ims.saltpay.co Open in urlscan Pro
195.22.26.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ims.saltpay.co/
Effective URL:
https://ims.saltpay.co/Account/LogOn
Submission: On January 15 via automatic, source certstream-suspicious (January 15th 2021, 6:29:18 pm UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 195.22.26.103, located in Portugal and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is ims.saltpay.co.
TLS certificate: Issued by R3 on January 15th 2021. Valid for: 3 months.

This is the only time ims.saltpay.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 11	195.22.26.103 195.22.26.103		8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
11	2

11 195.22.26.103 (Portugal) 1 redirects

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
PTR: exchange.polisport.com

ims.saltpay.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	saltpay.co 1 redirects ims.saltpay.co	240 KB
0	googleapis.com Failed maps.googleapis.com Failed
11	2

	Domain	Requested by
11	ims.saltpay.co	1 redirects ims.saltpay.co
0	maps.googleapis.com Failed	ims.saltpay.co
11	2

This site contains no links.

Subject Issuer	Validity	Valid
ims.saltpay.co R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ims.saltpay.co/Account/LogOn
Frame ID: FF1E2C7E32405C2BFA3E5502F8BB62E6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ims.saltpay.co/ HTTP 302
https://ims.saltpay.co/Account/LogOn Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

239 kB
Transfer

727 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ims.saltpay.co/ HTTP 302
https://ims.saltpay.co/Account/LogOn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request LogOn Show response ims.saltpay.co/Account/ Redirect Chain https://ims.saltpay.co/ https://ims.saltpay.co/Account/LogOn	2 KB 1 KB	72ms 72ms	Document text/html	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/Account/LogOn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `2d0b736a9699a86364e7b5785f4ce836353bf0575ad2a00154c1672180f87740` Request headers :method GET :authority ims.saltpay.co :scheme https :path /Account/LogOn pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie ASP.NET_SessionId=2s50k45mkrrzfeeyh0v3t2rz Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cache-control no-cache pragma no-cache content-type text/html; charset=utf-8 content-encoding gzip expires -1 vary Accept-Encoding server Microsoft-IIS/10.0 x-aspnetmvc-version 4.0 x-aspnet-version 4.0.30319 set-cookie __RequestVerificationToken=BWL6LTylEjk3uTgeOznl4EYT42LBoqzgWPfv_HY5gi97irPIdSCvY0Pq7gqZnOhCXXeDCUxcWyR37H8m_COeuQ2MuAcNk8fFzQzmNDjVCb4QpEsllmwgiEgQ1ZRKCcxaSuv7oHFrvAnA74MB0vx9Ag2; path=/; HttpOnly .AspNet.Cookies=; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; secure; HttpOnly x-powered-by ASP.NET date Fri, 15 Jan 2021 18:29:02 GMT content-length 1209 Redirect headers cache-control private content-type text/html; charset=utf-8 location /Account/LogOn server Microsoft-IIS/10.0 x-aspnetmvc-version 4.0 x-aspnet-version 4.0.30319 set-cookie ASP.NET_SessionId=2s50k45mkrrzfeeyh0v3t2rz; path=/; HttpOnly; SameSite=Lax .ASPXAUTH=; expires=Mon, 11-Oct-1999 23:00:00 GMT; path=/; HttpOnly; SameSite=Lax x-powered-by ASP.NET date Fri, 15 Jan 2021 18:29:02 GMT content-length 131
GET H2	200	css ims.saltpay.co/css/	270 KB 58 KB	91ms 90ms	Stylesheet text/css	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/css/css?v=7D48mswY3AVsIRVPigymh8m-czhcfQUCJWX-l0Y6L4I1 Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Account/LogOn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `309534ab3db7fe9a91d25f2112ab1998d71bee3e594b7666565e32a02fd78785` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT content-encoding gzip last-modified Fri, 15 Jan 2021 18:29:02 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/css; charset=utf-8 cache-control public content-length 59729 expires Sat, 15 Jan 2022 18:29:02 GMT
GET H2	200	rating.css ims.saltpay.co/css/	1 KB 669 B	75ms 74ms	Stylesheet text/css	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/css/rating.css Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Account/LogOn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `8eda21d62e5a6fa7aa5a6a8ec3021e0fa68ab6257bcdcfc7dcf777a0d1ddcacf` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT content-encoding gzip last-modified Fri, 11 Dec 2020 14:04:44 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "38b794c6cfd61:0" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 577
GET H2	200	js Show response ims.saltpay.co/Scripts/	410 KB 159 KB	213ms 212ms	Script text/javascript	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/Scripts/js?v=UEphlxzZRy5aoUeU0YiAamG3mst0Lm2vDfCzsxuMyd01 Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Account/LogOn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `6474975e1bdcfdd380e5e5e25c637044865eb3b9183102eddaa38ed74ee89710` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT content-encoding gzip last-modified Fri, 15 Jan 2021 18:29:02 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public expires Sat, 15 Jan 2022 18:29:02 GMT
GET H2	200	rating.js Show response ims.saltpay.co/Scripts/	17 KB 6 KB	192ms 192ms	Script application/javascript	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/Scripts/rating.js Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Account/LogOn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `b42d6d31857186c557ea83b51a76b258774282b0baa3c81b0ef7ca1abe32d484` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT content-encoding gzip last-modified Fri, 11 Dec 2020 14:04:44 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "e3d99693c6cfd61:0" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5979
GET H2	200	user.png ims.saltpay.co/img/	3 KB 3 KB	70ms 70ms	Image image/png	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://ims.saltpay.co/img/user.png Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Account/LogOn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `264ecea7cfaaf13aa564cba30f7f9573b392d15025fe1b998c017ea337174f4e` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT last-modified Fri, 11 Dec 2020 14:04:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "e9b93c94c6cfd61:0" content-type image/png accept-ranges bytes content-length 2650
GET H2	200	salt_logo.png ims.saltpay.co/img/	1 KB 2 KB	69ms 69ms	Image image/png	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://ims.saltpay.co/img/salt_logo.png Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Account/LogOn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5fa54c502d4df67d4c2a6436d74f5cf48bea98c55e4605be01dc8322baa80b60` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT last-modified Fri, 11 Dec 2020 14:04:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "58e23b94c6cfd61:0" content-type image/png accept-ranges bytes content-length 1509
GET		js maps.googleapis.com/maps/api/	0 0

GET H2	200	shim.css ims.saltpay.co/Scripts/shims/styles/	7 KB 3 KB	70ms 70ms	Stylesheet text/css	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/Scripts/shims/styles/shim.css Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Scripts/js?v=UEphlxzZRy5aoUeU0YiAamG3mst0Lm2vDfCzsxuMyd01 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `f10c3eb99577c94c7a3c399c789b1c22918d26d574ed16ca2f52ee8adc1df4e7` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT content-encoding gzip last-modified Fri, 11 Dec 2020 14:04:44 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "e058a593c6cfd61:0" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2615
GET H2	200	form-core.js Show response ims.saltpay.co/Scripts/shims/	4 KB 2 KB	69ms 69ms	Script application/javascript	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/Scripts/shims/form-core.js Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Scripts/js?v=UEphlxzZRy5aoUeU0YiAamG3mst0Lm2vDfCzsxuMyd01 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `476613e1430d4b58f550b47d0e3dc4bef07f177bdd007da0089e536eac4be3e4` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT content-encoding gzip last-modified Fri, 11 Dec 2020 14:04:44 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "3e39b93c6cfd61:0" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1793
GET H2	200	form-validation.js Show response ims.saltpay.co/Scripts/shims/	12 KB 5 KB	74ms 74ms	Script application/javascript	195.22.26.103 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://ims.saltpay.co/Scripts/shims/form-validation.js Requested by Host: ims.saltpay.co URL: https://ims.saltpay.co/Scripts/js?v=UEphlxzZRy5aoUeU0YiAamG3mst0Lm2vDfCzsxuMyd01 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.22.26.103 , Portugal, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS exchange.polisport.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `20aa12770667c6c948ea108b3d51535ad19e197f647c184741eb973d43b7b7a8` Request headers Referer https://ims.saltpay.co/Account/LogOn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 15 Jan 2021 18:29:02 GMT content-encoding gzip last-modified Fri, 11 Dec 2020 14:04:44 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "407f9c93c6cfd61:0" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5529

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?sensor=false

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ims.saltpay.co/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: BWL6LTylEjk3uTgeOznl4EYT42LBoqzgWPfv_HY5gi97irPIdSCvY0Pq7gqZnOhCXXeDCUxcWyR37H8m_COeuQ2MuAcNk8fFzQzmNDjVCb4QpEsllmwgiEgQ1ZRKCcxaSuv7oHFrvAnA74MB0vx9Ag2
			ims.saltpay.co/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2s50k45mkrrzfeeyh0v3t2rz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ims.saltpay.co
maps.googleapis.com
maps.googleapis.com
195.22.26.103
20aa12770667c6c948ea108b3d51535ad19e197f647c184741eb973d43b7b7a8
264ecea7cfaaf13aa564cba30f7f9573b392d15025fe1b998c017ea337174f4e
2d0b736a9699a86364e7b5785f4ce836353bf0575ad2a00154c1672180f87740
309534ab3db7fe9a91d25f2112ab1998d71bee3e594b7666565e32a02fd78785
476613e1430d4b58f550b47d0e3dc4bef07f177bdd007da0089e536eac4be3e4
5fa54c502d4df67d4c2a6436d74f5cf48bea98c55e4605be01dc8322baa80b60
6474975e1bdcfdd380e5e5e25c637044865eb3b9183102eddaa38ed74ee89710
8eda21d62e5a6fa7aa5a6a8ec3021e0fa68ab6257bcdcfc7dcf777a0d1ddcacf
b42d6d31857186c557ea83b51a76b258774282b0baa3c81b0ef7ca1abe32d484
f10c3eb99577c94c7a3c399c789b1c22918d26d574ed16ca2f52ee8adc1df4e7

ims.saltpay.co Open in urlscan Pro 195.22.26.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

239 kBTransfer

727 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

2 Cookies

Indicators

ims.saltpay.co Open in urlscan Pro
195.22.26.103 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

239 kB
Transfer

727 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions