pay.twayair.com
Open in
urlscan Pro
104.18.15.82
Public Scan
Effective URL: https://pay.twayair.com/app/main
Submission Tags: 0xscam
Submission: On April 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 2nd 2024. Valid for: 3 months.
This is the only time pay.twayair.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 104.18.15.82 104.18.15.82 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700::68... 2606:4700::6811:f5cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 104.16.85.20 104.16.85.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.18.14.82 104.18.14.82 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
twayair.com
1 redirects
pay.twayair.com contents-image.twayair.com — Cisco Umbrella Rank: 751608 |
11 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
1 MB |
2 |
unpkg.com
1 redirects
unpkg.com — Cisco Umbrella Rank: 744 |
97 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
5 | pay.twayair.com |
1 redirects
pay.twayair.com
|
3 | cdn.jsdelivr.net |
pay.twayair.com
cdn.jsdelivr.net |
2 | contents-image.twayair.com |
pay.twayair.com
|
2 | unpkg.com |
1 redirects
pay.twayair.com
|
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.twayair.com GTS CA 1P5 |
2024-03-02 - 2024-05-31 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://pay.twayair.com/app/main
Frame ID: AF3A9D5D65F955C8DDC203D198E8B9D1
Requests: 8 HTTP requests in this frame
Frame:
https://pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: F08D595C7E9E799097E574319F13728C
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
404 errorPage URL History Show full URLs
- https://pay.twayair.com/?encTransactionId=Y3BQUPR0zQwKTDKBIj/V3DRTl47ZwuLQuFuPaltxYfC3QLyxQ9BWYR/MZE... Page URL
- https://pay.twayair.com/app/main Page URL
Detected technologies
jsDelivr (CDN) ExpandDetected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://pay.twayair.com/?encTransactionId=Y3BQUPR0zQwKTDKBIj/V3DRTl47ZwuLQuFuPaltxYfC3QLyxQ9BWYR/MZESEgRwLGP2kvEF2GBBcYu9wTQbGCA== Page URL
- https://pay.twayair.com/app/main Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
- https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
- https://pay.twayair.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
pay.twayair.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
main
pay.twayair.com/app/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/ Redirect Chain
|
371 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pretendard.css
cdn.jsdelivr.net/gh/orioncactus/pretendard/dist/web/static/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico_error.svg
contents-image.twayair.com/homepage/images/ico/ |
399 B 532 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Pretendard-Bold.woff2
cdn.jsdelivr.net/gh/orioncactus/pretendard/packages/pretendard/dist/web/static/woff2/ |
773 KB 773 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Pretendard-Regular.woff2
cdn.jsdelivr.net/gh/orioncactus/pretendard/packages/pretendard/dist/web/static/woff2/ |
748 KB 749 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame F08D Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
87c7343f086b348b
pay.twayair.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F08D |
0 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.svg
contents-image.twayair.com/homepage/images/common/ |
2 KB 1 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.twayair.com/ | Name: __cf_bm Value: UiG0T7K2cWAk2wN_A992kdG1kyBDSMvOJzxOYAcb9GM-1714476671-1.0.1.1-kcbDUxMMeeyNlM81Lypbq6704JJPh_Vfw63ARe5tSFuJMSSWYnx91snx1sGTXuWdthLwwTfravX_sv3Ry0s2vg |
|
pay.twayair.com/ | Name: SESSION Value: 9ab9dbda-4eab-4389-b188-e186ecafef6e |
|
pay.twayair.com/ | Name: WMONID Value: zeeftgxwr9u |
|
pay.twayair.com/ | Name: JSESSIONID Value: 9CB3E00D1E6103EEA8DA00742128851E |
|
.twayair.com/ | Name: cf_clearance Value: 2QBbNzIo9kWhZG191pk7WZsqFoedLgIR1xmEnFuR4h4-1714476672-1.0.1.1-BWaCNBIVxrmoOPZPZr.H_gVGba01eppDvECuK3JMAuQpUD7ENDXUth1EbYnpVdqNTHWvDs955VSLikaMSZe6TQ |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
contents-image.twayair.com
pay.twayair.com
unpkg.com
104.16.85.20
104.18.14.82
104.18.15.82
2606:4700::6811:f5cb
399d4c0bfc92616da4fa39ecc872e63f50ad4acb9c308e02b2b466e06d4b8e67
4609c3356e536fafe38f4add0daeceb3d8595d3057bce13c428c33ddbd43d362
479ddc1caf4fa5ef806598d7b7cec1b5f2d1993236eb9c82a42046bbe9c3275d
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
7fa527354e9463d1cb3cbf1f49df0eec2d0958519b240ba34b1ba510918b13f2
cded89008ae80d1af30d0d9662a14e8e14d98023095c2bae16c8c80801c6fbb9
cf4a6c6eda2bca15084ef3e415adc3524a0609004de333dba117278084d367ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fad853f7f47c6c8b103171e7193fa095708cdcd70850a71d93aa5379e8a61d63