityfree.net/errors/404/
- http://payment-terminal.ml/Roboto-Bold.ttf HTTP 302
- https://errors.infinityfree.net/errors/404/
- http://payment-terminal.ml/Roboto-Regular.ttf HTTP 302
- https://errors.infinityfree.net/errors/404/
29 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
payment-terminal.ml/ |
830 B 827 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aes.js
payment-terminal.ml/ |
30 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
payment-terminal.ml/ |
25 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
IngenicoResponsivePaymentPageTemplate_reset.css
payment-terminal.ml/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
IngenicoResponsivePaymentPageTemplate_template.css
payment-terminal.ml/ |
67 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wait_turn.gif
payment-terminal.ml/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.3.1.min.js
payment-terminal.ml/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate-1.4.1.min.js
payment-terminal.ml/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Class.create.js
payment-terminal.ml/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.jquery-encoder-0.1.0.min.js
payment-terminal.ml/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
required_fields.js
payment-terminal.ml/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
form_validation.js
payment-terminal.ml/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Eurocard_choice.gif
payment-terminal.ml/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
VISA_choice.gif
payment-terminal.ml/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CB_choice.gif
payment-terminal.ml/ |
877 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
American%20Express_choice.gif
payment-terminal.ml/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Fp_inc.1.2.js
payment-terminal.ml/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
base64_inc.js
payment-terminal.ml/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Eurocard_brand3D.gif
payment-terminal.ml/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
VISA_brand3D.gif
payment-terminal.ml/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
American%20Express_brand3D.gif
payment-terminal.ml/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SOCGENFR.gif
payment-terminal.ml/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pp_WorldLine2.png
payment-terminal.ml/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wait_turn.gif
secure.ogone.com/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
errors.infinityfree.net/errors/404/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
errors.infinityfree.net/errors/404/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
errors.infinityfree.net/errors/404/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ic_help.png
payment-terminal.ml/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ic_cancel.png
payment-terminal.ml/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- errors.infinityfree.net
- URL
- https://errors.infinityfree.net/errors/404/
- Domain
- errors.infinityfree.net
- URL
- https://errors.infinityfree.net/errors/404/
- Domain
- errors.infinityfree.net
- URL
- https://errors.infinityfree.net/errors/404/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Transportation (Transportation)61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange undefined| ncolwaitwindow number| ncolwaitwindowopen function| ShowWaitMsg function| my_submitAndWait function| justWait function| close_ncol_wait undefined| $ undefined| jQuery function| Class function| trustHTML object| OGONE object| requiredNames function| getRequiredNames function| setRequired function| setAttrNS function| createHiddenInput number| js_version function| ddValue function| valueIsUndefined function| strReplace function| Convert2Float function| isNumber function| isInt function| containsNoN function| are2Numbers function| xor function| FormFieldsA function| DependenciesA function| FieldDescriptor function| evalFormFields function| isValidEMail function| isValidUrl function| isValidSIC function| checkCCValid_Short function| checkCCValid function| my_submitAndDisable function| my_submit function| getInfoBrandFromCardNb function| Is_cvcOK function| evalFormFieldsN function| checkEMail function| checkEmailInput function| checkEMailECML function| checkCVCAndPresInd string| AlertMSG_109 string| AlertMSG_110 string| AlertMSG_173 string| AlertMSG_1205 string| AlertMSG_111 string| AlertERR_907 string| AlertERR_95 string| AlertERR_96 number| G_lsu function| my_valscript number| cvc_NbrFormFields string| arrcvc string| arrDispCVCFlag object| formFields function| ClearForm object| Base641 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| payment-terminal.ml/ | Name: __test Value: ce9646a81d141090c0021c6012d67a10 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
errors.infinityfree.net
payment-terminal.ml
secure.ogone.com
errors.infinityfree.net
185.139.247.114
185.27.134.224
008086eb50541976bb7694c544370ba2f1823352c090dd59db1bbc3159eaffbe
025058bf7c0e671b2a7d6d412a7b52c60d3dea7ad0656d50b43628680859ecc9
0e06d557318bbaa2dcd423a56ce5c898c41277cddb01d2deb43ec43249a66dd5
104248de46d672922343e4885448bb8ec22879af11fa3a2ba8da49796aa06ddd
1a3b236d7c4b80779f3a9a8d20261813a081fb6d61050f513aded6fc244d4742
1b67e9cfcde946b7bffea54756f250fe82de2920108c9cb758f95cee7cdc0a97
4a4c2721d21ae8f0e6def654b3d3ac6cfe4771c7a0d99bb23dced17ee571e1e9
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
59b66845812b0f601bd3212774a8982a9aaf6d82074e258ea951e2465fad5407
5c26d62b9f79fa11b23d2100e49114fb4d1dddcefaa3a8a209e8eee0310d3993
5f88b9d0b470d0b357568fd672f7f0328ad3fef560772b19a8b60f5d2db5ca9f
677744b71fd9f72fd67450d0dc9aac1f76f2a8dd0bce901652c4394d02212d80
7072895128743fb92b9ae519c91dff7203f3a35ef321fffced997719da193cd2
7b3458ba3790ecaf7722b6542803ed2a12dc75637b57b37d298f46e80d0c226b
98f1934d4812cde8cef638a862dd2b52a2e5052e18ad4717324b7521cb6295ae
a63a081ea69c66fd11719e6b6bd76b230728fdf67a16bb5ef26e45eb2d2bc23a
c9650d5ccf8c9d0ece248e5c1476dc2af9506023ea837eea901db3213366e182
ce393f7584376960b66bee2dad39b7beeffe73d4ba7dfefee4f19e7c5f96942c
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
d8577728301dbbf96a0561220efdb10f2c6980b3203d159c5d92bdfe7ab570f5
df9ab4ec02bc24cb7bc96742ef4ad2859b512300f3fb3f3d4184da621236fec3
e5abfb0cfde36fa4f5cfe03519c2df99c0a8ec87dbd32ab464615b75d780b7b0
ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d
f3ca0da2f9d3951a418856c821e2120dc1a4fcf984682c39e099b9c04075745a
fa5b7ea31576281faefe8afb115aa1ac2a46c0e74590e8031a6161b54c9c8db0