confirm-paysecure.now-dns.org
Open in
urlscan Pro
62.4.16.51
Public Scan
Submitted URL: https://confirm-paysecure.now-dns.org/
Effective URL: https://confirm-paysecure.now-dns.org/pages/paylib-sms.php?plb
Submission: On April 04 via automatic, source certstream-suspicious — Scanned from FR
Effective URL: https://confirm-paysecure.now-dns.org/pages/paylib-sms.php?plb
Submission: On April 04 via automatic, source certstream-suspicious — Scanned from FR
Summary
This website contacted 2 IPs
in 1 countries
across 1 domains to perform 4 HTTP transactions.
The main IP is 62.4.16.51, located in
France and
belongs to Online SAS, FR.
The main domain is confirm-paysecure.now-dns.org.
TLS certificate: Issued by R3 on April 4th 2024. Valid for: 3 months.
This is the only time confirm-paysecure.now-dns.org was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 4th 2024. Valid for: 3 months.
This is the only time confirm-paysecure.now-dns.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 5 | 62.4.16.51 62.4.16.51 | 12876 (Online SAS) (Online SAS) | |
| 4 | 2 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
now-dns.org
1 redirects
confirm-paysecure.now-dns.org |
527 KB |
| 4 | 1 |
| Domain | Requested by | |
|---|---|---|
| 5 | confirm-paysecure.now-dns.org |
1 redirects
confirm-paysecure.now-dns.org
|
| 4 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| confirm-paysecure.now-dns.org R3 |
2024-04-04 - 2024-07-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://confirm-paysecure.now-dns.org/pages/paylib-sms.php?plb
Frame ID: DA3821F133DCC9C0CFD26B2469773F47
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Paylib entre amisPage URL History Show full URLs
-
https://confirm-paysecure.now-dns.org/
HTTP 302
https://confirm-paysecure.now-dns.org/pages/paylib-sms.php?plb Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
React
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+data-react
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://confirm-paysecure.now-dns.org/
HTTP 302
https://confirm-paysecure.now-dns.org/pages/paylib-sms.php?plb Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
paylib-sms.php
confirm-paysecure.now-dns.org/pages/ Redirect Chain
|
584 KB 442 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
41 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
129 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
21 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
28 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
14 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
14 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
confirm-paysecure.now-dns.org/assets/js/ |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jQuery.min.affcbf7942d5bedb0785712.js
confirm-paysecure.now-dns.org/assets/js/ |
151 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoload.php
confirm-paysecure.now-dns.org/vendor/composer/ |
0 232 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery object| matched object| browser1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| confirm-paysecure.now-dns.org/ | Name: PHPSESSID Value: 435mi0v4lp96roat346mtlkv67 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
confirm-paysecure.now-dns.org
62.4.16.51
0b3ba66aab9447539ce2e024b50cfb49fd077a157b47a281fc6190622c7c37a9
144fd96e2c896ee8f0e6ba9a931590bb6a78303f73c38616e68f82df48091be6
1835fdab88999383fca3a18031e9fa1b907f41ca1e33edec4f467fa44736140e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
36e67fa28eb6396478c9d9871247dbe07cce71099ca38debc9bdddc042c3f781
3895b1ae68326e2f741061e13771b1c944097c408f33c99699655e0364313076
40ec31b8ea8568dfb67951e811d94f31fabe1aa4a42c8e496d12e09abb1e9acf
51c5d4eb2cf78dbd18b7f844cb1020117bf76e8b4a4328a1a1623a78bb5609a0
76655779eb21d44be228165f6b915009ff0edc42568c89b93197530981ce40b0
84579fb18260885c0796174d4d8554c80d1e57a528c8c742546945e32c29a81b
8ac2644bc8a80402532dbf543a019117ba482053566c7247cb21e1eedd5b6664
8ef6c31bc1f8f2a8943ac84cdbfebc1f8ba0f8c9b0fd156f2ba4c2772d5dd706
9836f31a6bcc79b1dd910c1732543478914ec09dc4b7a8604cbb56e1b8544c8d
9c1f43f66ae42e2b93cb324ce0886ba6e8422923ccf1a6d8364be33e52e0731c
bc4aba6274b86253d876723f7336864e0ca58fd8d6fb66e67a68b9f0c1e42644
bd5dab63f774fa81054ec2dfeaab061ca592d8a8316053669bc4f2bcf1375574
cd93d366a763b0da0c56bb55cd3e56ae63b5a3fc614fa9ffccce20a03ed84b77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855