pay.twayair.com Open in urlscan Pro
104.18.15.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pay.twayair.com/?encTransactionId=Y3BQUPR0zQwKTDKBIj/V3DRTl47ZwuLQuFuPaltxYfC3QLyxQ9BWYR/MZESEgRwLGP2kvEF2GBBcYu...
Effective URL:
https://pay.twayair.com/app/main
Submission Tags: 0xscam
Submission: On April 30 via api (April 30th 2024, 11:31:16 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 104.18.15.82, located in and belongs to CLOUDFLARENET, US. The main domain is pay.twayair.com.
TLS certificate: Issued by GTS CA 1P5 on March 2nd 2024. Valid for: 3 months.

This is the only time pay.twayair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	104.18.15.82 104.18.15.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.14.82 104.18.14.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	4

5 104.18.15.82 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pay.twayair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f5cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.14.82 (None, )

ASN13335 (CLOUDFLARENET, US)

contents-image.twayair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	twayair.com 1 redirects pay.twayair.com contents-image.twayair.com — Cisco Umbrella Rank: 751608	11 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 MB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 744	97 KB
10	3

	Domain	Requested by
5	pay.twayair.com	1 redirects pay.twayair.com
3	cdn.jsdelivr.net	pay.twayair.com cdn.jsdelivr.net
2	contents-image.twayair.com	pay.twayair.com
2	unpkg.com	1 redirects pay.twayair.com
10	4

This site contains no links.

Subject Issuer	Validity	Valid
*.twayair.com GTS CA 1P5	`2024-03-02` - `2024-05-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://pay.twayair.com/app/main
Frame ID: AF3A9D5D65F955C8DDC203D198E8B9D1
Requests: 8 HTTP requests in this frame

Frame: https://pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: F08D595C7E9E799097E574319F13728C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 error

Page URL History Show full URLs

https://pay.twayair.com/?encTransactionId=Y3BQUPR0zQwKTDKBIj/V3DRTl47ZwuLQuFuPaltxYfC3QLyxQ9BWYR/MZE... Page URL
https://pay.twayair.com/app/main Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

10
Requests

80 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1631 kB
Transfer

1912 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pay.twayair.com/?encTransactionId=Y3BQUPR0zQwKTDKBIj/V3DRTl47ZwuLQuFuPaltxYfC3QLyxQ9BWYR/MZESEgRwLGP2kvEF2GBBcYu9wTQbGCA== Page URL
https://pay.twayair.com/app/main Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Request Chain 6

https://pay.twayair.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
pay.twayair.com/ 1 KB
1 KB 1691ms
1279ms Document
text/html 104.18.15.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.twayair.com/?encTransactionId=Y3BQUPR0zQwKTDKBIj/V3DRTl47ZwuLQuFuPaltxYfC3QLyxQ9BWYR/MZESEgRwLGP2kvEF2GBBcYu9wTQbGCA==

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 87c73436fce8348b-WAW
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Tue, 30 Apr 2024 11:31:11 GMT
Last-Modified: Wed, 24 Aug 2022 04:34:39 GMT
Referrer-Policy: no-referrer
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found Primary Request main Show response
pay.twayair.com/app/ 6 KB
3 KB 417ms
416ms Document
text/html 104.18.15.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.twayair.com/app/main

Requested by

Host: pay.twayair.com
URL: https://pay.twayair.com/?encTransactionId=Y3BQUPR0zQwKTDKBIj/V3DRTl47ZwuLQuFuPaltxYfC3QLyxQ9BWYR/MZESEgRwLGP2kvEF2GBBcYu9wTQbGCA==

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4a6c6eda2bca15084ef3e415adc3524a0609004de333dba117278084d367ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 87c7343f086b348b-WAW
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: br
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Tue, 30 Apr 2024 11:31:12 GMT
Expires: 0
Pragma: no-cache
Referrer-Policy: no-referrer
Server: cloudflare
Transfer-Encoding: chunked
X-Application-Context: application:production:10000
X-Content-Type-Options: nosniff nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block 1; mode=block

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

371 KB
96 KB

72ms
71ms

Script
application/javascript

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Requested by

Host: pay.twayair.com
URL: https://pay.twayair.com/app/main

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 11:31:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4132694
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW73W9E5N5JJGB816FPJ1CE-fra
server: cloudflare
etag: W/"5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 87c73442883465d3-FRA

Redirect headers

date: Tue, 30 Apr 2024 11:31:12 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HWQC4QFJJQS456T6166947FS-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 231
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 87c734422fb165d3-FRA

GET
H3 200 pretendard.css
cdn.jsdelivr.net/gh/orioncactus/pretendard/dist/web/static/ 3 KB
1 KB 130ms
73ms Stylesheet
text/css 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/orioncactus/pretendard/dist/web/static/pretendard.css

Requested by

Host: pay.twayair.com
URL: https://pay.twayair.com/app/main

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479ddc1caf4fa5ef806598d7b7cec1b5f2d1993236eb9c82a42046bbe9c3275d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:31:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42122
x-jsd-version: 1.3.9
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230060-FRA, cache-lga21956-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"c0b-E+fXwdxUL+WSs5gUAOGg3He35Mg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ritFv1N6jfV%2BxNCuLDdra%2BaZ%2BISucpuqZ97Aw9nS3cIolnEPMJEf6PQ7IsID%2Frzb2q4EYJS6PMuXXGD2mVI%2FfffmXPD5qYGNBpUqaoMA%2B%2B5BliNgg2EVFB3LLMkSaerIQW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 87c734420bee3bc3-WAW

GET
H/1.1 200
OK ico_error.svg
contents-image.twayair.com/homepage/images/ico/ 399 B
532 B 2088ms
1332ms Image
image/svg+xml 104.18.14.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contents-image.twayair.com/homepage/images/ico/ico_error.svg
Requested by: Host: pay.twayair.com
URL: https://pay.twayair.com/app/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa527354e9463d1cb3cbf1f49df0eec2d0958519b240ba34b1ba510918b13f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 11:31:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 08 Feb 2023 02:15:14 GMT
Server: cloudflare
ETag: W/"63e305b2:18f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
CF-RAY: 87c734466d7cbf24-WAW

GET
H3 200 Pretendard-Bold.woff2
cdn.jsdelivr.net/gh/orioncactus/pretendard/packages/pretendard/dist/web/static/woff2/ 773 KB
773 KB 428ms
374ms Font
font/woff2 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/orioncactus/pretendard/packages/pretendard/dist/web/static/woff2/Pretendard-Bold.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/orioncactus/pretendard/dist/web/static/pretendard.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4609c3356e536fafe38f4add0daeceb3d8595d3057bce13c428c33ddbd43d362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdn.jsdelivr.net/gh/orioncactus/pretendard/dist/web/static/pretendard.css
Origin: https://pay.twayair.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:31:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 616
x-jsd-version: 1.3.9
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 791156
x-served-by: cache-fra-etou8220022-FRA, cache-vie6338-VIE
x-jsd-version-type: version
server: cloudflare
etag: W/"c1274-3k6AbUd/2hINBXXy5NezESwy7n8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zBC9Jc%2BwNXn%2BbwKO4%2BqqVvZJfRtept%2BRe4Drzxjon8YfnOIHSl3YtvJBo0CSzhKVo0z1u1w68mRxGBbY%2FRwUACtha7QGXIFP3J5vaO4b25w6w0ZUolmfUwUyfwRDMUl0Us%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87c73443ccf33527-WAW

GET
H3 200 Pretendard-Regular.woff2
cdn.jsdelivr.net/gh/orioncactus/pretendard/packages/pretendard/dist/web/static/woff2/ 748 KB
749 KB 117ms
64ms Font
font/woff2 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/orioncactus/pretendard/packages/pretendard/dist/web/static/woff2/Pretendard-Regular.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/orioncactus/pretendard/dist/web/static/pretendard.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fad853f7f47c6c8b103171e7193fa095708cdcd70850a71d93aa5379e8a61d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdn.jsdelivr.net/gh/orioncactus/pretendard/dist/web/static/pretendard.css
Origin: https://pay.twayair.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 11:31:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 616
x-jsd-version: 1.3.9
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 765892
x-served-by: cache-fra-etou8220076-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"bafc4-jegHd2mWGBCMUf/c/hLoFuMDXFc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NROOBDUaFKOblmsPoBXkfUYL0KiaLOR1JTVKIBbPtQUtplhMwZMbwnTvHeLOjSqZ%2FtvzW9Vsah5NwjAX%2FLOufeiP%2FkuV%2BXvoFTtEBuCaJZcVhR1XmnSrovW%2Fy8zhHsCQK60%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87c73443ccf13527-WAW

GET
H/1.1

200
OK

main.js Show response
pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame F08D
Redirect Chain

https://pay.twayair.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

8 KB
4 KB

60ms
60ms

Script
application/javascript

104.18.15.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.twayair.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Requested by

Host: pay.twayair.com
URL: https://pay.twayair.com/app/main

Protocol

HTTP/1.1

Server

104.18.15.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

399d4c0bfc92616da4fa39ecc872e63f50ad4acb9c308e02b2b466e06d4b8e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Apr 2024 11:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
Connection: keep-alive
CF-RAY: 87c73443df9a348b-WAW

Redirect headers

Date: Tue, 30 Apr 2024 11:31:12 GMT
Server: cloudflare
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
Connection: keep-alive
CF-RAY: 87c734436f0b348b-WAW
Content-Length: 0

POST
H/1.1 200
OK 87c7343f086b348b Show response
pay.twayair.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F08D 0
465 B 140ms
140ms XHR
text/plain 104.18.15.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.twayair.com/cdn-cgi/challenge-platform/h/g/jsd/r/87c7343f086b348b
Requested by: Host: pay.twayair.com
URL: https://pay.twayair.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 30 Apr 2024 11:31:12 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 87c7344488f2348b-WAW
Content-Length: 0
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK favicon.svg
contents-image.twayair.com/homepage/images/common/ 2 KB
1 KB 73ms
73ms Other
image/svg+xml 104.18.14.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://contents-image.twayair.com/homepage/images/common/favicon.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cded89008ae80d1af30d0d9662a14e8e14d98023095c2bae16c8c80801c6fbb9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 11:31:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 07 Apr 2023 06:47:39 GMT
Server: cloudflare
Age: 3806
ETag: W/"642fbc8b:745"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
CF-RAY: 87c7344eca98bf24-WAW

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twayair.com/	1970-01-20 20:14:38	Name: __cf_bm Value: UiG0T7K2cWAk2wN_A992kdG1kyBDSMvOJzxOYAcb9GM-1714476671-1.0.1.1-kcbDUxMMeeyNlM81Lypbq6704JJPh_Vfw63ARe5tSFuJMSSWYnx91snx1sGTXuWdthLwwTfravX_sv3Ry0s2vg
pay.twayair.com/	1969-12-31 23:59:59	Name: SESSION Value: 9ab9dbda-4eab-4389-b188-e186ecafef6e
pay.twayair.com/	1970-01-21 05:00:45	Name: WMONID Value: zeeftgxwr9u
pay.twayair.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9CB3E00D1E6103EEA8DA00742128851E
.twayair.com/	1970-01-21 05:00:12	Name: cf_clearance Value: 2QBbNzIo9kWhZG191pk7WZsqFoedLgIR1xmEnFuR4h4-1714476672-1.0.1.1-BWaCNBIVxrmoOPZPZr.H_gVGba01eppDvECuK3JMAuQpUD7ENDXUth1EbYnpVdqNTHWvDs955VSLikaMSZe6TQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pay.twayair.com/app/main Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://pay.twayair.com/app/main(Line 7) Message: The key "target-densitydpi" is not supported.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
contents-image.twayair.com
pay.twayair.com
unpkg.com
104.16.85.20
104.18.14.82
104.18.15.82
2606:4700::6811:f5cb
399d4c0bfc92616da4fa39ecc872e63f50ad4acb9c308e02b2b466e06d4b8e67
4609c3356e536fafe38f4add0daeceb3d8595d3057bce13c428c33ddbd43d362
479ddc1caf4fa5ef806598d7b7cec1b5f2d1993236eb9c82a42046bbe9c3275d
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
7fa527354e9463d1cb3cbf1f49df0eec2d0958519b240ba34b1ba510918b13f2
cded89008ae80d1af30d0d9662a14e8e14d98023095c2bae16c8c80801c6fbb9
cf4a6c6eda2bca15084ef3e415adc3524a0609004de333dba117278084d367ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fad853f7f47c6c8b103171e7193fa095708cdcd70850a71d93aa5379e8a61d63

pay.twayair.com Open in urlscan Pro 104.18.15.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

80 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

1631 kBTransfer

1912 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

5 Cookies

2 Console Messages

Security Headers

Indicators

pay.twayair.com Open in urlscan Pro
104.18.15.82 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1631 kB
Transfer

1912 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions