stafflogin.paywizard.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 54.76.196.212, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is stafflogin.paywizard.com.
TLS certificate: Issued by Amazon on March 7th 2021. Valid for: a year.

This is the only time stafflogin.paywizard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 5	54.76.196.212 54.76.196.212		16509 (AMAZON-02) (AMAZON-02)
4	1

5 54.76.196.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-196-212.eu-west-1.compute.amazonaws.com

stafflogin.paywizard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	paywizard.com 1 redirects stafflogin.paywizard.com	168 KB
4	1

	Domain	Requested by
5	stafflogin.paywizard.com	1 redirects stafflogin.paywizard.com
4	1

This site contains no links.

Subject Issuer	Validity	Valid
stafflogin.paywizard.com Amazon	`2021-03-07` - `2022-04-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/
Frame ID: F48F766DFD3551035F502CC0404ECAF8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

https://stafflogin.paywizard.com/ HTTP 302
https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/ Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

166 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stafflogin.paywizard.com/ HTTP 302
https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/
Redirect Chain

https://stafflogin.paywizard.com/
https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/

13 KB
14 KB

93ms
92ms

Document
text/html

54.76.196.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.196.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-196-212.eu-west-1.compute.amazonaws.com

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

6d7f5dc37ba6366d2b6cb007ae30853a1e5b78c90b9a1b79a4ece681964c9fef

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 05 Feb 2022 00:20:16 GMT
content-type: text/html; charset=utf-8
content-length: 13403
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-HTTPAPI/2.0
x-frame-options: DENY

Redirect headers

date: Sat, 05 Feb 2022 00:20:16 GMT
content-type: text/html; charset=UTF-8
content-length: 155
location: adfs/ls/idpinitiatedsignon.aspx/
server: Microsoft-IIS/10.0

GET
H2 200 style.css
stafflogin.paywizard.com/adfs/portal/css/ 8 KB
8 KB 40ms
40ms Stylesheet
text/css 54.76.196.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stafflogin.paywizard.com/adfs/portal/css/style.css?id=026E060A473735E13E3B3A737F91A03264E5BE86F772F4B07BB623ED7EA7D37C
Requested by: Host: stafflogin.paywizard.com
URL: https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.196.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-196-212.eu-west-1.compute.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: ced6a1de4345c43d6106c2c8fa44b22d14d46af0163ab6e5252fa6052b052aa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 00:20:16 GMT
expires: Mon, 07 Mar 2022 00:20:16 GMT
server: Microsoft-HTTPAPI/2.0
etag: 026E060A473735E13E3B3A737F91A03264E5BE86F772F4B07BB623ED7EA7D37C
content-length: 8161
content-type: text/css

GET
H2 200 logo.png
stafflogin.paywizard.com/adfs/portal/logo/ 11 KB
11 KB 45ms
44ms Image
image/png 54.76.196.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stafflogin.paywizard.com/adfs/portal/logo/logo.png?id=BD1A5A4AB32D922E31D3DDBB98D85818C0952842FA703E53A7B0F22E8634351F
Requested by: Host: stafflogin.paywizard.com
URL: https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.196.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-196-212.eu-west-1.compute.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: bd1a5a4ab32d922e31d3ddbb98d85818c0952842fa703e53a7b0f22e8634351f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 00:20:16 GMT
expires: Mon, 07 Mar 2022 00:20:16 GMT
server: Microsoft-HTTPAPI/2.0
etag: BD1A5A4AB32D922E31D3DDBB98D85818C0952842FA703E53A7B0F22E8634351F
content-length: 10956
content-type: image/png

GET
H2 200 illustration.png
stafflogin.paywizard.com/adfs/portal/illustration/ 134 KB
135 KB 43ms
42ms Image
image/png 54.76.196.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stafflogin.paywizard.com/adfs/portal/illustration/illustration.png?id=D093195BC0CB71400E55139ED566715A3979265F5BD6FC73BD5FD817A23D049B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.196.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-196-212.eu-west-1.compute.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: d093195bc0cb71400e55139ed566715a3979265f5bd6fc73bd5fd817a23d049b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stafflogin.paywizard.com/adfs/ls/idpinitiatedsignon.aspx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 00:20:16 GMT
expires: Mon, 07 Mar 2022 00:20:16 GMT
server: Microsoft-HTTPAPI/2.0
etag: D093195BC0CB71400E55139ED566715A3979265F5BD6FC73BD5FD817A23D049B
content-length: 137332
content-type: image/png

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			stafflogin.paywizard.com/	1970-01-20 00:50:25	Name: AWSALB Value: 1+Ol9NaYG0Q0efz6xsWGrV4/hUutBCrsqwMlQku3qQMv2zUxh9JDiVap8gMKRF2TdAOUOufGQ4X6ypLfhAA/KryWyac0NF6P5R5vcC0SFuE7EgsJ1QMYlCU5a7uz
			stafflogin.paywizard.com/	1970-01-20 00:50:25	Name: AWSALBCORS Value: 1+Ol9NaYG0Q0efz6xsWGrV4/hUutBCrsqwMlQku3qQMv2zUxh9JDiVap8gMKRF2TdAOUOufGQ4X6ypLfhAA/KryWyac0NF6P5R5vcC0SFuE7EgsJ1QMYlCU5a7uz

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

stafflogin.paywizard.com
54.76.196.212
6d7f5dc37ba6366d2b6cb007ae30853a1e5b78c90b9a1b79a4ece681964c9fef
bd1a5a4ab32d922e31d3ddbb98d85818c0952842fa703e53a7b0f22e8634351f
ced6a1de4345c43d6106c2c8fa44b22d14d46af0163ab6e5252fa6052b052aa3
d093195bc0cb71400e55139ed566715a3979265f5bd6fc73bd5fd817a23d049b

stafflogin.paywizard.com Open in urlscan Pro 54.76.196.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

168 kBTransfer

166 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

stafflogin.paywizard.com Open in urlscan Pro
54.76.196.212 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

166 kB
Size

2
Cookies

4 HTTP transactions
0 data transactions