paypage.ngenius-payments.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2a02:26f0:f700:484::18d1, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is paypage.ngenius-payments.com. The Cisco Umbrella rank of the primary domain is 896133.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on December 6th 2022. Valid for: 8 months.

This is the only time paypage.ngenius-payments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2a02:26f0:f70... 2a02:26f0:f700:484::18d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.168.96.183 184.168.96.183	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
5	2

5 2a02:26f0:f700:484::18d1 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

paypage.ngenius-payments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.168.96.183 (Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 183.96.168.184.host.secureserver.net

meydanfz.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ngenius-payments.com 1 redirects paypage.ngenius-payments.com — Cisco Umbrella Rank: 896133	76 KB
1	meydanfz.site meydanfz.site
5	2

	Domain	Requested by
5	paypage.ngenius-payments.com	1 redirects paypage.ngenius-payments.com
1	meydanfz.site	paypage.ngenius-payments.com
5	2

This site contains no links.

Subject Issuer	Validity	Valid
uat-neo.network.ae DigiCert SHA2 Extended Validation Server CA	`2022-12-06` - `2023-07-29`	8 months	crt.sh
meydanfz.site cPanel, Inc. Certification Authority	`2023-01-29` - `2023-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html
Frame ID: 4130B4F80B0B061F75199ADA38445D0B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://paypage.ngenius-payments.com/invoices/invoice/51978c43-9d41-4e2d-9fc9-ea6bb3983c02/payment HTTP 303
https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/ex... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

75 kB
Transfer

183 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://paypage.ngenius-payments.com/invoices/invoice/51978c43-9d41-4e2d-9fc9-ea6bb3983c02/payment HTTP 303
https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request expired.html Show response
paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/
Redirect Chain

https://paypage.ngenius-payments.com/invoices/invoice/51978c43-9d41-4e2d-9fc9-ea6bb3983c02/payment
https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html

524 B
1 KB

162ms
161ms

Document
text/html

2a02:26f0:f700:484::18d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:484::18d1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

CPWS /

Resource Hash

69fa47f56fd5f2fd313432be8550572bdd072085978e1e7b98d368d13c6ccd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 524
content-type: text/html
date: Wed, 01 Feb 2023 16:03:52 GMT
expires: Wed, 01 Feb 2023 16:03:52 GMT
pragma: no-cache
server: CPWS
strict-transport-security: max-age=15768000
x-akamai-transformed: 9 418 0 pmb=mTOE,1
x-content-type-options: nosniff
x-correlation-id: 77d40c497d89dbe6cf05c59ca4a6e2e9
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 01 Feb 2023 16:03:52 GMT
expires: Wed, 01 Feb 2023 16:03:52 GMT
location: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html
pragma: no-cache
server: CPWS
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-correlation-id: 14f88bbb707e091b2107f938e52d502d
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 404 Logo-01.png
meydanfz.site/wp-content/uploads/2021/08/ 0
0 890ms
463ms Image
text/html 184.168.96.183
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meydanfz.site/wp-content/uploads/2021/08/Logo-01.png
Requested by: Host: paypage.ngenius-payments.com
URL: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.168.96.183 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 183.96.168.184.host.secureserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypage.ngenius-payments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 JDE Show response
paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/ 182 KB
72 KB 66ms
66ms Script
application/javascript 2a02:26f0:f700:484::18d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/JDE

Requested by

Host: paypage.ngenius-payments.com
URL: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:484::18d1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/

Resource Hash

233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:03:52 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
last-modified: Mon, 05 Dec 2022 18:21:50 GMT
etag: "c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 72934

POST
H2 201 JDE Show response
paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/ 18 B
743 B 321ms
320ms XHR
application/json 2a02:26f0:f700:484::18d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/JDE

Requested by

Host: paypage.ngenius-payments.com
URL: https://paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/JDE

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:484::18d1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Feb 2023 16:03:52 GMT
strict-transport-security: max-age=15768000
vary: Origin
content-type: application/json
access-control-allow-origin: https://paypage.ngenius-payments.com
access-control-allow-credentials: true
x_req_id: 9f5c10af-47cf-4b5a-a77e-e4be49d5b440
access-control-allow-headers: Content-Type
content-length: 18

POST
H2 201 JDE Show response
paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/ 18 B
732 B 268ms
267ms XHR
application/json 2a02:26f0:f700:484::18d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/JDE

Requested by

Host: paypage.ngenius-payments.com
URL: https://paypage.ngenius-payments.com/8N_t3juNrpNfJslPwqrPgCvUtCE/VaQ3mVV4/dzojDwE/GFMlDDxh/JDE

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:484::18d1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Feb 2023 16:03:53 GMT
strict-transport-security: max-age=15768000
vary: Origin
content-type: application/json
access-control-allow-origin: https://paypage.ngenius-payments.com
access-control-allow-credentials: true
x_req_id: 4eda3eec-196f-494d-a580-a368027538e7
access-control-allow-headers: Content-Type
content-length: 18

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| _cf object| bmak string| _sdTrace

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ngenius-payments.com/	1970-01-20 09:21:21	Name: bm_sz Value: 2E50F0BDFDF1CAEEABD5D83413B45AC5~YAAQCCkSAtOKP/WFAQAAcF64DRLMW1LtCzbOrKBMIq7vbZwBJ4wOXsOszvsQ1qP3YhyR/6hCPIQ41YtQxO44tOYngtgkHuRc2decFf8yRaJiHFZfDeEC76//JdCiSSXINsLCswYOH3P24SOXNO+z7OzN6hVfSiDgQXK+ajpT4KS2u+JbPzgpq34Ya/q9eMK6Ymg1IjSLFeD5UVhiqPphzgg09ggQbaWm88tc+rVaD3C/GdpsyD8x/046DHQGbUuCz5nlHdMdPqB0lGzNm2CvxOlKdbvuHDBI2cCNuKmcjAaDUP9d6xgstfxRp3gh~3682882~3618628
.ngenius-payments.com/	1970-01-20 09:21:14	Name: ak_bmsc Value: 47F128D9F753C06D37BB9E4BA2A34FAD~000000000000000000000000000000~YAAQCCkSAtSKP/WFAQAAD1+4DRI30EJ/dJvgG/qDph0n36/ZVh+PC5Pz4KNFyq1jPjCTAwIM4Alcp15Lu34SQKvSVgQlH0J61G0MAZjg/Fz5pspb3pRNiJ4+E42PvvIzKXemYwm/MeCR39ytlxq6ZrIxUxAC/kYGaidyxdFchuiFRjw3LomlB3sm1duS7mtmFf7jbMxmleWPJ/d5v6iKUL5+FiL8fvBrlfQOw9e2IMC+GnZiJlWZrgMVxWZe5/e1BV4c2cOOVeNblrkfe/8OBL62KletUKCCdENQiocRI4k1uhdNkMpJhz2YwbPx2+cYaGh7hYtZQmD5BCbmBi8AUJ2AMWckrPoN0GmJbM6tLZ1i3/dfhCsSorzVZEBv6JrFIHpMvyJlo29sni0hoL7RoOxmNrr6YZy3M7Ra
.ngenius-payments.com/	1970-01-20 18:06:43	Name: _abck Value: F8B6DB6C5D7346CF1AD7224E8288FAF4~0~YAAQCCkSAt+KP/WFAQAA62K4DQmJo/PnLMhOmK5IN56/7IHLHJNctc/2+ryPQn7hGIo82AHhh79ioLKn/c1mhCV/8ZPryKFy7v+WMZgefaTWh+qhaAa1MU8a7qJG+6/eVwgvb2U0Jzox4uz2JqhhXDidDgFzkbTQui8e19kG0tRIenMWEe6Jmzg3euUUMS7UEvywaowcEYFRWNOhKX3ssG30hXSDgQP856G9vNAx5xHrC+tFiPtOqJY6IORAnygKqId5K17VJK/B8OKQb8qt8FxkyB/xy6cAPJpuCw10pdPyXUfc16tVZPJyEVNqWY8H2zYQwzZewlLhXC1dIuIk+a3QcF480JBYXTBy3MgqqGuWh9KEhkW/M3uK61cPPHbCbQW6FtyiHsO8tXYueBKwTyRyMEkfneRX6S3f+3uRwYOTAQ==~-1~\|\|-1\|\|~-1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html Message: Mixed Content: The page at 'https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html' was loaded over HTTPS, but requested an insecure element 'http://meydanfz.site/wp-content/uploads/2021/08/Logo-01.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html Message: Mixed Content: The page at 'https://paypage.ngenius-payments.com/invoices/outlets/2f5b29cc-ea84-42e4-87d1-0efc351e1f77/invoice/error-pages/expired.html' was loaded over HTTPS, but requested an insecure element 'http://meydanfz.site/wp-content/uploads/2021/08/Logo-01.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://meydanfz.site/wp-content/uploads/2021/08/Logo-01.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

meydanfz.site
paypage.ngenius-payments.com
184.168.96.183
2a02:26f0:f700:484::18d1
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
69fa47f56fd5f2fd313432be8550572bdd072085978e1e7b98d368d13c6ccd4c
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

paypage.ngenius-payments.com Open in urlscan Pro 2a02:26f0:f700:484::18d1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

75 kBTransfer

183 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

3 Console Messages

Security Headers

Indicators

paypage.ngenius-payments.com Open in urlscan Pro
2a02:26f0:f700:484::18d1 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

75 kB
Transfer

183 kB
Size

3
Cookies

5 HTTP transactions
0 data transactions