urlscan.io logo urlscan.io
SecurityTrails logo

paymentcon.pages.dev Open in urlscan Pro
172.66.44.164  Public Scan

Go To Rescan Add Verdict Report
URL: https://paymentcon.pages.dev/?61319f1dfaaf04=%2Fd6366cea963ab9b7da5801e1d330a6d52d205d7db2dce4fc912ab34a2c6dccd0%2Fc2hhMTUzOD...
Submission: On March 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 172.66.44.164, located in United States and belongs to CLOUDFLARENET, US. The main domain is paymentcon.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on February 16th 2024. Valid for: 3 months.
This is the only time paymentcon.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.66.44.164 13335 (CLOUDFLAR...)
2 172.67.145.40 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
5 4
Apex Domain
Subdomains		 Transfer
2 workers.dev
still-rain-a8cf.neqoham-jehunuq.workers.dev
114 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
28 KB
1 pages.dev
paymentcon.pages.dev
753 B
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
5 4
Domain Requested by
2 still-rain-a8cf.neqoham-jehunuq.workers.dev paymentcon.pages.dev
still-rain-a8cf.neqoham-jehunuq.workers.dev
1 cdnjs.cloudflare.com still-rain-a8cf.neqoham-jehunuq.workers.dev
1 paymentcon.pages.dev
0 cdn.jsdelivr.net Failed still-rain-a8cf.neqoham-jehunuq.workers.dev
5 4

This site contains no links.

Subject Issuer Validity Valid
paymentcon.pages.dev
GTS CA 1P5		 2024-02-16 -
2024-05-16		 3 months crt.sh
neqoham-jehunuq.workers.dev
GTS CA 1P5		 2024-01-24 -
2024-04-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://paymentcon.pages.dev/?61319f1dfaaf04=%2Fd6366cea963ab9b7da5801e1d330a6d52d205d7db2dce4fc912ab34a2c6dccd0%2Fc2hhMTUzODE5OTAzOTMyNDIyMzQ0%2F0d29e3b1f823deb73bb51198d615f321fff54721d07bce7819bae738871c725f%2F0d29e3b1f823deb73bb51198d615f321fff54721d07bce7819bae738871c725f&61265486858980=/4207f59b5c44fc2c2a71387430618635ac957b20d0e99531bced31fa589ac2ed/c2hhmtk1mdu3nte5mdi4o
Frame ID: 0DB046627EFB1F51B88F4A474B3FB1B1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

142 kB
Transfer

531 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paymentcon.pages.dev/ 		272 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://paymentcon.pages.dev/?61319f1dfaaf04=%2Fd6366cea963ab9b7da5801e1d330a6d52d205d7db2dce4fc912ab34a2c6dccd0%2Fc2hhMTUzODE5OTAzOTMyNDIyMzQ0%2F0d29e3b1f823deb73bb51198d615f321fff54721d07bce7819bae738871c725f%2F0d29e3b1f823deb73bb51198d615f321fff54721d07bce7819bae738871c725f&61265486858980=/4207f59b5c44fc2c2a71387430618635ac957b20d0e99531bced31fa589ac2ed/c2hhmtk1mdu3nte5mdi4o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e7ef92c3d2e07585a20788aca39fa73d804484ca7dd28d87ca5f2f7ab9971d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8613d2d55a6886f6-ORD
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 08 Mar 2024 15:22:56 GMT
etag
W/"591e089416e8915b1a0515b773dea796"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNQ1PZNWN9FILShHOpMXEM006%2BjDIWlK%2FTmj95FcL2McvCoJsrT42%2BUqrmbt2qcUzUW3npGl8%2BaE3CQ1L1wGuY6dsU6b7Ko8Brw7yeM4C4rmpWazVkb2WcAdQsFebn%2BbnMGzmD5IfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
3489hdjh38
still-rain-a8cf.neqoham-jehunuq.workers.dev/css/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://still-rain-a8cf.neqoham-jehunuq.workers.dev/css/3489hdjh38
Requested by
Host: paymentcon.pages.dev
URL: https://paymentcon.pages.dev/?61319f1dfaaf04=%2Fd6366cea963ab9b7da5801e1d330a6d52d205d7db2dce4fc912ab34a2c6dccd0%2Fc2hhMTUzODE5OTAzOTMyNDIyMzQ0%2F0d29e3b1f823deb73bb51198d615f321fff54721d07bce7819bae738871c725f%2F0d29e3b1f823deb73bb51198d615f321fff54721d07bce7819bae738871c725f&61265486858980=/4207f59b5c44fc2c2a71387430618635ac957b20d0e99531bced31fa589ac2ed/c2hhmtk1mdu3nte5mdi4o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf267f8b4bd58d046d1ff1193d5eecaf4b75f70e70124754594ef593de09c8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paymentcon.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 15:22:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVVxps6o%2Bqld4pzwjbjdtxxWAKRQ5citc80cmEIODSvUQragHrQSdNDaFMFRmDzMAqCsl8LVOWeoCrIuSmkZkm7emBT%2FixKqP%2FQrdaMTfoRGa3V%2FpJzXBXY5Ft%2FK4NhkUGGXfPvyqD6Q3xlVCtMpRfxeNkT%2BnE%2FKSuV%2BhNer"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8613d2d65ef4608a-ORD
alt-svc
h3=":443"; ma=86400
expires
0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: still-rain-a8cf.neqoham-jehunuq.workers.dev
URL: https://still-rain-a8cf.neqoham-jehunuq.workers.dev/css/3489hdjh38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paymentcon.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
691021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryQOKWMNQkW8bXgPNGeZVwABr4WBVmYfRRyUNPymXflrhvgXsnlQ4CtE%2BYDTN8gnktHQxK%2BRf%2F6GtiAnBckvzZ3P0GeF5Fcca7qVphxNoY5Woos1kSva2vqu6F%2BpiV6PA1%2FnWMkK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8613d2d6e921025a-ORD
expires
Wed, 26 Feb 2025 15:22:56 GMT
61327c43047138
still-rain-a8cf.neqoham-jehunuq.workers.dev/script/ 		434 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://still-rain-a8cf.neqoham-jehunuq.workers.dev/script/61327c43047138
Requested by
Host: still-rain-a8cf.neqoham-jehunuq.workers.dev
URL: https://still-rain-a8cf.neqoham-jehunuq.workers.dev/css/3489hdjh38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3646fee53e2bc9f69f1c0d30cb6c37188ea40b04785648b66f77aa131b9940e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paymentcon.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 15:22:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj50FALcEK7gp9Cgi2YUX%2BxQkv%2BqJNsHT60M8LNGzLrMpLLV%2B26wAMQuADvAjzeKDHcYt1bOs0CW21gZHMhtIW6VpI8J1zbvlxkW7JTp4eDSOjT2BBiaJ6R4gTaCyNXzZ7A%2FwetE5lh3uuqBJ3w5dF48c%2FpFP9Wr2Mzek2%2B9"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8613d2d6af57608a-ORD
alt-svc
h3=":443"; ma=86400
expires
0
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/js.cookie.min.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0xc056 function| _0x560b function| __uniqId function| loader_HTML_dom function| _0x1972 function| _0x3faa function| $ function| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff