ng-app.com
Open in
urlscan Pro
91.241.95.201
Public Scan
Effective URL: https://ng-app.com/YellowDot/spinthewheel-24-no-23401220000030951-otp-web?trfsrc=CBT&trxId=Hg4LAXlENV_d0KGejK5pz_w5...
Submission: On August 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 21st 2024. Valid for: a year.
This is the only time ng-app.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2600:9000:237... 2600:9000:237d:f400:15:180f:100:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 13.247.27.55 13.247.27.55 | 16509 (AMAZON-02) (AMAZON-02) | |
3 9 | 91.241.95.201 91.241.95.201 | 49582 (UPSTREAM-...) (UPSTREAM-AS Greece) | |
1 | 91.241.94.108 91.241.94.108 | 49582 (UPSTREAM-...) (UPSTREAM-AS Greece) | |
2 | 91.241.95.160 91.241.95.160 | 49582 (UPSTREAM-...) (UPSTREAM-AS Greece) | |
9 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-247-27-55.af-south-1.compute.amazonaws.com
clicks.valueplusagency.com | |
backend.valueplusagency.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
ng-app.com
3 redirects
ng-app.com — Cisco Umbrella Rank: 584272 |
120 KB |
2 |
secure-d.io
web-ng-mtn.secure-d.io — Cisco Umbrella Rank: 845864 |
1 KB |
2 |
valueplusagency.com
2 redirects
clicks.valueplusagency.com backend.valueplusagency.com |
705 B |
2 |
veratsrun.net
2 redirects
track.veratsrun.net |
1 KB |
1 |
securewebfraud.io
analytics-ng-mtn.securewebfraud.io — Cisco Umbrella Rank: 910123 |
515 B |
9 | 5 |
Domain | Requested by | |
---|---|---|
9 | ng-app.com |
3 redirects
ng-app.com
|
2 | web-ng-mtn.secure-d.io |
ng-app.com
|
2 | track.veratsrun.net | 2 redirects |
1 | analytics-ng-mtn.securewebfraud.io |
ng-app.com
|
1 | backend.valueplusagency.com | 1 redirects |
1 | clicks.valueplusagency.com | 1 redirects |
9 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ng-app.com Go Daddy Secure Certificate Authority - G2 |
2024-03-21 - 2025-03-21 |
a year | crt.sh |
*.securewebfraud.io Go Daddy Secure Certificate Authority - G2 |
2023-08-23 - 2024-09-23 |
a year | crt.sh |
*.secure-d.io Go Daddy Secure Certificate Authority - G2 |
2023-08-23 - 2024-09-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ng-app.com/YellowDot/spinthewheel-24-no-23401220000030951-otp-web?trfsrc=CBT&trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk
Frame ID: A22CF8A47022E266B4039AB792E86DF0
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://track.veratsrun.net/5fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f?pubid=85241_21675&r=c0e6f2604df44deab16...
HTTP 307
https://track.veratsrun.net/5fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f?pubid=85241_21675&r=c0e6f2604df44deab16... HTTP 307
https://track.veratsrun.net/5fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f/2?pubid=85241_21675&r=c0e6f2604df44deab... HTTP 302
https://clicks.valueplusagency.com/redirect/Hg4LAXlENV?trfsrc=CBT&trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j... HTTP 301
https://backend.valueplusagency.com/api/v1/cc/redirect/Hg4LAXlENV?trfsrc=CBT&trxId=Hg4LAXlENV_d0KGejK5pz_w517igl... HTTP 302
http://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5... HTTP 307
https://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5... HTTP 302
http://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5... HTTP 307
http://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5... HTTP 302
https://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5... HTTP 302
https://ng-app.com/YellowDot/spinthewheel-24-no-23401220000030951-otp-web?trfsrc=CBT&trxId=Hg4L... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://track.veratsrun.net/5fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f?pubid=85241_21675&r=c0e6f2604df44deab16adc92374aa8602602e
HTTP 307
https://track.veratsrun.net/5fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f?pubid=85241_21675&r=c0e6f2604df44deab16adc92374aa8602602e HTTP 307
https://track.veratsrun.net/5fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f/2?pubid=85241_21675&r=c0e6f2604df44deab16adc92374aa8602602e HTTP 302
https://clicks.valueplusagency.com/redirect/Hg4LAXlENV?trfsrc=CBT&trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk HTTP 301
https://backend.valueplusagency.com/api/v1/cc/redirect/Hg4LAXlENV?trfsrc=CBT&trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk HTTP 302
http://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk&trfsrc=CBT HTTP 307
https://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk&trfsrc=CBT HTTP 302
http://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk&trfsrc=CBT HTTP 307
http://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk&trfsrc=CBT HTTP 302
https://ng-app.com/YellowDot/SpinTheWheel-24-No-23401220000030951-Web?trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk&trfsrc=CBT HTTP 302
https://ng-app.com/YellowDot/spinthewheel-24-no-23401220000030951-otp-web?trfsrc=CBT&trxId=Hg4LAXlENV_d0KGejK5pz_w517igl67p0i2p53j0v303ukSRCID85241_21675w517igl67p0i2p53j0v303uk Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
spinthewheel-24-no-23401220000030951-otp-web
ng-app.com/YellowDot/ Redirect Chain
|
172 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
YellowDot-spinthewheel-24-no-23401220000030951-otp-web.css
ng-app.com/YellowDot/assets/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fallback-image-320x160.jpg
ng-app.com/YellowDot/assets/images/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fallback-logo.png
ng-app.com/YellowDot/assets/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AQ4z3knA_O865L-HsOzIydFIBrUS-eYUhMxvnZaoVs6p2hEV4JAc4OCRfks3ySkIKUeG
analytics-ng-mtn.securewebfraud.io/web/v1/content/view/Confirmation/ng_mtn/ |
51 B 515 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AQ4z3knA_O865L-HsOzIydFIBrUS-eYUhMxvnZaoVs6p2hEV4JAc4OCRfks3ySkIKUeG
web-ng-mtn.secure-d.io/web/v1/content/view/Confirmation/ng_mtn/ |
51 B 503 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SpintheWheel-image-320x160.jpg
ng-app.com/assets/images/NMD/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SpintheWheel-logo.png
ng-app.com/assets/images/NMD/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn-image.png
web-ng-mtn.secure-d.io/web/v1/content/ |
68 B 522 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _0x36c9 function| _0x573a object| dataLayer string| CURRENT_APP_URL string| AJAX_EVENT_ENDPOINT function| secureDMsisdnValidationFn function| trimMsisdnFn function| prefillValues function| countryCode object| btn object| inp7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.track.veratsrun.net/ | Name: 5fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f-v4 Value: dO6m5gTubNEujgI_YiiZgrDhoNcpbf644q4ZQdPYxts |
|
.track.veratsrun.net/ | Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w517igl67p0i2p53j0v303uk%22%2C%22caid%22%3A%225fc6fa12-3ad3-4ea8-b3ac-87bce0ab919f%22%7D |
|
.ng-app.com/ | Name: TS01e2a186 Value: 01b02e3e89d187edc7724b467be8a5e1c1d615c4d746146f09a342d93d1b25525ef571986b8ff3514cb529d2d145d7990ba67b46e9 |
|
ng-app.com/ | Name: ng_session Value: eyJpdiI6IlFTVWdoNE1ENWMyR3YyTjByVytyTEE9PSIsInZhbHVlIjoibzZxNDRwbEhoWW5QM3JhMXRqRG9pSW5QaFp3S01KRW1iVjlZZ25jRXkxamxncnhPUnBxV0Q0akIxQ1dlR2svN0RVQ2hsckpGM0hPYjMvVWh6cUhhbXFvNW1kY0VwZkFoR1dzTW9oVVUzNVFwL0FIVGc2WmdBR3JXZFpXbGpGY2EiLCJtYWMiOiJiNjJjZTcxNDFhMWY4ZmJhYzAyMGNiN2NiZjExOTlmYWI4MWFhZDRkYjMwZmY3M2EzYTVhZjliN2UzOGNhZDQwIiwidGFnIjoiIn0%3D |
|
ng-app.com/ | Name: userPermID Value: eyJpdiI6Ikc5SWJwdThjT0pLWWYycGZxSEg1VFE9PSIsInZhbHVlIjoidzUvQitIUWZkcm9Ed1pPRWZMbnNweGRMVThtTE9LSDdLZlRvVTdyRU5OMkpCNVlSREtWLy9XQWZmRWVWbm9PMmhiVzU5c294Y0d6d2F5OWlwbmF6d2RaQ2hvZFUxSXJ2a3JNcisyQ283dTg9IiwibWFjIjoiYjZmOGUyYmU5MTVhYzVhMTBlNTg2NGIwNGYyZjU2NjI0N2QzNmZiZWZmMWZiYTljYTdiOGZjNTBkZGIzNjU1MyIsInRhZyI6IiJ9 |
|
ng-app.com/ | Name: userSessionID Value: eyJpdiI6IjdsOVluTkI3OWNhdDArSlJxM0hDRXc9PSIsInZhbHVlIjoiU2t3NVd3NkVBV3R2dzF1Wk1WMWw5U3R4cjZHQjA0WXdEK3M0eWpmOE1LUnU0Z2RHNmx3OVNiRmd0ZWpCRmQ1MFM5SUJzaW1KOFlEcHIreFFBN2h3VTJCNWt1YS9McXpYWDU2aVB2MFNnZzg9IiwibWFjIjoiNmU0OWY0NzliZjA2M2I2YmZhY2U3YmI2NzJjNTAyOTI2NDI0MmViYjhmMzMzNmVlZWQ2Mjg1YmYyOTExOTJjMCIsInRhZyI6IiJ9 |
|
ng-app.com/ | Name: ctxid Value: eyJpdiI6IjJwL2k5NkI4Q2E5YVJpMkpvNUIzS0E9PSIsInZhbHVlIjoiR1p5djZkK0hLNWc0cDlSWWx5cFVsa1JLZ1VSYmE1emovcUM4YnBSbFZ2OU93b2owV0NTMEluZzhERWlDNWc1YWJ4U3U4aytsQ0R1UDVmcXZ2VzFCVndVRkZYSEZmM3crVUc2MnFnMzM5Q0E9IiwibWFjIjoiYTdhNTQwNDI4NmE3MjI0NzcxM2QzMWRiNDNlMDM2YzY1MGFiM2IzNjU1NWQzZmM1NGVkYWU3ZTY5NGI1NWE5ZCIsInRhZyI6IiJ9 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0; includeSubDomains |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics-ng-mtn.securewebfraud.io
backend.valueplusagency.com
clicks.valueplusagency.com
ng-app.com
track.veratsrun.net
web-ng-mtn.secure-d.io
13.247.27.55
2600:9000:237d:f400:15:180f:100:93a1
91.241.94.108
91.241.95.160
91.241.95.201
404e37352e9423fadc43f6549631d0cf841acce893885c0165b874aa3c1560cb
54e5589e7d70511ebfce74fff2d9b168870a8973e39ee78693c06ca3aa7398fd
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
7a63692b12529fdbc194a9415e278822fe03a51f0a4fc5f919b81917273e42c6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
b3c4c3e8172de63abb89fa5a25b19695637116b9d2b0ee17a197a6f948059649
bf330c6355b4f3417911b699919d14a63be4921f817d05f8541c1ba748fc87a9
f3b71c1e48bf1c7c2d944829c7a90f472058cde3bab7e6e4f62a0b25ad94df15