scripts.ninjacat.io - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 18.206.19.123, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is scripts.ninjacat.io.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 12th 2019. Valid for: a year.

This is the only time scripts.ninjacat.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 7	18.206.19.123 18.206.19.123		14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	1

7 18.206.19.123 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: myppcreports.com

scripts.ninjacat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ninjacat.io 3 redirects scripts.ninjacat.io	116 KB
4	1

	Domain	Requested by
7	scripts.ninjacat.io	3 redirects scripts.ninjacat.io
4	1

This site contains no links.

Subject Issuer	Validity	Valid
*.ninjacat.io DigiCert SHA2 Secure Server CA	`2019-03-12` - `2020-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://scripts.ninjacat.io/errors.html?login=true
Frame ID: C53AF86DB96DAF7FDBBBF672E2779F7A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://scripts.ninjacat.io/ HTTP 301
https://scripts.ninjacat.io/ HTTP 302
https://scripts.ninjacat.io/login.php HTTP 302
https://scripts.ninjacat.io/errors.html?login=true Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

113 kB
Transfer

188 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://scripts.ninjacat.io/ HTTP 301
https://scripts.ninjacat.io/ HTTP 302
https://scripts.ninjacat.io/login.php HTTP 302
https://scripts.ninjacat.io/errors.html?login=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request errors.html Show response
scripts.ninjacat.io/
Redirect Chain

http://scripts.ninjacat.io/
https://scripts.ninjacat.io/
https://scripts.ninjacat.io/login.php
https://scripts.ninjacat.io/errors.html?login=true

4 KB
2 KB

96ms
96ms

Document
text/html

18.206.19.123
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.ninjacat.io/errors.html?login=true

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.206.19.123 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

myppcreports.com

Software

NinjaCat Hybrid Application Server /

Resource Hash

197e4e7070825525cba7837eb31fa817bfe7266f0fae73d56b842ddfc24eb17e

Security Headers

Name	Value
Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security	max-age=15780000;
X-Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
X-Xss-Protection	1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce

Request headers

:method: GET
:authority: scripts.ninjacat.io
:scheme: https
:path: /errors.html?login=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=l9tp8blo7gm12irq0l2drqbq21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 02 Oct 2019 12:38:03 GMT
content-type: text/html
content-length: 1145
access-control-allow-headers: x-socket-id,X-CSRF-TOKEN,Origin,X-Requested-With,Content-Type,Accept
access-control-allow-credentials: true
last-modified: Mon, 25 Jun 2018 13:51:19 GMT
etag: "1030-56f77ad1b986f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
server: NinjaCat Hybrid Application Server
strict-transport-security: max-age=15780000;
x-xss-protection: 1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer 'none'; usb 'none'
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ncreports.report-uri.com/a/d/g"}],"include_subdomains":true}
content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
x-content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly

Redirect headers

status: 302
date: Wed, 02 Oct 2019 12:38:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-headers: x-socket-id,X-CSRF-TOKEN,Origin,X-Requested-With,Content-Type,Accept
access-control-allow-credentials: true
x-protected-by: Sqreen
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /errors.html?login=true
server: NinjaCat Hybrid Application Server
strict-transport-security: max-age=15780000;
x-xss-protection: 1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer 'none'; usb 'none'
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ncreports.report-uri.com/a/d/g"}],"include_subdomains":true}
content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
x-content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly

GET
H2 200 shinobi.css
scripts.ninjacat.io/css/ 20 KB
4 KB 98ms
97ms Stylesheet
text/css 18.206.19.123
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.ninjacat.io/css/shinobi.css

Requested by

Host: scripts.ninjacat.io
URL: https://scripts.ninjacat.io/errors.html?login=true

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.206.19.123 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

myppcreports.com

Software

NinjaCat Hybrid Application Server /

Resource Hash

4f2a5eea435a5ed5faf8680fde0ebf9f55cc986324bd19ff33789fef3616fe35

Security Headers

Name	Value
Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security	max-age=15780000;
X-Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
X-Xss-Protection	1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://scripts.ninjacat.io/errors.html?login=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 12:38:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 3597
x-xss-protection: 1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jun 2019 01:22:52 GMT
server: NinjaCat Hybrid Application Server
etag: "4e49-58c581e05b00b-gzip"
strict-transport-security: max-age=15780000;
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ncreports.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
feature-policy: accelerometer 'none'; usb 'none'
content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
accept-ranges: bytes
access-control-allow-headers: x-socket-id,X-CSRF-TOKEN,Origin,X-Requested-With,Content-Type,Accept
access-control-allow-credentials: true
x-content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly

GET
H2 200 jquery1.10.2.min.js Show response
scripts.ninjacat.io/js/ 91 KB
33 KB 284ms
283ms Script
application/javascript 18.206.19.123
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.ninjacat.io/js/jquery1.10.2.min.js

Requested by

Host: scripts.ninjacat.io
URL: https://scripts.ninjacat.io/errors.html?login=true

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.206.19.123 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

myppcreports.com

Software

NinjaCat Hybrid Application Server /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security	max-age=15780000;
X-Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
X-Xss-Protection	1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://scripts.ninjacat.io/errors.html?login=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 12:38:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 32798
x-xss-protection: 1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Jun 2018 13:51:19 GMT
server: NinjaCat Hybrid Application Server
etag: "16bac-56f77ad1c82d1-gzip"
strict-transport-security: max-age=15780000;
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ncreports.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
feature-policy: accelerometer 'none'; usb 'none'
content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
accept-ranges: bytes
access-control-allow-headers: x-socket-id,X-CSRF-TOKEN,Origin,X-Requested-With,Content-Type,Accept
access-control-allow-credentials: true
x-content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly

GET
H2 200 ninjacat-error-compressor.png
scripts.ninjacat.io/images/ 73 KB
74 KB 97ms
96ms Image
image/png 18.206.19.123
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scripts.ninjacat.io/images/ninjacat-error-compressor.png

Requested by

Host: scripts.ninjacat.io
URL: https://scripts.ninjacat.io/errors.html?login=true

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.206.19.123 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

myppcreports.com

Software

NinjaCat Hybrid Application Server /

Resource Hash

5e8be6db59218dd8888c52fd011b86f052b33975470f25d05c4cf9ce005c88e4

Security Headers

Name	Value
Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security	max-age=15780000;
X-Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
X-Xss-Protection	1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://scripts.ninjacat.io/errors.html?login=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 12:38:03 GMT
status: 200
content-length: 74935
x-xss-protection: 1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Jun 2018 13:51:19 GMT
server: NinjaCat Hybrid Application Server
etag: "124b7-56f77ad1c2510"
strict-transport-security: max-age=15780000;
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ncreports.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/png
feature-policy: accelerometer 'none'; usb 'none'
content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
accept-ranges: bytes
access-control-allow-headers: x-socket-id,X-CSRF-TOKEN,Origin,X-Requested-With,Content-Type,Accept
access-control-allow-credentials: true
x-content-security-policy: default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			scripts.ninjacat.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: l9tp8blo7gm12irq0l2drqbq21

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
Strict-Transport-Security	max-age=15780000;
X-Content-Security-Policy	default-src http: https: wss: data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *; report-uri https://ncreports.report-uri.com/r/d/csp/reportOnly
X-Xss-Protection	1; mode=block; report=https://ncreports.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

scripts.ninjacat.io
18.206.19.123
197e4e7070825525cba7837eb31fa817bfe7266f0fae73d56b842ddfc24eb17e
4f2a5eea435a5ed5faf8680fde0ebf9f55cc986324bd19ff33789fef3616fe35
5e8be6db59218dd8888c52fd011b86f052b33975470f25d05c4cf9ce005c88e4
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

scripts.ninjacat.io Open in urlscan Pro 18.206.19.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

113 kBTransfer

188 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

scripts.ninjacat.io Open in urlscan Pro
18.206.19.123 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

113 kB
Transfer

188 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions