click.pagina.ninja
Open in
urlscan Pro
2606:4700:3033::681f:46a7
Public Scan
Effective URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Submission: On March 25 via api from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.
This is the only time click.pagina.ninja was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 2606:4700:303... 2606:4700:3033::681f:46a7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:4104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 185.199.109.153 185.199.109.153 | 54113 (FASTLY) (FASTLY) | |
2 | 2606:4700:303... 2606:4700:3035::681c:b51 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:303... 2606:4700:3034::6818:6710 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:20:... 2606:4700:20::681a:b28 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3031::6818:72a9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
15 | 8 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
pagina.ninja
1 redirects
click.pagina.ninja |
5 KB |
2 |
gstatic.com
fonts.gstatic.com |
25 KB |
2 |
contato.io
blob.contato.io |
420 KB |
2 |
googleapis.com
fonts.googleapis.com |
1 KB |
2 |
leadlovers.com.br
leadlovers.com.br |
9 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
33 KB |
1 |
llimages.com
1 redirects
blob.llimages.com |
246 B |
1 |
leadlovers.com
1 redirects
blob.leadlovers.com |
248 B |
1 |
github.io
pingendo.github.io |
22 KB |
1 |
bootstrapcdn.com
netdna.bootstrapcdn.com |
10 KB |
15 | 10 |
Domain | Requested by | |
---|---|---|
4 | click.pagina.ninja |
1 redirects
click.pagina.ninja
|
2 | fonts.gstatic.com |
cdnjs.cloudflare.com
|
2 | blob.contato.io |
click.pagina.ninja
|
2 | fonts.googleapis.com |
click.pagina.ninja
|
2 | leadlovers.com.br |
click.pagina.ninja
|
2 | cdnjs.cloudflare.com |
click.pagina.ninja
|
1 | blob.llimages.com | 1 redirects |
1 | blob.leadlovers.com | 1 redirects |
1 | pingendo.github.io |
click.pagina.ninja
|
1 | netdna.bootstrapcdn.com |
click.pagina.ninja
|
15 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-31 - 2020-10-09 |
8 months | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
www.github.com DigiCert SHA2 High Assurance Server CA |
2018-06-27 - 2020-06-20 |
2 years | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Frame ID: D9B146B45E88A4430F3153FC39235063
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.pagina.ninja/redirect/redirect.aspx?A=U&u=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
HTTP 302
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- url /\.aspx?(?:$|\?)/i
- html /<input[^>]+name="__VIEWSTATE/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
- html /<input[^>]+name="__VIEWSTATE/i
IIS (Web Servers) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
- html /<input[^>]+name="__VIEWSTATE/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.pagina.ninja/redirect/redirect.aspx?A=U&u=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
HTTP 302
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://blob.leadlovers.com/machine-user-images/img-18341-20160727155753.jpg HTTP 301
- https://blob.llimages.com/machine-user-images/img-18341-20160727155753.jpg HTTP 301
- https://blob.contato.io/machine-user-images/img-18341-20160727155753.jpg
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
descadastro.aspx
click.pagina.ninja/redirect/ Redirect Chain
|
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/ |
82 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
netdna.bootstrapcdn.com/bootstrap/3.3.4/js/ |
35 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
pingendo.github.io/pingendo-bootstrap/themes/default/ |
141 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
leadlovers.com.br/scripts/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.countdown.js
leadlovers.com.br/squeeze/countdown/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome
click.pagina.ninja/redirect/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 660 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
machine-unsub-304976-.jpg
blob.contato.io/machines-logo/ |
129 KB 129 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
767 B 432 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome
click.pagina.ninja/redirect/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-18341-20160727155753.jpg
blob.contato.io/machine-user-images/ Redirect Chain
|
290 KB 291 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
click.pagina.ninja/ | Name: ASP.NET_SessionId Value: deqwylioog5sqv4ph0afcnkd |
|
.pagina.ninja/ | Name: __cfduid Value: d5d95206a4052142052684d95250272771585171736 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blob.contato.io
blob.leadlovers.com
blob.llimages.com
cdnjs.cloudflare.com
click.pagina.ninja
fonts.googleapis.com
fonts.gstatic.com
leadlovers.com.br
netdna.bootstrapcdn.com
pingendo.github.io
185.199.109.153
2001:4de0:ac19::1:b:2a
2606:4700:20::681a:b28
2606:4700:3031::6818:72a9
2606:4700:3033::681f:46a7
2606:4700:3034::6818:6710
2606:4700:3035::681c:b51
2606:4700::6811:4104
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2003
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
47ab023691eeed8f1eff1479fb882b115dd905ca3dabd01171f0896c6a2e52dc
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
8073a7901a06c9aa7dd59c29800b9e4f7ec54c0ab02bfb92ef490e9fbc1677f4
8201ff75eb49daeca150e69eabbafb557975fdfa7ac2562d89eb8e5de0fcf478
a2f770c587a9a46d55b8a008e108ea033338a3b35f19f26b146973b57728b562
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
cb2de945644336fc4016102ae01c11e4953e8477b8f527d6f54efc669b0fbf42
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
eaaabd39bd8fbd6c9c56d9f085d69866a89b0c8327c5d33b72a8b17eb3e0ca4d