urlscan.io logo urlscan.io
SecurityTrails logo

emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://redirect.secureofficepayment.info/
Effective URL: https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/
Submission: On December 24 via manual from IN — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev.
TLS certificate: Issued by WE1 on November 21st 2024. Valid for: 3 months.
This is the only time emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.21.16.185 13335 (CLOUDFLAR...)
2 188.114.97.3 13335 (CLOUDFLAR...)
5 3
Domain Requested by
4 redirect.secureofficepayment.info 1 redirects redirect.secureofficepayment.info
2 emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev
5 2

This site contains no links.

Subject Issuer Validity Valid
secureofficepayment.info
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
traoreami303.workers.dev
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/
Frame ID: 0D53994732DDE6B0C7773490A4D013B2
Requests: 8 HTTP requests in this frame

Frame: https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 251C7C6C1CDCB8799C589A13C500B82B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

No Internet Connection

Page URL History Show full URLs

  1. https://redirect.secureofficepayment.info/ Page URL
  2. https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/ Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

393 kB
Transfer

659 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://redirect.secureofficepayment.info/ Page URL
  2. https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
redirect.secureofficepayment.info/ 		494 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.secureofficepayment.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa613b06de822b40e6121da577ca5dadadfca42b2cc1e15c2bf212817b7b74e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f7109e99bac5ae9-VIE
content-encoding
zstd
content-type
text/html
date
Tue, 24 Dec 2024 13:46:39 GMT
last-modified
Sun, 22 Dec 2024 13:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fipHrDgRV1XZ3GXedRCi9bBV9AJ63cO0bNiRCe51RDT10Rl%2BpNrIVbvSteYnvYOm%2FS%2BZzVyV%2BMOBpfuzDqTYHOCEMhkqCw2H5sMUVb4G%2BbTkkDrKa63Xt%2BGXEf4QFwGdLIJpq7V%2B4jsHhO9Xq0NmzCIYY3U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=14857&min_rtt=14715&rtt_var=2431&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4136&recv_bytes=4496&delivery_rate=700&cwnd=12000&unsent_bytes=0&cid=68d5f9502d7f5574&ts=102&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://redirect.secureofficepayment.info
Referer

Response headers

Content-Type
application/font-woff
truncated
/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://redirect.secureofficepayment.info
Referer

Response headers

Content-Type
application/font-woff
truncated
/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://redirect.secureofficepayment.info
Referer

Response headers

Content-Type
application/font-woff
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://redirect.secureofficepayment.info
Referer

Response headers

Content-Type
application/font-woff
truncated
/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://redirect.secureofficepayment.info
Referer

Response headers

Content-Type
font/woff2
main.js
redirect.secureofficepayment.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 251C
Redirect Chain
  • https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Protocol
H3
Server
104.21.16.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba2e6419ed891d0a5675090ceace4057159450ffd5c6a9602e8256eea8507c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w826Xcm5nVily%2FDBwdkTdBSqcbezvnyfncWG%2FyfvZORE4DVtKfUo6fNIIoHXNqyud5o6Nu4X7tIYtgv6RlSBLJ262pZoP8SnBmmExxMWEpy5HTpX%2F7Ud1HY90Qxq1UIisw1KC%2BiLbxHQb4xsrL3q2AnToB0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f7109eb7d2f5ae9-VIE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15562&min_rtt=14681&rtt_var=535&sent=251&recv=74&lost=0&retrans=0&sent_bytes=247465&recv_bytes=7805&delivery_rate=33004&cwnd=91800&unsent_bytes=0&cid=68d5f9502d7f5574&ts=331&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 13:46:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3ygoXQbpaEfCVeWfcj8Ao4VNr2yP7RXKE49kSNzJjdbdaD6lI5OrwG%2Bgs7%2B3Px3zVo0F3CHHUziRDV4MXikdagnojysSEfezT0%2B21N9tZP6y5AS%2BSRoKwiY72X8H2mtv0mStpq1Bqhv34FEtV%2BGZdl6baM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7109eb4d175ae9-VIE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=15674&min_rtt=14681&rtt_var=414&sent=249&recv=73&lost=0&retrans=0&sent_bytes=246695&recv_bytes=7504&delivery_rate=1291913&cwnd=91800&unsent_bytes=0&cid=68d5f9502d7f5574&ts=305&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 13:46:39 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8f7109e99bac5ae9
redirect.secureofficepayment.info/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 251C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/h/b/jsd/r/8f7109e99bac5ae9
Requested by
Host: redirect.secureofficepayment.info
URL: https://redirect.secureofficepayment.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfVY5ajWW4h9GhlNuzAs2XMJ6310I8MURUlqyqsbTRDP2CALkp8x4spll%2BBz4t3hnMKx%2B3x4oYhOHUQgLMZ4l%2FsxP5eekr1Fso0Ca8KYMwRwDpakxdzcJYeqRqxAvPQ3K0vIuG%2BltPNS4SjwhszFYPkxrsU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7109ebdd785ae9-VIE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=15481&min_rtt=14681&rtt_var=562&sent=262&recv=90&lost=0&retrans=0&sent_bytes=252601&recv_bytes=25076&delivery_rate=179911&cwnd=91800&unsent_bytes=0&cid=68d5f9502d7f5574&ts=401&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 13:46:39 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8274292568bea69fb2f6ce107be41c5269a8ceae52f2e3f6510ac26a5ca1578

Request headers

Referer
https://redirect.secureofficepayment.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8f7109f80f8c5ab6-VIE
content-encoding
zstd
content-type
text/html
date
Tue, 24 Dec 2024 13:46:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97RWfI8Z4dBbeXslKSTTEBAwQBYhm7IOOUvZvqjsGtnG8ZAXuWdCRvv4ESqxYZZz0mo%2FQasoaQVenCeq9gZzDZitqRdXyiRmgM70Tnay5WMk4uJKwZMj4gfoLesGPHbBL08n6Gbqc7rJnM31lE9K6qhFmIX9hMyRE5NGG4QicRRMkefsITvrVB82dYIjtQBnoxU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15151&min_rtt=15018&rtt_var=5726&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4149&recv_bytes=4405&delivery_rate=180592&cwnd=12000&unsent_bytes=0&cid=b090c67954da88f2&ts=31&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
favicon.ico
emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/ 		0
804 B 		Other
General
Check archive.org
Download Go to
Full URL
https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/

Response headers

x-ms-ests-server
2.1.19683.6 - NEULR1 ProdSlices
cf-cache-status
BYPASS
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+frc"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16142&min_rtt=14768&rtt_var=4193&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5942&recv_bytes=4955&delivery_rate=65630&cwnd=12000&unsent_bytes=0&cid=b090c67954da88f2&ts=245&x=1", cfExtPri, cfHdrFlush;dur=0
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
date
Tue, 24 Dec 2024 13:46:41 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-ms-srs
1.P
cache-control
private
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
access-control-allow-credentials
true
x-ms-request-id
c9740513-6329-492f-8d88-ee89a09d8300
cf-ray
8f7109f84fc55ab6-VIE
access-control-allow-origin
*
content-length
0
x-xss-protection
0
server
cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| tryAgain

2 Cookies

Domain/Path Name / Value
.secureofficepayment.info/ Name: cf_clearance
Value: rLpb2.h8rfmKs3Qw_bG_L99u7au83z.MVR13KYgo540-1735047999-1.2.1.1-jsF6rsrjuT30JEccsa7zbigDAMp3J2g1dGotrZFK7LNgCPVKEnTWWL2BeNnVjebKkcTXgFqLfZ1TCn6C4h2igeSRW0PzYvDUEL5SC1jHQnZ7aoOGM6dw.mfo39Jdy67eCWrWt4GWm.lOeV2T22urTOveLFREq.ItItE8vPSNWE5VEJdPmAJFSx34s4lSwFXy88sT1_lIMF8eIMy20q7bpfaXS3.fXOaCC.vJHAj22js2sPozYJuauHNjRxTOP1VqaLIMXaFgIYmx2z9Wg_AThv0pvlYBDiG6ifneOfDNwltMpwi1oWVMnF_kAwjKdbLz10w2YMfYAo.oN8wlK9yJVFAPqh8Wz_VmKVtPRAGcDFFpEJ7mqubr37gtzFS3u4q7
emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/ Name: x-ms-gateway-slice
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://emailaccountverficationyoung-dawn-0dc9.traoreami303.workers.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()