ww12.go2pay.xyz - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 13.248.148.254, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is ww12.go2pay.xyz.

This is the only time ww12.go2pay.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.234.26.236 172.234.26.236	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	13.248.148.254 13.248.148.254	16509 (AMAZON-02) (AMAZON-02)
5	2

1 172.234.26.236 (United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: pebble04.parklogic.com

sitemap.go2pay.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.148.254 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com

ww12.go2pay.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	go2pay.xyz 1 redirects sitemap.go2pay.xyz ww12.go2pay.xyz	8 KB
0	cloudfront.net Failed d38psrni17bvxu.cloudfront.net Failed
0	google.com Failed www.google.com Failed
5	3

	Domain	Requested by
3	ww12.go2pay.xyz	ww12.go2pay.xyz
1	sitemap.go2pay.xyz	1 redirects
0	d38psrni17bvxu.cloudfront.net Failed	ww12.go2pay.xyz
0	www.google.com Failed	ww12.go2pay.xyz
5	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ww12.go2pay.xyz/
Frame ID: C370FC91BADD10AB5C4612210031952D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sitemap.go2pay.xyz/ HTTP 302
http://ww12.go2pay.xyz/ Page URL

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

8 kB
Transfer

17 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sitemap.go2pay.xyz/ HTTP 302
http://ww12.go2pay.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ww12.go2pay.xyz/ Redirect Chain https://sitemap.go2pay.xyz/ http://ww12.go2pay.xyz/	17 KB 7 KB	238ms 202ms	Document text/html	13.248.148.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww12.go2pay.xyz/ Protocol HTTP/1.1 Server 13.248.148.254 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS aba1c1ff9d2ec5376.awsglobalaccelerator.com Software nginx / Resource Hash `ecc7a2e6fb55ce8d4d9317a2781e56e0eef34ec55d8e14747eee65bf14c3ef90` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-CH viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile Accept-CH-Lifetime 30 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 25 Sep 2023 02:35:13 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Adblock-Key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_qDVETGgFeAnKM2nUBk4hhJFwH6FZomlsHE2gMWnqhSD2HzAezh8RcNUgRWnA1kEKCNqpP5wRue8TEqyxln13Yg== X-Domain go2pay.xyz X-Subdomain ww12 Redirect headers cache-control no-cache content-length 0 location http://ww12.go2pay.xyz/
GET		caf.js www.google.com/adsense/domains/	0 0

GET H/1.1	200 OK	track.php Show response ww12.go2pay.xyz/	0 581 B	122ms 121ms	XHR text/html	13.248.148.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww12.go2pay.xyz/track.php?domain=go2pay.xyz&toggle=browserjs&uid=MTY5NTYwOTMxMy4yNzk0OjhiZjI2ZjA4Mjk5NzYwMjRiNzE0ZTdiMzRmMDgwMTA1ZWI0NDQzNzg1ODNkNWU1Y2RmYzFmMTI1M2MzZTFmOTk6NjUxMGYxZTE0NDM0Mw%3D%3D Requested by Host: ww12.go2pay.xyz URL: http://ww12.go2pay.xyz/ Protocol HTTP/1.1 Server 13.248.148.254 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS aba1c1ff9d2ec5376.awsglobalaccelerator.com Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://ww12.go2pay.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 02:35:43 GMT Content-Encoding gzip Server nginx Accept-CH viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Transfer-Encoding chunked Accept-CH-Lifetime 30 Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Access-Control-Allow-Origin * Connection keep-alive
GET		arrows.png d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/	0 0

GET H/1.1	201 Created	ls.php Show response ww12.go2pay.xyz/	16 B 865 B	122ms 122ms	XHR text/javascript	13.248.148.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww12.go2pay.xyz/ls.php?t=6510f1e1&token=91c39b29c2a8bf33427707e4cdfe0a916909bbb3 Requested by Host: ww12.go2pay.xyz URL: http://ww12.go2pay.xyz/ Protocol HTTP/1.1 Server 13.248.148.254 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS aba1c1ff9d2ec5376.awsglobalaccelerator.com Software nginx / Resource Hash `c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97` Request headers accept-language en-US,en;q=0.9 Referer http://ww12.go2pay.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 02:35:43 GMT Server nginx Accept-CH viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Transfer-Encoding chunked Accept-CH-Lifetime 30 Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin Access-Control-Allow-Methods POST, OPTIONS Charset utf-8 Access-Control-Max-Age 86400 X-Adblock-Key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_YRckqWs/IMLjoCO8D6x0tjaybiNQQpNhVuoVeentDhWpgMS6l6OQQgCp/n4SJgL09i0tlBUk37suNJhtT5q7kg== Connection keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1

Domain: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.google.com/adsense/domains/caf.js?abp=1 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d38psrni17bvxu.cloudfront.net
sitemap.go2pay.xyz
ww12.go2pay.xyz
www.google.com
d38psrni17bvxu.cloudfront.net
www.google.com
13.248.148.254
172.234.26.236
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc7a2e6fb55ce8d4d9317a2781e56e0eef34ec55d8e14747eee65bf14c3ef90

ww12.go2pay.xyz Open in urlscan Pro 13.248.148.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

0 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

1 Countries

8 kBTransfer

17 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ww12.go2pay.xyz Open in urlscan Pro
13.248.148.254 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

8 kB
Transfer

17 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions