![](/screenshots/9a7a79da-bf74-4de3-8a49-523a6013751d.png)
www.2paynow.com
Open in
urlscan Pro
54.93.166.196
Public Scan
Submission: On October 27 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on September 23rd 2023. Valid for: a year.
This is the only time www.2paynow.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 54.93.166.196 54.93.166.196 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-166-196.eu-central-1.compute.amazonaws.com
www.2paynow.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
2paynow.com
www.2paynow.com |
213 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
5 | www.2paynow.com |
www.2paynow.com
|
6 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
2paynow.com Amazon RSA 2048 M01 |
2023-09-23 - 2024-10-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.2paynow.com/zhifu/lightspeed/pay_page.php?pic_url=http://www.2paynow.com/zhifu/?r=site/qrCode
Frame ID: 9717EF81003843AC1F8029ADC5F846AD
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pay_page.php
www.2paynow.com/zhifu/lightspeed/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.2paynow.com/zhifu/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.2paynow.com/zhifu/mobile/js/ |
82 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg1.png
www.2paynow.com/zhifu/images/ |
122 KB 123 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-red.png
www.2paynow.com/zhifu/images/ |
358 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
queryTrans.php
www.2paynow.com/zhifu/lightspeed/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.2paynow.com
- URL
- https://www.2paynow.com/zhifu/lightspeed/queryTrans.php?mid=&trade_no=
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery number| flag function| cancelTrans4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.2paynow.com/ | Name: AWSALBTG Value: g0qVhQ5zr+0OY1JaBfrXs93jHmru7kdMY8IESgI9H5uWh0BOXPy36ToCg9mxh9tq86/Bf+pYeAtug7ykOQDSaI9LPjmHJ4CBcWR9YgIXi/jsLdkj5HP7J2Pxg09qRNclAzyY0JLDaBCRdKAkpS04k5ZR16BfZqp0hIzAkuve0iIGMMlzCYk= |
|
www.2paynow.com/ | Name: AWSALBTGCORS Value: g0qVhQ5zr+0OY1JaBfrXs93jHmru7kdMY8IESgI9H5uWh0BOXPy36ToCg9mxh9tq86/Bf+pYeAtug7ykOQDSaI9LPjmHJ4CBcWR9YgIXi/jsLdkj5HP7J2Pxg09qRNclAzyY0JLDaBCRdKAkpS04k5ZR16BfZqp0hIzAkuve0iIGMMlzCYk= |
|
www.2paynow.com/ | Name: AWSALB Value: eGI/gUEbdoJ31U7ZMZZVB1vggWwZrBWfveC7XDKFfXBcS4BGPMgcvLhwHSSYPdPf8LzEsO9CgUH3MfbG1C2CNUuLIURUr0+Ctq/vM+7tUVR41/r68gXpfHR2aW0h |
|
www.2paynow.com/ | Name: AWSALBCORS Value: eGI/gUEbdoJ31U7ZMZZVB1vggWwZrBWfveC7XDKFfXBcS4BGPMgcvLhwHSSYPdPf8LzEsO9CgUH3MfbG1C2CNUuLIURUr0+Ctq/vM+7tUVR41/r68gXpfHR2aW0h |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.2paynow.com
www.2paynow.com
54.93.166.196
0def48dccd1a8e2615441660207c6364c0286a23d030583cf1d76e983acfb7de
763ddbeb1e2024e5598f5183db172e3111a2e3981729e380a98e41479dda7dc7
797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858
9d9b0e9a2a90914e6e3cccddde6402a3fc3a44906923e9d552c1dd0b3add7301
cf0416cb71c714339b7620cc8f9e41032864917de08161ee2566a54899267863