urlscan.io logo urlscan.io
SecurityTrails logo

www.paynearme.com Open in urlscan Pro
52.21.142.174  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.paynearme.com/docs/Ux0sNP/0?print=true
Submission: On August 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 52.21.142.174, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.paynearme.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 16th 2020. Valid for: a year.
This is the only time www.paynearme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.21.142.174 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 52.216.86.43 16509 (AMAZON-02)
6 4
Domain Requested by
3 ajax.googleapis.com www.paynearme.com
1 paynearme-public.s3.amazonaws.com www.paynearme.com
1 code.jquery.com www.paynearme.com
1 www.paynearme.com
6 4

This site contains no links.

Subject Issuer Validity Valid
www.paynearme.com
Go Daddy Secure Certificate Authority - G2		 2020-10-16 -
2021-11-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.paynearme.com/docs/Ux0sNP/0?print=true
Frame ID: D11D3CD193ADF7CEF8C00524553F5E13
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /Phusion Passenger ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

148 kB
Transfer

393 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0
www.paynearme.com/docs/Ux0sNP/ 		5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paynearme.com/docs/Ux0sNP/0?print=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.142.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-142-174.compute-1.amazonaws.com
Software
nginx/1.19.4 + Phusion Passenger 6.0.7 / Phusion Passenger Enterprise 6.0.7
Resource Hash
789ca5f749dee87cf69a904b7aa4543052ffadbc5338a4d1b36a380536625e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paynearme.com
:scheme
https
:path
/docs/Ux0sNP/0?print=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 23:01:03 GMT
content-type
text/html; charset=utf-8
set-cookie
AWSALBTG=e0GZ0IUOFvmTtSuKQiba3Pzy0mf+ZJt7ZdtL5wWul0PvtFd8hqzqAv9AIe2T0aOIJx4/fWPXg7echNJf2iI4VXeJWo6hBndlNJEvJ62S1dQiCjrItt5UfgNhZK6sT8oU4cTZdi/NBEiPCn3VjHV/VRinRAbOF+zrj3BzpF2+x3DpQic7XG8=; Expires=Thu, 19 Aug 2021 23:01:03 GMT; Path=/ AWSALBTGCORS=e0GZ0IUOFvmTtSuKQiba3Pzy0mf+ZJt7ZdtL5wWul0PvtFd8hqzqAv9AIe2T0aOIJx4/fWPXg7echNJf2iI4VXeJWo6hBndlNJEvJ62S1dQiCjrItt5UfgNhZK6sT8oU4cTZdi/NBEiPCn3VjHV/VRinRAbOF+zrj3BzpF2+x3DpQic7XG8=; Expires=Thu, 19 Aug 2021 23:01:03 GMT; Path=/; SameSite=None; Secure AWSALB=Oib0XX7vaGiyGBPxm82mJC9wswHRRIIBXQ3x+V3H2gAjct7DF3p1zk9FUT1K7At0ePCqmFpGimjVFSDp6Jjgz6AI48lt0vgf/O+mQdK7SgHFlh6pjaAHtuiR/Y6g; Expires=Thu, 19 Aug 2021 23:01:03 GMT; Path=/ AWSALBCORS=Oib0XX7vaGiyGBPxm82mJC9wswHRRIIBXQ3x+V3H2gAjct7DF3p1zk9FUT1K7At0ePCqmFpGimjVFSDp6Jjgz6AI48lt0vgf/O+mQdK7SgHFlh6pjaAHtuiR/Y6g; Expires=Thu, 19 Aug 2021 23:01:03 GMT; Path=/; SameSite=None; Secure _topor4_session=yQUaTFe30HKBcxb0qrRhgHWlp47XM%2BbIgmU7hDk2oSoKUzrtgOE2LmRKvvTHwDQwM1TYdq3JZuJdZUMtIfUasscFe8dMyj1XcOozByg8fnvYuv9A56G1smlrNoTKIF61FNgCufQF2Nm%2BKem9GCiASq056PgFtIOP22XdS1hQHIuKL6VIdDPUhYFJG60FXolLZmu5V0vlp0WUMzmmcPRialjbDR1T4zyOo%2FkBYUN5nT6r31YtQ8sLOZE%2FMargNB0nei7o7BNMXSZALysa8bTR3mdX9%2Fiby3M%3D--rQDJRv23bjt%2FZjpc--7zrC0v7DpXgzPrGltCs%2Fog%3D%3D; path=/; secure; HttpOnly
status
200 OK
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
f444d1ab-56a3-4948-b9ad-a95d174cecfa
x-download-options
noopen
etag
W/"789ca5f749dee87cf69a904b7aa45430"
x-frame-options
SAMEORIGIN
x-runtime
0.013554
x-content-type-options
nosniff
x-rack-cors
miss; no-origin
x-powered-by
Phusion Passenger Enterprise 6.0.7
server
nginx/1.19.4 + Phusion Passenger 6.0.7
content-encoding
gzip
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.paynearme.com
URL: https://www.paynearme.com/docs/Ux0sNP/0?print=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paynearme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Aug 2022 22:58:27 GMT
jquery-migrate-3.3.0.min.js
code.jquery.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-3.3.0.min.js
Requested by
Host: www.paynearme.com
URL: https://www.paynearme.com/docs/Ux0sNP/0?print=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c19def3576a41fd9383f4d1f3460256cdd0f929292ca145aefa205cb85753d81

Request headers

Referer
https://www.paynearme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 23:01:03 GMT
content-encoding
gzip
last-modified
Tue, 05 May 2020 02:14:13 GMT
server
nginx
etag
W/"5eb0cbf5-2b08"
vary
Accept-Encoding
x-hw
1628809263.dop122.fr8.t,1628809263.cds221.fr8.hn,1628809263.cds257.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4025
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www.paynearme.com
URL: https://www.paynearme.com/docs/Ux0sNP/0?print=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paynearme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 14:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Aug 2022 14:13:15 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		36 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
Requested by
Host: www.paynearme.com
URL: https://www.paynearme.com/docs/Ux0sNP/0?print=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paynearme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 14:13:15 GMT
x-content-type-options
nosniff
age
31668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36536
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Aug 2022 14:13:15 GMT
pnm_h-color.svg
paynearme-public.s3.amazonaws.com/brand/logo/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paynearme-public.s3.amazonaws.com/brand/logo/pnm_h-color.svg
Requested by
Host: www.paynearme.com
URL: https://www.paynearme.com/docs/Ux0sNP/0?print=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.86.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9664503cd75d25074880b4b1940dbf4eaf4b04cba898b6b1a16397ee3610786a

Request headers

Referer
https://www.paynearme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 23:01:05 GMT
Last-Modified
Wed, 15 May 2019 22:24:59 GMT
Server
AmazonS3
x-amz-request-id
VRY37DWW7WNGSEYB
ETag
"203dccba7db62023366ba6627a269861"
Content-Type
image/svg+xml
x-amz-version-id
GmgXVh4oWwzMnQ28vRU4dQOX5wZC5GDu
Accept-Ranges
bytes
Content-Length
6596
x-amz-id-2
hnVuUDHmDJ5Gi/FGqoUVFCpgAbgIXZjaBLYwYS/bM6xGk1751SYMZwpfmVqdNHi9nnpjZrOd290=

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery undefined| xhr

5 Cookies

Domain/Path Name / Value
www.paynearme.com/ Name: _topor4_session
Value: yQUaTFe30HKBcxb0qrRhgHWlp47XM%2BbIgmU7hDk2oSoKUzrtgOE2LmRKvvTHwDQwM1TYdq3JZuJdZUMtIfUasscFe8dMyj1XcOozByg8fnvYuv9A56G1smlrNoTKIF61FNgCufQF2Nm%2BKem9GCiASq056PgFtIOP22XdS1hQHIuKL6VIdDPUhYFJG60FXolLZmu5V0vlp0WUMzmmcPRialjbDR1T4zyOo%2FkBYUN5nT6r31YtQ8sLOZE%2FMargNB0nei7o7BNMXSZALysa8bTR3mdX9%2Fiby3M%3D--rQDJRv23bjt%2FZjpc--7zrC0v7DpXgzPrGltCs%2Fog%3D%3D
www.paynearme.com/ Name: AWSALBCORS
Value: Oib0XX7vaGiyGBPxm82mJC9wswHRRIIBXQ3x+V3H2gAjct7DF3p1zk9FUT1K7At0ePCqmFpGimjVFSDp6Jjgz6AI48lt0vgf/O+mQdK7SgHFlh6pjaAHtuiR/Y6g
www.paynearme.com/ Name: AWSALB
Value: Oib0XX7vaGiyGBPxm82mJC9wswHRRIIBXQ3x+V3H2gAjct7DF3p1zk9FUT1K7At0ePCqmFpGimjVFSDp6Jjgz6AI48lt0vgf/O+mQdK7SgHFlh6pjaAHtuiR/Y6g
www.paynearme.com/ Name: AWSALBTGCORS
Value: e0GZ0IUOFvmTtSuKQiba3Pzy0mf+ZJt7ZdtL5wWul0PvtFd8hqzqAv9AIe2T0aOIJx4/fWPXg7echNJf2iI4VXeJWo6hBndlNJEvJ62S1dQiCjrItt5UfgNhZK6sT8oU4cTZdi/NBEiPCn3VjHV/VRinRAbOF+zrj3BzpF2+x3DpQic7XG8=
www.paynearme.com/ Name: AWSALBTG
Value: e0GZ0IUOFvmTtSuKQiba3Pzy0mf+ZJt7ZdtL5wWul0PvtFd8hqzqAv9AIe2T0aOIJx4/fWPXg7echNJf2iI4VXeJWo6hBndlNJEvJ62S1dQiCjrItt5UfgNhZK6sT8oU4cTZdi/NBEiPCn3VjHV/VRinRAbOF+zrj3BzpF2+x3DpQic7XG8=

1 Console Messages

Source Level URL
Text
console-api log URL: https://code.jquery.com/jquery-migrate-3.3.0.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block