wbqb9aqdzy641469d86ab44.andergc.ru Open in urlscan Pro
2606:4700:3034::6815:428b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/YYeQCxkN4vuwrnDkiYj9tw
Effective URL:
https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
Submission: On March 20 via manual (March 20th 2023, 5:16:45 am UTC) from IN — Scanned from US

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3034::6815:428b, located in United States and belongs to CLOUDFLARENET, US. The main domain is wbqb9aqdzy641469d86ab44.andergc.ru.
TLS certificate: Issued by GTS CA 1P5 on March 9th 2023. Valid for: 3 months.

This is the only time wbqb9aqdzy641469d86ab44.andergc.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	207.211.31.106 207.211.31.106	14135 (NAVISITE-...) (NAVISITE-EAST-2)
3 3	192.41.46.10 192.41.46.10	13951 (DATABANK-SLC) (DATABANK-SLC)
1	78.142.208.193 78.142.208.193	209853 (VERIDYEN ...) (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi)
9	2606:4700:303... 2606:4700:3034::6815:428b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	4

2 207.211.31.106 (Providence, United States) 2 redirects

ASN14135 (NAVISITE-EAST-2, US)
PTR: service151-us.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.41.46.10 (Salt Lake City, United States) 3 redirects

ASN13951 (DATABANK-SLC, US)
PTR: 192-41-46-10.c7dc.com

my.dealersocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.142.208.193 (Izmir, Turkey)

ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR)
PTR: raptor.veridyen.com

dosyatara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3034::6815:428b (United States)

ASN13335 (CLOUDFLARENET, US)

wbqb9aqdzy641469d86ab44.andergc.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:6b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	andergc.ru wbqb9aqdzy641469d86ab44.andergc.ru	134 KB
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	115 KB
3	dealersocket.com 3 redirects my.dealersocket.com — Cisco Umbrella Rank: 87711	2 KB
2	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 8691	3 KB
1	dosyatara.com dosyatara.com	262 B
17	5

	Domain	Requested by
9	wbqb9aqdzy641469d86ab44.andergc.ru	wbqb9aqdzy641469d86ab44.andergc.ru dosyatara.com
8	challenges.cloudflare.com	1 redirects wbqb9aqdzy641469d86ab44.andergc.ru challenges.cloudflare.com dosyatara.com
3	my.dealersocket.com	3 redirects
2	protect-us.mimecast.com	2 redirects
1	dosyatara.com
17	5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
dosyatara.com R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.andergc.ru GTS CA 1P5	`2023-03-09` - `2023-06-07`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
Frame ID: 6F4EF4271B8688A0D0C32AE20BBAA2AF
Requests: 14 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 22568DD4375ACF73132EBA0EC6B38415
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page Statistics

17
Requests

94 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

249 kB
Transfer

560 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://protect-us.mimecast.com/s/YYeQCxkN4vuwrnDkiYj9tw HTTP 307
https://protect-us.mimecast.com/r/i9z9pMj4zYunrA02g70veLEsrqdHEsh6QDISaLmyOStkBqbr9Vg53u_OndRKpENTuAJhyqfCWNaNZ8QdTdMTXr7yoUsbAbHIeIHIokQ8y9Kx4SieRsS7MFWJlaAM4MD_06Po0YCRb_nGL0ea5fbGXgmU8yCS6MG0zQKdsx4Kwfl_GKLM-71cEgjuWod45YYYnQV7D6mCBy-36Lq189RkEBr2hXeU_GeYD3yDBnMpARjj49Uv9lk79hMBku_gL0-zP86ew0E8Q0eqLtCAWStaesNPtWvsln7XJX52lhBZVM87rdT7oj_omF3N6aBcCeQ5wys0fsS3eeQ2FcT_TpX4X4zYszhXqc9JecAtRMIfDveu_7Ss9eUKI1ovTScZPwAfsXU6EoGcw6qf17pLPZ6yv2BeiZoA4sDEQq42MRj9y1Zz4THQ8G8WBGgGbyjRK3XLVF69i7aATCCsj2p1USp6rWzt_j20WLzUWb9iAO9T1H4BbfqBOHU-ueuWG9eRc_W0fuaVpLTMqVqUVlD5Htk0iYOiPOveuOuK06Yg8Nxe3cDWRZAuc0Cr13goLJvVorXJGb2MB4rUfQ3UXE6wLbhTdBUZC31h3Fu0g2O-4hkz6KCbF_a8e9M2vcGZXO1B-xmOU4tq7st80L_ES2bwCEL8ewnQ23eIIfCy26GvxHL0e9sOYtpFjw6PC2NA0Ix89sfcyrKsixfHOS8t9EIxupFpfwWHAxTyNmUdZI5VbZtXVSClP-t9TTFaKUHPMVDEG-XRA005w9Dw5UVCzsA6kzsj4I77Q9uOtsfnL9FLAyfXWj7mdELkMtQuzwkMHMrvRX0_ksc3GbA5KU-TTA4cawaFij6CxVpHY7FpoZf_JdtKID4HxSAKtaV549fa4NsQfrDpaAJPQd9SC_JtE8qig92lNu7YcRemKnLqn2jQRyubLgge3olI81W813fnMvslJV46iQeQzCHGlX1xAZiUQsz217s650pHwnZkInTyWO8Tf-LtaIh_9S3oWoUqTU6nUyG02AVMdjWhcg2mljXKwEpc6uxPv7G_CK9dna63aZiSGUO0E_q8CTedR4Y0NeN9o7wi92BFbHaY5a94wO08ROX_uRaGHB6mkir0336MD-lY_7HbDpTS_FCwVZHwcFhKdFlWaS1ydKgBJWecBqiylYfCEcHnBVso_sfCxWa7ds8LQ_iV_KLSY79TAhdvtYfMt45An18_6IfO6PcKSbzlbIGx0dNIZ1-vzL86j53Nqw3XacFd9miukwH8K3HnAYp4v2ipufvh3W76hjHlfW-iyxunxqIHUUF-GzudqArbbxotvOllW3TJKxwFH7szEVJywnkEh0fhvzO87iUQWzS7fNZ3dmPnZkXDoLgqifAF_NcQhlfxvqb8Vm_2sO_6-Yu-XKnXooGi5--ctZOg8BnXKXAGywfBhU5CG6o1Qg9xZ9HIsShM9UvMpiyGnCDBYoGVTmCiNYGQXBx-7W1RJo0vX0TLc6jQg1L9HvjaN3dfTucebWMfIvGIHJ-_5zde8OmCQbXaoGRZLnQrwtUuY5Vnb_7_OcpYrrp2J9SxxtGq2V7tIHYaIQIluHbcI8n6dFQkrapGVHC8fMSEgwHrwJRhKsHENWyKJCngePfj5WkwZfG40i2loaCYdNwQAkPZLIVTUpoy57MyU9QZgdhe7hcYy3oK_6dUBT6ZPdiEWYihXCp1vH__ANcugYnIaQYmDxqvMFzU_uKIeg-gK2jKPpiNU5sCh9qttdqz_gzNk3FFgfW1zaF02hpKdQ40jJISiDB39svhyJ0fb5I5BxFC8rQ-cRrdzbIbwOI4SO6tsyfKblSrt836HKgcC-CGiC3C5KN9NV3I5ETQChGzakn1PHAQ8K3dlGSXyUY6cxWKvyRNNkBl0AS5XH2oVFYsBMuVOhJnM7N3gfegG9L8FEf3__fTORFuUqwVFLKhVhSBN4ypZXPjqDBMCezqaPo4zKBVzlEQc70NJKbvBnKFYlyiQdFLwg8-u0q79DCywCtYcKqlxmpA5kO_84TsTP9v0z8vD_J2WIgkuALF-AZmVkkWBbp4teHc0gVpEpdYMoIeqkpmnNoXmBXx6zqSr_J2MjQQvGzWc8_uV2sGWWLgOMElScu1_4-h_rHHSAPQlH-YqTjM5t1z4R98C4JFB1FJYv5_bLdGgF1N85Q6uebY4TeyEAWCMDiacw HTTP 307
https://my.dealersocket.com/emailtrack/track/track?siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=https://dosyatara.com/nshg/ANXBF/nvlzyjt%2F%2F%2F%2FBKU@hanonsystems.com HTTP 307
https://my.dealersocket.com/VersionManager/EmailTrack/Route?page=%2Femailtrack%2Ftrack%2Ftrack%3FsiteId%3D19%26sentId%3D51150%26entityId%3D607895%26emailType%3Ddoc%26redirectLink%3Dhttps%3A%2F%2Fdosyatara.com%2Fnshg%2FANXBF%2Fnvlzyjt%252F%252F%252F%252FBKU%40hanonsystems.com HTTP 302
https://my.dealersocket.com/emailtrack/track/track?NoRedirect=1&siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=https:%2f%2fdosyatara.com%2fnshg%2fANXBF%2fnvlzyjt%2f%2f%2f%2fBKU%40hanonsystems.com HTTP 302
https://dosyatara.com/nshg/ANXBF/nvlzyjt////BKU@hanonsystems.com

Request Chain 5

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

17 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

BKU@hanonsystems.com Show response
dosyatara.com/nshg/ANXBF/nvlzyjt////
Redirect Chain

https://protect-us.mimecast.com/s/YYeQCxkN4vuwrnDkiYj9tw
https://protect-us.mimecast.com/r/i9z9pMj4zYunrA02g70veLEsrqdHEsh6QDISaLmyOStkBqbr9Vg53u_OndRKpENTuAJhyqfCWNaNZ8QdTdMTXr7yoUsbAbHIeIHIokQ8y9Kx4SieRsS7MFWJlaAM4MD_06Po0YCRb_nGL0ea5fbGXgmU8yCS6MG0zQK...
https://my.dealersocket.com/emailtrack/track/track?siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=https://dosyatara.com/nshg/ANXBF/nvlzyjt%2F%2F%2F%2FBKU@hanonsystems.com
https://my.dealersocket.com/VersionManager/EmailTrack/Route?page=%2Femailtrack%2Ftrack%2Ftrack%3FsiteId%3D19%26sentId%3D51150%26entityId%3D607895%26emailType%3Ddoc%26redirectLink%3Dhttps%3A%2F%2Fdo...
https://my.dealersocket.com/emailtrack/track/track?NoRedirect=1&siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=https:%2f%2fdosyatara.com%2fnshg%2fANXBF%2fnvlzyjt%2f%2f%2f%2fBKU%4...
https://dosyatara.com/nshg/ANXBF/nvlzyjt////BKU@hanonsystems.com

0
262 B

770ms
207ms

Document
text/html

78.142.208.193
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://dosyatara.com/nshg/ANXBF/nvlzyjt////BKU@hanonsystems.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.142.208.193 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: raptor.veridyen.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 20 Mar 2023 05:16:40 GMT
refresh: 0;url=https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com

Redirect headers

Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Mar 2023 05:15:10 GMT
Location: https://dosyatara.com/nshg/ANXBF/nvlzyjt////BKU@hanonsystems.com
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Box: SLCWEB12
X-Server: WEB.us.slc.prod.dealersocket.net
p3p: CP="ADMa DEVa OUR NOR DSP NON COR"

GET
H2 403 Primary Request MBKU@hanonsystems.com Show response
wbqb9aqdzy641469d86ab44.andergc.ru/ 8 KB
5 KB 150ms
40ms Document
text/html 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fabb4a37df00163cab496c4a4c531ce656c2a680cbd19c6fcff02a3d678a988

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://dosyatara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7aab7c002b6d31e0-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 20 Mar 2023 05:16:40 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiCBxjx1PKZkiRVIRYEwUGjKr2OMi2GdlwQLKbvwW%2BONY%2Fxok8jpM7g4DhyDAqFtq%2BuWmnAZDtlC63NckCzswIXPZQQy4cJG7qEnnbodmgh8tjA4qJ9D61G7kVuPHvEPeFaZOlQkaGZA%2FfTYPXphh9s2g7n8MOT5rkfs6Ncu5eBT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/styles/ 6 KB
3 KB 39ms
35ms Stylesheet
text/css 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/styles/challenges.css

Requested by

Host: wbqb9aqdzy641469d86ab44.andergc.ru
URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: W/"6407c10b-182e"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7aab7c00bbf531e0-MIA
expires: Mon, 20 Mar 2023 07:16:40 GMT

GET
H2 403 favicon.ico
wbqb9aqdzy641469d86ab44.andergc.ru/ 8 KB
8 KB 40ms
39ms Image
text/html 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wbqb9aqdzy641469d86ab44.andergc.ru/favicon.ico

Requested by

Host: wbqb9aqdzy641469d86ab44.andergc.ru
URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c300da4cdb1e7b249fb389f538600ea20b0c8712ca3fb2efb63344c55ad6131

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBgos4TrLY4lkLgRyp%2BA%2FwMZzOwPTmFFHVM1i%2Fp5Z0giz5h4xlQiCwt9yg42rvbrtLfN6Vsiyv1pww9lC4Ktw0cd33FLDdbgsZlUalrA%2FdAcqzZKlmS9l8ivtqDPmdAQOhJeAOpFsXWxfEk4Q8XBq%2F3OnKxqOdXHQxFXFF2AbW4z"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7aab7c00bbf631e0-MIA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 v1 Show response
wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 150 KB
54 KB 45ms
44ms Script
application/javascript 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7aab7c002b6d31e0
Requested by: Host: wbqb9aqdzy641469d86ab44.andergc.ru
URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e3e4a6d94b50eb9edab5ef6870c49c8da1649517bcf9d58e44276cf94b727c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com?__cf_chl_rt_tk=4G2RQWPe._5nCEgKj4h.rx8VPOnJf9I_yyWjlmULlOY-1679289400-0-gaNycGzNCmU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90VQ7lNaBmsMO4b3GJtf%2Bt9QqWU3L%2FF6NIYsuoxtk11JZe6nCkP9Cy8MChHYLE0XQrvGMIE8b31RbtKxlki5sFBcAzwicR0ibV1SATIEfD40GSxVdMiu2o29OfQ%2BDDp%2BSKsx0g%2BnCE%2B9Zz3%2BCXX0hBNH1dXxCP2L%2BVCgUTg%2F8xzj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7aab7c00fc4d31e0-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/images/trace/managed/js/ 42 B
127 B 38ms
37ms Image
image/gif 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7aab7c002b6d31e0

Requested by

Host: wbqb9aqdzy641469d86ab44.andergc.ru
URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com?__cf_chl_rt_tk=4G2RQWPe._5nCEgKj4h.rx8VPOnJf9I_yyWjlmULlOY-1679289400-0-gaNycGzNCmU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com?__cf_chl_rt_tk=4G2RQWPe._5nCEgKj4h.rx8VPOnJf9I_yyWjlmULlOY-1679289400-0-gaNycGzNCmU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: "6407c10b-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7aab7c00fc4e31e0-MIA
content-length: 42
expires: Mon, 20 Mar 2023 07:16:40 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/db880165/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

68ms
67ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: wbqb9aqdzy641469d86ab44.andergc.ru
URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
Protocol: H2
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:40 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7aab7c02894f0247-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 20 Mar 2023 05:16:40 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age=300, public
cf-ray: 7aab7c0249280247-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 1eea1484eaad738 Show response
wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/794596472:1679286385:nwMKDNm2ocSB6aWUIUgDwytF81sH-rEWANSlRzVs9rc/7aab7c002b6d31e0/ 111 KB
58 KB 77ms
76ms XHR
text/plain 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/794596472:1679286385:nwMKDNm2ocSB6aWUIUgDwytF81sH-rEWANSlRzVs9rc/7aab7c002b6d31e0/1eea1484eaad738
Requested by: Host: wbqb9aqdzy641469d86ab44.andergc.ru
URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7aab7c002b6d31e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59c48e0e49e1ebc755e539a8aa2b7acf25bb9e1068fc0fef0934bedb9b53433

Request headers

Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 1eea1484eaad738
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 05:16:40 GMT
content-encoding: br
cf_chl_gen: 1TmRgCxNe2kWULP/q2pHwEm3GQicGaOzHQxTZ78bWSNuIMf6/VHsRvf/tsaO5QT1OJr06zQfT0YSKoi79+RyYPv1puUJGr8x/qaAapxx6QD37/++KPG+xVGZ05Aw+ey+8PI/NT2HRaNBJ0kWInK93tmR+okJB/KGKvnyohmgJ+c+x7yUB/LqqxvXCOkp8Ff0Ww2u5py/qU0s9ns78NZSte2uipbTqxBeOg+ddvKLr9NyrczhBfLadfG7f1mGV2ODu2cBZmO7xJzLCFlX3q5nbjie0rqGqHvdq69s2i7LiQWCXA/ZJzW/HibYdpvkhf6sIPxoVQldtdVzDtMVf1zujpjXkKgmGB2f5m0tq025Ef9z0RSf0er5f+u4v4XNHr8UEebBcmNxswgmLoyohndyXaubJn9sXPluKJnzeoudof8=$JW3OPszA7E0C9YybDFILoQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsDjhKFYFTGoQJKri%2FwTbS%2FWyiRIAXOfkVHt5vCflkr863gjJEkO3Fod2U4skXvmBkHKA5tBKbW4hiQpfMVgI5TGNEETQYQkOOrlCVliFk4MsLihjLi%2BhL1Tq0S2iuc%2FR4VzXu9BHmi0WgTJ%2FO%2F%2B7xT7Lyg6lpw825SzazUDODwe"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7aab7c02696a67b6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 401 11nfBKoJ4FxhaaX Show response
wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/pat/7aab7c002b6d31e0/1679289400710/fd0b89e2835b574975186fa30bf1bf011bda9f70dd5a68d516191b40b20bdfa2/ 1 B
959 B 44ms
42ms Fetch
text/plain 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/pat/7aab7c002b6d31e0/1679289400710/fd0b89e2835b574975186fa30bf1bf011bda9f70dd5a68d516191b40b20bdfa2/11nfBKoJ4FxhaaX
Requested by: Host: dosyatara.com
URL: https://dosyatara.com/nshg/ANXBF/nvlzyjt////BKU@hanonsystems.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:41 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g_QuJ4oNbV0l1GG-jC_G_ARvan3DdWmjVFhkbQLIL36IAIndicWI5YXFkenk2NDE0NjlkODZhYjQ0LmFuZGVyZ2MucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K401UlARyquw5LykqCiYd3LphhSHzY%2F7fXpplcSmZIlWW5aliU5sWqPv%2BFSjXO0lzdz3zcXehnRFQSgMRytHRACdlEv95CxGIlHtW9emNK1z3x9lKPYiyv%2FNuCci55FWWtmo6B7kbmv8slQSxKWYo2EmX32ZSdfmMn3iSMIzhP1a"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7aab7c07cedf67b6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ftjJT9HiYmzLDu2
wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/img/7aab7c002b6d31e0/1679289400712/ 61 B
469 B 42ms
42ms Image
image/png 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/img/7aab7c002b6d31e0/1679289400712/ftjJT9HiYmzLDu2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6147953dfd0275f926f4547cc643a1f9bb7d0e5c5f3652b76bfe2b1bbf45bd2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aab7c0a496d67b6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEYJs9uNH9uiMe2v8iYZzkMDGMjMMKhBmclTHY4oLL%2FfillBxslL%2FboIoUo3Ij27t%2FigHG2kbyhKeK6fNHI2uZ66XnS3uoRLEmk9XE9RHHH2em7evxTXxmvuUPKIF3GKsHTsk5EIhvJXuMsWz0EXl6RNZsUPtV1s2grQxKzPNlUC"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H3 200 1eea1484eaad738 Show response
wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/794596472:1679286385:nwMKDNm2ocSB6aWUIUgDwytF81sH-rEWANSlRzVs9rc/7aab7c002b6d31e0/ 5 KB
4 KB 64ms
60ms XHR
text/plain 2606:4700:3034::6815:428b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/794596472:1679286385:nwMKDNm2ocSB6aWUIUgDwytF81sH-rEWANSlRzVs9rc/7aab7c002b6d31e0/1eea1484eaad738
Requested by: Host: wbqb9aqdzy641469d86ab44.andergc.ru
URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7aab7c002b6d31e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:428b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701b048494331247c34757a02de063404d8aa979c4acf071261a5c0968b5c263

Request headers

Referer: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 1eea1484eaad738
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 05:16:42 GMT
content-encoding: br
cf_chl_gen: 9kKQevrxQqIm5o8kA5zpJbffAaTsmAPVvIk/rMGGavC/dxzmBS2SsXk2/gTKz7qL$opA0k15kIPLhqEHOZIr4kQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZX13ivkXQW%2BawKeNizCzBzbNIPRBO%2BAoUUKVVj7EzbZ7G6uwinToFtc9pS90lWBNgnoRPbh8OnPcGfa6uAOso%2Ba6PtesdLrs0INSQGUG5TQa%2BGEqpL0MbD1vC%2F%2Btjs1CQWQDv2yoYnZcXmI4t2ZeeT4eYUjWRV75Dmb7Pp%2FBREzX"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7aab7c101fd967b6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 2256 21 KB
7 KB 87ms
48ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784af1b58e7bdc00860bafdedeae6298cc82451fb1a9dcf40b7038cf77c04bc7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7aab7c10cef467e6-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 05:16:43 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 2256 147 KB
53 KB 68ms
67ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7aab7c10cef467e6
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe35cf24f8628c3f64c9ddff03bf4d3838605aeb3ee6f6c784480fceaac9044d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:43 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7aab7c11bfca67e6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 f3605a0f758c5b7 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34218905:1679286766:GGlwHQhq27wd1_7uY4jJ1LcRp1bWZBIbAB1uiisIsQs/7aab7c10cef467e6/ Frame 2256 79 KB
40 KB 75ms
74ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34218905:1679286766:GGlwHQhq27wd1_7uY4jJ1LcRp1bWZBIbAB1uiisIsQs/7aab7c10cef467e6/f3605a0f758c5b7
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7aab7c10cef467e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: febdb0206678a05cffcbb2b0b0b39f7bf50fff886b13625b7f0959f1f925cace

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: f3605a0f758c5b7
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 05:16:43 GMT
content-encoding: br
cf_chl_gen: jFXAmYJTrbiy6ZMtawVxh+0GPBCOoePgd2UH0XFsKYeLNWes5o1u3YTbKZVI6RDqEU7zR9AKNJxcCwL339A3UFbSZl+MVm24NGv7EqcZghelsQ5Ke336+Ww+1J72QHtH0n4DDnDPBaKk7lGzskwVlrcJ1yR6we7fzfBreQRGtIVQOBeHn/PC/qj0dsvxiEQ1knpxvVTzVDhOvGdtkO9jfRiM4PrpkXVbGAZNqU8LIabHNGjrp4h8w345XDZ/WkiKisBm9CnA7KbuaNQ32HnDEOjECNdnal5ZHCUMsSRsTCb4Uh6IpJ+336w70hrRW9uQ$KLookdJNgJAieRNaXG2Oqg==
server: cloudflare
cf-ray: 7aab7c1379ef67e6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 kBXjC89NlzdnoTN
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7aab7c10cef467e6/1679289403445/ Frame 2256 61 B
166 B 43ms
42ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7aab7c10cef467e6/1679289403445/kBXjC89NlzdnoTN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75742f417fad13a43120dde866e1cf88a51b7828b58d4602a5c4dabf3f1c87df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:43 GMT
server: cloudflare
cf-ray: 7aab7c168d7e67e6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 NC0GotVSZkhjEhE Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7aab7c10cef467e6/1679289403447/44b96c35ad5bc9972f6a01d673bd56d7f54e85c89ede980487635380894bdd20/ Frame 2256 1 B
645 B 43ms
42ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7aab7c10cef467e6/1679289403447/44b96c35ad5bc9972f6a01d673bd56d7f54e85c89ede980487635380894bdd20/NC0GotVSZkhjEhE
Requested by: Host: dosyatara.com
URL: https://dosyatara.com/nshg/ANXBF/nvlzyjt////BKU@hanonsystems.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 05:16:44 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gRLlsNa1byZcvagHWc71W1_VOhcie3pgEh2NTgIlL3SAAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7aab7c1ced5267e6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 f3605a0f758c5b7 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34218905:1679286766:GGlwHQhq27wd1_7uY4jJ1LcRp1bWZBIbAB1uiisIsQs/7aab7c10cef467e6/ Frame 2256 11 KB
8 KB 69ms
59ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/34218905:1679286766:GGlwHQhq27wd1_7uY4jJ1LcRp1bWZBIbAB1uiisIsQs/7aab7c10cef467e6/f3605a0f758c5b7
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7aab7c10cef467e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab95439fa631ecbec59a01cdf58986b854e00bf55e9abdbb52e44b540fff6ef2

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/haadj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: f3605a0f758c5b7
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 05:16:45 GMT
content-encoding: br
cf_chl_gen: bsfU0RvMCsPSErjIufNWE86kPaNyVaa8p57DI4mKuPwuz3yFOKtUi7Mqoxj49UX2$dSBKDoNFiUCovQ3HCbGeNw==
server: cloudflare
cf-ray: 7aab7c1deea467e6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dealersocket.com/	1969-12-31 23:59:59	Name: RP_rp Value: GEN
			.dealersocket.com/	1969-12-31 23:59:59	Name: RP_dc Value: 4

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/MBKU@hanonsystems.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://wbqb9aqdzy641469d86ab44.andergc.ru/cdn-cgi/challenge-platform/h/g/pat/7aab7c002b6d31e0/1679289400710/fd0b89e2835b574975186fa30bf1bf011bda9f70dd5a68d516191b40b20bdfa2/11nfBKoJ4FxhaaX Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7aab7c10cef467e6/1679289403447/44b96c35ad5bc9972f6a01d673bd56d7f54e85c89ede980487635380894bdd20/NC0GotVSZkhjEhE Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
dosyatara.com
my.dealersocket.com
protect-us.mimecast.com
wbqb9aqdzy641469d86ab44.andergc.ru
192.41.46.10
207.211.31.106
2606:4700:3034::6815:428b
2606:4700::6812:6b9
78.142.208.193
33e3e4a6d94b50eb9edab5ef6870c49c8da1649517bcf9d58e44276cf94b727c
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
6147953dfd0275f926f4547cc643a1f9bb7d0e5c5f3652b76bfe2b1bbf45bd2c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6c300da4cdb1e7b249fb389f538600ea20b0c8712ca3fb2efb63344c55ad6131
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
701b048494331247c34757a02de063404d8aa979c4acf071261a5c0968b5c263
75742f417fad13a43120dde866e1cf88a51b7828b58d4602a5c4dabf3f1c87df
784af1b58e7bdc00860bafdedeae6298cc82451fb1a9dcf40b7038cf77c04bc7
9fabb4a37df00163cab496c4a4c531ce656c2a680cbd19c6fcff02a3d678a988
ab95439fa631ecbec59a01cdf58986b854e00bf55e9abdbb52e44b540fff6ef2
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59c48e0e49e1ebc755e539a8aa2b7acf25bb9e1068fc0fef0934bedb9b53433
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
fe35cf24f8628c3f64c9ddff03bf4d3838605aeb3ee6f6c784480fceaac9044d
febdb0206678a05cffcbb2b0b0b39f7bf50fff886b13625b7f0959f1f925cace

wbqb9aqdzy641469d86ab44.andergc.ru Open in urlscan Pro 2606:4700:3034::6815:428b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

94 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

249 kBTransfer

560 kBSize

2 Cookies

1 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

2 Cookies

6 Console Messages

Indicators

wbqb9aqdzy641469d86ab44.andergc.ru Open in urlscan Pro
2606:4700:3034::6815:428b Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

249 kB
Transfer

560 kB
Size

2
Cookies

17 HTTP transactions
3 data transactions