urlscan.io logo urlscan.io
SecurityTrails logo

payment-staging.piranhaprofits.com Open in urlscan Pro
2a05:d014:58f:6200::64  Public Scan

Go To Rescan Add Verdict Report
URL: https://payment-staging.piranhaprofits.com/
Submission: On May 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2a05:d014:58f:6200::64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is payment-staging.piranhaprofits.com.
TLS certificate: Issued by R3 on May 30th 2024. Valid for: 3 months.
This is the only time payment-staging.piranhaprofits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a05:d014:58f... 16509 (AMAZON-02)
1 108.138.36.106 16509 (AMAZON-02)
1 108.138.36.93 16509 (AMAZON-02)
7 3
Apex Domain
Subdomains		 Transfer
5 piranhaprofits.com
payment-staging.piranhaprofits.com
230 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
148 KB
7 2
Domain Requested by
5 payment-staging.piranhaprofits.com payment-staging.piranhaprofits.com
2 js.stripe.com payment-staging.piranhaprofits.com
js.stripe.com
7 2

This site contains no links.

Subject Issuer Validity Valid
payment-staging.piranhaprofits.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://payment-staging.piranhaprofits.com/
Frame ID: 9AF4672DB5473CE8CDB0EE3FB92185E6
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 4270C220453C978A0B6F1CA89EA9B868
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Piranha Profits

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

379 kB
Transfer

1465 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payment-staging.piranhaprofits.com/ 		669 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://payment-staging.piranhaprofits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
bd6877c4e2450b8304a6ed52c59ea7a232aa3403c29c2b7979c608e94b0d87f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; fwd=miss
content-length
669
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 02:28:02 GMT
etag
"d42d55e95a9b3c35376e286a1eab84a3-ssl"
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01HZ3N6RSP46P3ZRS5VRT255VF
main.415a918c.js
payment-staging.piranhaprofits.com/static/js/ 		602 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment-staging.piranhaprofits.com/static/js/main.415a918c.js
Requested by
Host: payment-staging.piranhaprofits.com
URL: https://payment-staging.piranhaprofits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
954e136dc20591cc95f57d4b1d267759225e1a538245d3e479f5bee559ce9559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment-staging.piranhaprofits.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HZ3N6RY0PFZFM8HFVPEMZ5XD
date
Thu, 30 May 2024 02:28:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"034cc6ceeef44302d1ccc635b9dfdf5b-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
main.32edf45f.css
payment-staging.piranhaprofits.com/static/css/ 		234 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment-staging.piranhaprofits.com/static/css/main.32edf45f.css
Requested by
Host: payment-staging.piranhaprofits.com
URL: https://payment-staging.piranhaprofits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
5505ff04bcb81441fbd7a1829c1bd7959c3129916e0519d20c4d304036564426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment-staging.piranhaprofits.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HZ3N6RY1WQS7RR9R6JQEYEV8
date
Thu, 30 May 2024 02:28:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"c8cc50c37eb282ce38526d9dde747edd-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
v3
js.stripe.com/ 		604 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: payment-staging.piranhaprofits.com
URL: https://payment-staging.piranhaprofits.com/static/js/main.415a918c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-106.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8ae573f35680848d980ce6355053562a3246f11efe0d96021aad372a779819e7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment-staging.piranhaprofits.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 02:27:48 GMT
content-encoding
br
via
1.1 cdf03e675736c21829fede7b370fd99a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
15
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
last-modified
Thu, 30 May 2024 01:59:54 GMT
server
Cloudfront
etag
W/"5c01d4635297eec612e0a1e26b4a9d7c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
AnkTbemTPJghDZIr6lefx1_MQMHPZXEOb4DuH4kZzFSsy3crfyyL_w==
pp_fish_image.webp
payment-staging.piranhaprofits.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment-staging.piranhaprofits.com/pp_fish_image.webp
Requested by
Host: payment-staging.piranhaprofits.com
URL: https://payment-staging.piranhaprofits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
8f2a7b4b71368068223787353df2aef72ab360ab04403f2f3fbaf2bdb084d71f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment-staging.piranhaprofits.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HZ3N6S6879FE949GPBG7JAY3
date
Thu, 30 May 2024 02:28:02 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"2e58d3c3dc6e4485f9f90edf1e4761d6-ssl"
content-type
image/webp
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
23860
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 4270 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-93.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment-staging.piranhaprofits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2973
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 01:38:47 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 24 May 2024 23:49:19 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
x-amz-cf-id
lk39S37dvmXEeTZ6pbB-Sb6D6TJKqrIVKQ2VeNXoa01KudSwXYTDaQ==
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
logo.png
payment-staging.piranhaprofits.com/ 		740 B
860 B 		Other
General
Check archive.org
Download Go to
Full URL
https://payment-staging.piranhaprofits.com/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
6b05d8f966569084893dcef5e4f9b40dcb6d861e61af5eb41d76db7118d16469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment-staging.piranhaprofits.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HZ3N6SMNXBPZKHZ4T6RE8GA6
date
Thu, 30 May 2024 02:28:03 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
2
cache-status
"Netlify Edge"; fwd=miss
etag
"2895416e884a1de331d67f4d38e05e1c-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
740

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkfrontend_pp_ecommerce number| uidEvent string| __reactRouterVersion object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 31bafee2-d287-4dfc-a826-6df0efc59fefe94756
.payment-staging.piranhaprofits.com/ Name: __stripe_mid
Value: 1506c8fa-3fb5-4aae-a98a-48caf6ae25a1c71373
.payment-staging.piranhaprofits.com/ Name: __stripe_sid
Value: c7c31706-8774-4e22-89fd-153000e6f3d1659602

1 Console Messages

Source Level URL
Text
other warning URL: https://payment-staging.piranhaprofits.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000