Submitted URL: https://t.co/KxxZCtmJEA
Effective URL: https://login.officefileserver.top/view/
Submission: On February 20 via manual from ES — Scanned from ES

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 173.214.164.118, located in United States and belongs to IS-AS-1, US. The main domain is login.officefileserver.top.
TLS certificate: Issued by R3 on February 19th 2024. Valid for: 3 months.
This is the only time login.officefileserver.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
2 173.214.164.118 19318 (IS-AS-1)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 4
Apex Domain
Subdomains
Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4410
13 KB
2 officefileserver.top
login.officefileserver.top
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
8 KB
1 t.co
t.co — Cisco Umbrella Rank: 641
556 B
6 4
Domain Requested by
3 challenges.cloudflare.com 1 redirects login.officefileserver.top
challenges.cloudflare.com
2 login.officefileserver.top t.co
login.officefileserver.top
1 cdn.jsdelivr.net login.officefileserver.top
1 t.co
6 4

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-16 -
2024-10-14
a year crt.sh
login.officefileserver.top
R3
2024-02-19 -
2024-05-19
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2023-08-18 -
2024-08-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://login.officefileserver.top/view/
Frame ID: 5A6021DC5021EE646B2D8864D1066C71
Requests: 5 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rp9ua/0x4AAAAAAARbP2HkNwSwMQoR/auto/normal
Frame ID: C2E19DEB37084FF0E5C64DE5EC38CBE0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Verify

Page URL History Show full URLs

  1. https://t.co/KxxZCtmJEA Page URL
  2. https://login.officefileserver.top/view/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

25 kB
Transfer

62 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/KxxZCtmJEA Page URL
  2. https://login.officefileserver.top/view/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
KxxZCtmJEA
t.co/
276 B
556 B
Document
General
Full URL
https://t.co/KxxZCtmJEA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
184
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 09:26:02 GMT
expires
Tue, 20 Feb 2024 09:31:03 GMT
perf
7469935968
server
tsa_f
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
6a91253f700108b308f05291855efbb3ece3d7b432d00f9a7a06561e6e1bc07c
x-response-time
108
x-transaction-id
7be6772005b026a5
x-xss-protection
0
Primary Request /
login.officefileserver.top/view/
2 KB
2 KB
Document
General
Full URL
https://login.officefileserver.top/view/
Requested by
Host: t.co
URL: https://t.co/KxxZCtmJEA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.214.164.118 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
server.almouvvasattrvl.com
Software
/
Resource Hash
a807580fc9efd00b1e3eb755d35e47a21258f4729344f887d5bb94e776da2b5c

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html
Transfer-Encoding
chunked
index.css
login.officefileserver.top/view/css/
955 B
1 KB
Stylesheet
General
Full URL
https://login.officefileserver.top/view/css/index.css
Requested by
Host: login.officefileserver.top
URL: https://login.officefileserver.top/view/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.214.164.118 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
server.almouvvasattrvl.com
Software
/
Resource Hash
905d6e9fda8c6849afd6aa62ab2f16e0e289fcfaee9c8f2461cc811003e43b4f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://login.officefileserver.top/view/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Connection
close
Transfer-Encoding
chunked
Content-Type
text/css
api.js
challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback
38 KB
13 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback
Requested by
Host: login.officefileserver.top
URL: https://login.officefileserver.top/view/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f72bc26cb8c6bf06b1b8c706a51b2fb326d11b23d02e7b6f455ab8e20ea3b1

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://login.officefileserver.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:26:04 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8585b4b5db272fc9-MAD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 20 Feb 2024 09:26:04 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback
cache-control
max-age=300, public
cf-ray
8585b4b59abe2fc9-MAD
alt-svc
h3=":443"; ma=86400
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: login.officefileserver.top
URL: https://login.officefileserver.top/view/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.officefileserver.top/
Origin
https://login.officefileserver.top
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:26:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7276543
x-jsd-version
1.16.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220021-FRA, cache-mad22025-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BohRcF83ehaPzAaSME1hoLLTGI3D0Be%2B%2BgAAWJYVZCTsjeFCBEPnSM6ts8Y4gPdxBGY7NAmXB9sHSuNmVICJv8q9ThIa8IKl0DI%2F1Fl6gsZIL0EP2BKDZSw0TjZHFu1qlHNr6WKL4im2FmdgeEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8585b4b5984c2168-MAD
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rp9ua/0x4AAAAAAARbP2HkNwSwMQoR/auto/ Frame C2E1
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rp9ua/0x4AAAAAAARbP2HkNwSwMQoR/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer
https://login.officefileserver.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8585b4bc8c4b2189-MAD
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 09:26:05 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| turnstile function| verifyCallback_CF function| onloadTurnstileCallback function| Popper

2 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 23ac81fd-5d5a-4ee7-8313-2703cc7357f4
.officefileserver.top/ Name: 7dac-128a
Value: 02b00f6bc5f7822581aae1efb6d745f973263aa2252235a5ba2baf7cdf4fcaa5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0