traffic-payments-3.govpayments.io Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://traffic-payments-3.govpayments.io/
Submission: On February 11 via automatic, source certstream-suspicious (February 11th 2024, 10:15:58 pm UTC) — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is traffic-payments-3.govpayments.io.
TLS certificate: Issued by E1 on February 11th 2024. Valid for: 3 months.

This is the only time traffic-payments-3.govpayments.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.231.160.169 54.231.160.169	16509 (AMAZON-02) (AMAZON-02)
1	13.225.82.120 13.225.82.120	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b901:f3b8:b7d2:ca09:becb	14618 (AMAZON-AES) (AMAZON-AES)
11	6

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

traffic-payments-3.govpayments.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.160.169 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ecdassets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.82.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-120.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b901:f3b8:b7d2:ca09:becb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	govpayments.io traffic-payments-3.govpayments.io	199 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	52 KB
1	browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 7791	345 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1437	50 KB
1	amazonaws.com ecdassets.s3.amazonaws.com	10 KB
11	5

	Domain	Requested by
5	traffic-payments-3.govpayments.io	traffic-payments-3.govpayments.io
2	cdn.jsdelivr.net	traffic-payments-3.govpayments.io
1	session-replay.browser-intake-datadoghq.com	www.datadoghq-browser-agent.com
1	www.datadoghq-browser-agent.com	traffic-payments-3.govpayments.io
1	ecdassets.s3.amazonaws.com	traffic-payments-3.govpayments.io
11	5

This site contains no links.

Subject Issuer	Validity	Valid
traffic-payments-3.govpayments.io E1	`2024-02-11` - `2024-05-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://traffic-payments-3.govpayments.io/
Frame ID: 11F721D39E738CB0A0FFEC60C95A4CD8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Testing Update

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

11
Requests

91 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

312 kB
Transfer

798 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
traffic-payments-3.govpayments.io/ 10 KB
3 KB 503ms
426ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic-payments-3.govpayments.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2471db48c7b40414043503feaad220942c24e15b9e03e687cd174341f14ab65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 853ff400e8011c8b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 22:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6f1hk2r4tz5ELeaJiy4X3%2Bxfc6%2FPFnQArCzHYUPw0y6yIXlUkDMu8NOp7EEYCngX9PmwLppNbd3AFAqYxdYOu3CLbJClycusoCDyOz%2F6G5IQ3ccd%2Fuf2ALmd5Xt6tY3A%2BkaG%2Bg5g0eMZYZiyx6bqrLKgJKfDyda69xTMNzN2h88%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/ 189 KB
29 KB 69ms
30ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css

Requested by

Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://traffic-payments-3.govpayments.io/
Origin: https://traffic-payments-3.govpayments.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:15:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6546325
x-jsd-version: 5.2.0-beta1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230085-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2f3f9-YnOsGiPXmhIvAi9qh8W3XCz6/Do"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvXsxj1%2BW8k6n4hgOfzV1vtlLAjlV043H83XOwjnupIEjheSxUQrUKtjecyQgRp6urGgtTR%2BcasyQyK6sKYppWMG58mscL3UV8cYS2QyxAHnwckGQSqQG8Dtt7Xq8g2GYQSteWqnVNj434BWa8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 853ff403daf3377c-FRA

GET
H2 200 styles.css
traffic-payments-3.govpayments.io/css/ 4 KB
1 KB 357ms
356ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic-payments-3.govpayments.io/css/styles.css

Requested by

Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37cd4fcfbd975f88939e43885ac045aed2819bcf316ebca471d83f5747c6a6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://traffic-payments-3.govpayments.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:15:54 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jan 2024 18:48:54 GMT
server: cloudflare
etag: W/"65b3fe96-10a6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRuePcAGBMFg6MzzkiT7c2CleFbFF8uJxo8Zy12GnRzyTTzM2DrHYL6bcXct8mtTgJmQDQ7mmtdoJ%2Fy8haif9kkf4IqUIIgTyJwG6c00puZb%2BLk6K5fS%2FPqK4XPa%2BP1VvO1j9MgHVN37kNMRrWvE3AtraQ%2Ffq94RGmWZatScxDs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 853ff4039aa21c8b-FRA

GET
H2 200 fontawesome.min.css
traffic-payments-3.govpayments.io/fontawesome/css/ 79 KB
18 KB 457ms
456ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic-payments-3.govpayments.io/fontawesome/css/fontawesome.min.css

Requested by

Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eb5b44ce5971a501e5a17954c464b80aba0c4604675b5603a7f456459af88a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://traffic-payments-3.govpayments.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:15:54 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jan 2024 18:48:54 GMT
server: cloudflare
etag: W/"65b3fe96-13b9b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYs38alyZonTfLn1kxGh16rMwUj6SdZNQoUI1EgPS9jS%2Bryx5viNj1zEGCA4CAbFhIsmCG5keADrAPeUb2Hs7f%2FswbgYzrgnAZM5ix6RUGH5zPDKGnBYhVlJYJNLlfeOUjl8uNN9cKtVF%2F5gw0Rsqu2956EnuxtqeBDshojoJ4M%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 853ff4039aa31c8b-FRA

GET
H2 200 all.min.css
traffic-payments-3.govpayments.io/fontawesome/css/ 100 KB
23 KB 458ms
458ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic-payments-3.govpayments.io/fontawesome/css/all.min.css

Requested by

Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://traffic-payments-3.govpayments.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:15:54 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jan 2024 18:48:54 GMT
server: cloudflare
etag: W/"65b3fe96-190f1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDedVf16VDslDYUMrr3LVjU0Zg9S30IIt9yWVgV%2Feo35HgfQZXj6PNExXo90oNkli06Zx%2Fu7Qlapo7AJywiMi7x44SZC28aDVfFGXGp%2FUGpvtuHMuO96v5Ot3E627ra9g1kPlo9szYhrihc5YfVyq%2FoJjqPHtol1alyPAj4L9z4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 853ff4039aa51c8b-FRA

GET
H/1.1 200
OK logo.webp
ecdassets.s3.amazonaws.com/govplan/images/ 9 KB
10 KB 353ms
127ms Image
image/webp 54.231.160.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecdassets.s3.amazonaws.com/govplan/images/logo.webp
Requested by: Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.160.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0a6de9e914784cd5accdd2fa02a4ac68a3a59866b41c49da499d4543960a5217

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://traffic-payments-3.govpayments.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 22:15:55 GMT
x-amz-version-id: 7pZA55WeL3jhd1M4g4B3OWcqXCv_7.vi
Last-Modified: Tue, 12 Dec 2023 17:56:11 GMT
Server: AmazonS3
x-amz-request-id: 9MDQKSC81RRHS29W
ETag: "382e3380751aeed7ab1c099f3e780b90"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 9538
x-amz-id-2: 5Ms7iQvaWlNBbD+xLxS2JDiuxcw8nQfn97v7p3dFPrUCP1+W/ydoevnqfZSi7s+zbm2HVImrEyQ=

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/ 78 KB
24 KB 71ms
32ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js

Requested by

Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2515e37eee31f5ef3d659b21dcc84dc6ea732b06872da51078b5b526de34c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://traffic-payments-3.govpayments.io/
Origin: https://traffic-payments-3.govpayments.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:15:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6445243
x-jsd-version: 5.2.0-beta1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230049-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1377e-a0uYWpCr16scLjX/O4dNB8+EEO4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYGBliWG%2BbL%2Fr%2FF25KOkgRyXBiV3JvxGBxNbZQgQC6P%2BnuLtSqEPogMAgyPx1HQf4fwCwZ0%2FvyXWgQJzEnasv0mTshUI%2BuDMn2l0vbkVgw7fplyrehGVmLNYDx08wlv3P5dZj6YjxYegNOCI0dw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 853ff403daf4377c-FRA

GET
H3 200 fa-solid-900.woff2
traffic-payments-3.govpayments.io/fontawesome/webfonts/ 153 KB
153 KB 547ms
546ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic-payments-3.govpayments.io/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/fontawesome/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://traffic-payments-3.govpayments.io/fontawesome/css/all.min.css
Origin: https://traffic-payments-3.govpayments.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:15:55 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 156496
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jan 2024 18:48:54 GMT
server: cloudflare
etag: "65b3fe96-26350"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BprFZHK6PNC0SZ8xXU5jmHdsnrr98cW0sEwsXvZvEmaFJBDTIMUJX%2BtaVLAc2779bru84Mlk6MuoAHoQqrlZDV7D%2BADGfIyk1n0ZGq2onGIvlGdqOP9rd6cL5VknxavSF%2FONFBGoaz8whIvj5Qpd4ivjw8hQ8jc1AjFjuBLsNzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 853ff4068e993a78-FRA

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v4/ 150 KB
50 KB 87ms
24ms Script
application/javascript 13.225.82.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by: Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.82.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-82-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://traffic-payments-3.govpayments.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:15:54 GMT
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 09:24:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 2
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: LNRbq0KGGEQ0tvC10SZSZp-bnFPEsh1Wf__fcapxEPP8iLz62FGWPg==

GET
BLOB 200
OK 49c71e36-837d-42c1-8e40-2aad94bd77c5
https://traffic-payments-3.govpayments.io/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://traffic-payments-3.govpayments.io/49c71e36-837d-42c1-8e40-2aad94bd77c5
Requested by: Host: traffic-payments-3.govpayments.io
URL: https://traffic-payments-3.govpayments.io/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 528c2ff0c35d20492e8e8cd79eb0b81f479e5f827f613cf693fc6cd7a4e21033

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 25814
Content-Type

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
345 B 671ms
331ms XHR
application/json 2600:1f18:24e6:b901:f3b8:b7d2:ca09:becb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aecdpayments%2Cversion%3A1.0.0&dd-api-key=pubf43ae3ba24864b94de46056ac72ca04d&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=d0b968e5-4e9d-4046-8d8d-947a7657feb3

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:f3b8:b7d2:ca09:becb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

9a751b6f5468fb3b0e8ae5d6985cd8126303e89cdadfa1b969b7f3e5eb4f6588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://traffic-payments-3.govpayments.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAAyUYC4jAAqAxmmF

Response headers

date: Sun, 11 Feb 2024 22:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: d0b968e5-4e9d-4046-8d8d-947a7657feb3

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap object| DD_RUM

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.govpayments.io/	1969-12-31 23:59:59	Name: ecdpayments_session Value: SemS2BThBwqVxhUVwYLDdn2KfXfjzP2c06XtQyDZ
			traffic-payments-3.govpayments.io/	1970-01-20 18:21:30	Name: _dd_s Value: rum=1&id=beac8562-b4e7-41aa-bf9b-f17c60c9622d&created=1707689754764&expire=1707690654764

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
ecdassets.s3.amazonaws.com
session-replay.browser-intake-datadoghq.com
traffic-payments-3.govpayments.io
www.datadoghq-browser-agent.com
13.225.82.120
2600:1f18:24e6:b901:f3b8:b7d2:ca09:becb
2606:4700::6810:5614
2a06:98c1:3121::3
54.231.160.169
0a6de9e914784cd5accdd2fa02a4ac68a3a59866b41c49da499d4543960a5217
2515e37eee31f5ef3d659b21dcc84dc6ea732b06872da51078b5b526de34c0c1
37cd4fcfbd975f88939e43885ac045aed2819bcf316ebca471d83f5747c6a6fd
528c2ff0c35d20492e8e8cd79eb0b81f479e5f827f613cf693fc6cd7a4e21033
8eb5b44ce5971a501e5a17954c464b80aba0c4604675b5603a7f456459af88a1
9a751b6f5468fb3b0e8ae5d6985cd8126303e89cdadfa1b969b7f3e5eb4f6588
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
f2471db48c7b40414043503feaad220942c24e15b9e03e687cd174341f14ab65
fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf

traffic-payments-3.govpayments.io Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

6 IPs

1 Countries

312 kBTransfer

798 kBSize

2 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

traffic-payments-3.govpayments.io Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

312 kB
Transfer

798 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions