www.orangeobserver.com Open in urlscan Pro
2606:4700:20::681a:889 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
Submission: On February 14 via api (February 14th 2022, 4:19:59 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:20::681a:889, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.orangeobserver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.

This is the only time www.orangeobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:20:... 2606:4700:20::681a:889	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	4

10 2606:4700:20::681a:889 (United States)

ASN13335 (CLOUDFLARENET, US)

www.orangeobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7981 newassets.hcaptcha.com — Cisco Umbrella Rank: 10830	940 KB
10	orangeobserver.com www.orangeobserver.com	128 KB
25	2

	Domain	Requested by
10	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
10	www.orangeobserver.com	www.orangeobserver.com
5	hcaptcha.com	www.orangeobserver.com newassets.hcaptcha.com
25	3

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
www.cloudflare.com

Subject Issuer	Validity	Valid
orangeobserver.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
Frame ID: 6523862D1625C4B8D37D840A20C8F643
Requests: 11 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html
Frame ID: 4ADE0C8A3F184607EB63011097C809C0
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html
Frame ID: 88A936F229AD552F8937937AF60A23E0
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html
Frame ID: 8C2A408C4032AF71E20EDD9504EE8D6B
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html
Frame ID: 6BB8672BDEC71B6773BF52D76A5CD0EB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attention Required! | Cloudflare

Detected technologies

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

25
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

1067 kB
Transfer

2828 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/privacy-pass/ajhmfdgkijocedmfjonnpjfojldioehi
Title: Chrome Web Store

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/5xx-error-landing
Title: Cloudflare

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 Primary Request keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care Show response
www.orangeobserver.com/article/ 14 KB
7 KB 78ms
25ms Document
text/html 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

614c0accf7d9a46813dca6b4dd9c3cd10264d5fae838d88ce2fce382a61d6d47

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp7jhbyoiUEu7M%2FLYjPtMAvUNT5xm9q9%2B3QPauIf5OjzaeB78q4UmBIAF%2BZdAKFBKp6yD0MxVvtRsYtroNTLcF5lM%2FVVCTEIIfQpze3D9xBUode2U19EtK%2ByXH8uHRvgWo5nUri%2FdXR2nkJqxNUKpUcVBnI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6dd79eee09e791cf-FRA
content-encoding: br

GET
H2 200 cf.errors.css
www.orangeobserver.com/cdn-cgi/styles/ 23 KB
4 KB 10ms
10ms Stylesheet
text/css 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orangeobserver.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:13:50 GMT
server: cloudflare
etag: W/"6206c37e-5c88"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 6dd79eee5aa991cf-FRA
vary: Accept-Encoding
expires: Mon, 14 Feb 2022 18:19:55 GMT

GET
H2 200 transparent.gif
www.orangeobserver.com/cdn-cgi/images/trace/captcha/nojs/h/ 42 B
128 B 9ms
9ms Image
image/gif 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orangeobserver.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=6dd79eee09e791cf

Requested by

Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:13:50 GMT
server: cloudflare
etag: "6206c37e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6dd79eee6ad091cf-FRA
vary: Accept-Encoding
content-length: 42
expires: Mon, 14 Feb 2022 18:19:55 GMT

GET
H2 200 v1 Show response
www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 41 KB
15 KB 27ms
26ms Script
text/javascript 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6dd79eee09e791cf
Requested by: Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e896367ac5bce8a1579ab74dee6b779920d2956c18150d9f82a3cbfe931cce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care?__cf_chl_rt_tk=Suj6aH2PErgHg5PFrVD3oZmdeJKpieAcbuwdYQywKQs-1644855595-0-gaNycGzNCFE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBrSilBv82DrC8wegW8dJl3ed9kpnGqg%2FZv2YAoEuSrvWPQMzPJU8FpCRXB2BLDbRYKMg3ppTk8w19mx6ASItiVd1%2Fmc2HzFt%2BZIEJBE%2FR7CtGN83zGDQfyA8doiaAjt6tra3A7pRxpp2jPvXX9OzUSh4%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 6dd79eee8b1391cf-FRA

GET
H2 200 transparent.gif
www.orangeobserver.com/cdn-cgi/images/trace/captcha/js/ 42 B
101 B 9ms
9ms Image
image/gif 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orangeobserver.com/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=6dd79eee09e791cf

Requested by

Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care?__cf_chl_rt_tk=Suj6aH2PErgHg5PFrVD3oZmdeJKpieAcbuwdYQywKQs-1644855595-0-gaNycGzNCFE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care?__cf_chl_rt_tk=Suj6aH2PErgHg5PFrVD3oZmdeJKpieAcbuwdYQywKQs-1644855595-0-gaNycGzNCFE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:13:50 GMT
server: cloudflare
etag: "6206c37e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6dd79eee8b1691cf-FRA
vary: Accept-Encoding
content-length: 42
expires: Mon, 14 Feb 2022 18:19:55 GMT

GET
H2 200 browser-bar.png
www.orangeobserver.com/cdn-cgi/images/ 715 B
790 B 10ms
10ms Image
image/png 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orangeobserver.com/cdn-cgi/images/browser-bar.png?1376755637

Requested by

Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:13:50 GMT
server: cloudflare
etag: "6206c37e-2cb"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6dd79eee9b1a91cf-FRA
vary: Accept-Encoding
content-length: 715
expires: Mon, 14 Feb 2022 18:19:55 GMT

GET
H2 200 cf-no-screenshot-warn.png
www.orangeobserver.com/cdn-cgi/images/ 3 KB
3 KB 8ms
8ms Image
image/png 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orangeobserver.com/cdn-cgi/images/cf-no-screenshot-warn.png

Requested by

Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:13:50 GMT
server: cloudflare
etag: "6206c37e-a20"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6dd79eee9b1d91cf-FRA
vary: Accept-Encoding
content-length: 2592
expires: Mon, 14 Feb 2022 18:19:55 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ 83 KB
27 KB 59ms
22ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Requested by

Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6dd79eee09e791cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

020f05e832b2227068fc08c16edd1d12503f0835d7b2d0c42cbae1d60eb0879c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
server: cloudflare
etag: W/"2276f73eb93182b70d919341e6b9d2b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: FRA56-P4
cf-ray: 6dd79eef091c90e8-FRA
x-amz-cf-id: CHJMI9_SZIt9dLeEfddIq_OB80cybXPqlKwmqkBW6i2IdxwXIUZuAA==

POST
H2 200 d8e8ba995542229 Show response
www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.663437925502147:1644854758:ba0327bde0361aa3e883c9347871b9377d2f6de15e831fea28ec1dcc2165e190/6dd79eee09e791cf/ 91 KB
92 KB 88ms
88ms XHR
text/plain 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.663437925502147:1644854758:ba0327bde0361aa3e883c9347871b9377d2f6de15e831fea28ec1dcc2165e190/6dd79eee09e791cf/d8e8ba995542229
Requested by: Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6dd79eee09e791cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1db68e184b3cc0c36750d572047e75a83cdf916620de06c5d3f7bef423f9507

Request headers

Referer: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
CF-Challenge: d8e8ba995542229
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 16:19:55 GMT
cf_chl_gen: 9kgtTSRdZ9ul4AzfphJTDa+FynLJbDVKRGQjkCs+0FUr4EzYMA0ZQLOTUySMWc+2IfprDRWilfX7mrGCUmdnM8HLhxFZSizNCPwS8mWFAjR8jbchjYESGkzeiE/rtG2aG5bPwycgmSu/FKQEIH001AS7xSB+26wtVRFzJgWT/U4GDjSd5rzle1+w+mHEHf1jgjsI/7sFsUE2MJD9KepciwCKedq5Ucqvi6Qb0rQwrJHeF+NKt89mfDsegbJks52uSIBF+oA/sd9tRqJaPliUxb/5OmyyMLAJbBEyPCe5qwIqCIl0VCsNq8GAHKVt+CnPX7ZKXb38Gk06y0V2o13deg==$1ViEzlkXlUW2c+/MIH71AQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dd79eef7d4091cf-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtfTWl5SoYpDysQBf59aEHyHeDLJkMEZdHhGHmoy1SWmbkREtzj7955GcTWcvjbs88%2Fy%2BHdl6qz7ne0XyUB1dyezd9OEbobDvAL2l3h7H94QYTekxgpQAZD1Yk2hJllkosOrvoZd0ZugfrE0SeYt6%2BGJHVE%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 6ea583e7e088306-1644855595467
www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/img/6dd79eee09e791cf/bec8a940/ 61 B
365 B 22ms
22ms Image
image/png 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/img/6dd79eee09e791cf/bec8a940/6ea583e7e088306-1644855595467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ba2cbe8ba6ed6a2c5a29353303e5f27986aba912cbe25b187d1c88f0c363f2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMW4LU9q9sgkXr7m6BBn8l3zzPr%2F7B5%2F36AD384EFw4XTIIhF1QZYkySGaHPQoGC243aHx94Y1c5RP%2F8T7%2FxfVkht77LdtXt17eP32QEKK1HgDUSVotzasmks16eXAfr7qRi5V2IiExx13coie2Aeht80sI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 6dd79ef61a9e91cf-FRA

POST
H2 200 d8e8ba995542229 Show response
www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.663437925502147:1644854758:ba0327bde0361aa3e883c9347871b9377d2f6de15e831fea28ec1dcc2165e190/6dd79eee09e791cf/ 4 KB
5 KB 52ms
52ms XHR
text/plain 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.663437925502147:1644854758:ba0327bde0361aa3e883c9347871b9377d2f6de15e831fea28ec1dcc2165e190/6dd79eee09e791cf/d8e8ba995542229
Requested by: Host: www.orangeobserver.com
URL: https://www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6dd79eee09e791cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8025fd958651eb0ba2e0ee5c334d424243cc9ee8b21d8d1a78d0d4a0b407caa

Request headers

Referer: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
CF-Challenge: d8e8ba995542229
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
cf_chl_gen: vKDpCZCMCevW3QIJwAMFgBtPl1CoDYqt4U9owYQt6hw=$mOurQYM7T11O8dyheEl6Tg==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dd79ef6abde91cf-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJhk9E%2B9%2BlUuGELbItQvQPGpvfpjqgq0JrU6u9s2oKg7Ydxu17p9AtQo%2FscQzijgVMvm%2FZ74u3234u6Yq3kUQAbP07SnFuRDmCtG8dwU9FCilmucS%2BAqn2paooPH%2Ff0uW1OxOmUHYtaAmoyeMMzmarpUYeM%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/static/ Frame 4ADE 2 KB
1 KB 20ms
13ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbdbea365d9db1a5cd9c154e77c67ae59682f40558bd7464444371aaaf98212

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-type: text/html
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LRtreVsi4rfMaagciH7c0Q97_oMpMEFifSiXMK8QDDF5PaSLYM7dPg==
age: 27027
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dd79ef7fbad90e8-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/static/ Frame 88A9 2 KB
1 KB 25ms
20ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1cfc6756419a10ac2a41eca4f2e3757301257b748bae9b78e3b268044825581

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-type: text/html
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: jaYesLWvq_o3EF2nilmZ34XoP1cxTZgStp3V_vw9a1QncUM9O9JLuw==
age: 27027
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dd79ef7fbac90e8-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/static/ Frame 8C2A 2 KB
1 KB 21ms
16ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbdbea365d9db1a5cd9c154e77c67ae59682f40558bd7464444371aaaf98212

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-type: text/html
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LRtreVsi4rfMaagciH7c0Q97_oMpMEFifSiXMK8QDDF5PaSLYM7dPg==
age: 27027
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dd79ef7fbbf90e8-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/static/ Frame 6BB8 2 KB
1 KB 18ms
17ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1cfc6756419a10ac2a41eca4f2e3757301257b748bae9b78e3b268044825581

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.orangeobserver.com/

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-type: text/html
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: jaYesLWvq_o3EF2nilmZ34XoP1cxTZgStp3V_vw9a1QncUM9O9JLuw==
age: 27027
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dd79ef7fbc190e8-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/ Frame 4ADE 208 KB
60 KB 17ms
16ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f679802707808a1972f52074502fdaeece0ba16bb915536725c37f9d5b8c202

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27026
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60786
access-control-allow-origin: *
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
server: cloudflare
etag: "0f32bdcad026b8d84ce258bcc69a1bbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6dd79ef83c5990e8-FRA
x-amz-cf-id: M4Zj6-kZ6k8jTFrONYkL2wIPeQH2tDjA5S10i9rlZaSkLiVYU5eVpw==

GET
H2 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/ Frame 8C2A 208 KB
59 KB 22ms
22ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f679802707808a1972f52074502fdaeece0ba16bb915536725c37f9d5b8c202

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27026
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60786
access-control-allow-origin: *
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
server: cloudflare
etag: "0f32bdcad026b8d84ce258bcc69a1bbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6dd79ef83c5b90e8-FRA
x-amz-cf-id: M4Zj6-kZ6k8jTFrONYkL2wIPeQH2tDjA5S10i9rlZaSkLiVYU5eVpw==

GET
H2 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/ Frame 6BB8 151 KB
47 KB 31ms
31ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3aa6dfc36722b2ce59da8c2bf3db1ec20b2fe837b64e3ec73281ef30610355f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27026
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47888
access-control-allow-origin: *
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
server: cloudflare
etag: "a54432fe96991fd527cd6f90084871ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6dd79ef83c7090e8-FRA
x-amz-cf-id: DzeVDZXOFzZxKUSO7I8U5D9DKy8XDrOaAubHMFVR2eLnITIajBKYsA==

GET
H2 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/1263b6b/ Frame 88A9 151 KB
47 KB 22ms
22ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3aa6dfc36722b2ce59da8c2bf3db1ec20b2fe837b64e3ec73281ef30610355f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27026
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47888
access-control-allow-origin: *
last-modified: Mon, 14 Feb 2022 08:35:42 GMT
server: cloudflare
etag: "a54432fe96991fd527cd6f90084871ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6dd79ef83c7490e8-FRA
x-amz-cf-id: DzeVDZXOFzZxKUSO7I8U5D9DKy8XDrOaAubHMFVR2eLnITIajBKYsA==

GET
DATA 200
OK truncated
/ Frame 88A9 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame 88A9 508 B
894 B 35ms
34ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=1263b6b&host=www.orangeobserver.com&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979c184413f539fc4ff5a4ccd7808ee5dbbdef21875309e63f30d1ea869fe270

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6dd79ef8f9109090-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 26ms
15ms Preflight 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=1263b6b&host=www.orangeobserver.com&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dd79ef8e9879140-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 6BB8 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame 6BB8 508 B
858 B 47ms
47ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=1263b6b&host=www.orangeobserver.com&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16d6f70d203d6613c264851767c7bf6f509b66a926962f1e1eb2a5748dde229

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 14 Feb 2022 16:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6dd79ef9092f9090-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 21ms
21ms Preflight 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=1263b6b&host=www.orangeobserver.com&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Feb 2022 16:19:56 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dd79ef8e9899140-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/2e2c2eca/ Frame 4ADE 919 KB
347 KB 29ms
29ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/2e2c2eca/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:57 GMT
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7519
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Feb 2022 13:24:50 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
cf-ray: 6dd79ef939929090-FRA
x-amz-cf-id: 5MMDC0L7_sfm7lTRf42bf4acRiPYKs_j41b0axs3YiWDInEhxmXB-Q==

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/2e2c2eca/ Frame 8C2A 919 KB
347 KB 51ms
50ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/2e2c2eca/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1263b6b/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1263b6b/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:19:57 GMT
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7519
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Feb 2022 13:24:50 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
cf-ray: 6dd79ef959b39090-FRA
x-amz-cf-id: 5MMDC0L7_sfm7lTRf42bf4acRiPYKs_j41b0axs3YiWDInEhxmXB-Q==

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orangeobserver.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.663437925502147:1644854758:ba0327bde0361aa3e883c9347871b9377d2f6de15e831fea28ec1dcc2165e190/6dd79eee09e791cf	1969-12-31 23:59:59	Name: cf_chl_seq_d8e8ba995542229 Value: a5b0a86f345802b
www.orangeobserver.com/	1970-01-20 00:54:19	Name: cf_chl_2 Value: d8e8ba995542229
www.orangeobserver.com/	1970-01-20 00:54:19	Name: cf_chl_prog Value: b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.orangeobserver.com/article/keys-to-independence-awards-1-000th-drivers-license-to-youth-in-foster-care Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hcaptcha.com
newassets.hcaptcha.com
www.orangeobserver.com
104.16.168.131
104.16.169.131
2606:4700:20::681a:889
020f05e832b2227068fc08c16edd1d12503f0835d7b2d0c42cbae1d60eb0879c
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
1dbdbea365d9db1a5cd9c154e77c67ae59682f40558bd7464444371aaaf98212
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
614c0accf7d9a46813dca6b4dd9c3cd10264d5fae838d88ce2fce382a61d6d47
7f679802707808a1972f52074502fdaeece0ba16bb915536725c37f9d5b8c202
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
979c184413f539fc4ff5a4ccd7808ee5dbbdef21875309e63f30d1ea869fe270
9ba2cbe8ba6ed6a2c5a29353303e5f27986aba912cbe25b187d1c88f0c363f2e
9e896367ac5bce8a1579ab74dee6b779920d2956c18150d9f82a3cbfe931cce9
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
c16d6f70d203d6613c264851767c7bf6f509b66a926962f1e1eb2a5748dde229
d1db68e184b3cc0c36750d572047e75a83cdf916620de06c5d3f7bef423f9507
d3aa6dfc36722b2ce59da8c2bf3db1ec20b2fe837b64e3ec73281ef30610355f
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
d8025fd958651eb0ba2e0ee5c334d424243cc9ee8b21d8d1a78d0d4a0b407caa
e1cfc6756419a10ac2a41eca4f2e3757301257b748bae9b78e3b268044825581
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.orangeobserver.com Open in urlscan Pro 2606:4700:20::681a:889 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

4 IPs

2 Countries

1067 kBTransfer

2828 kBSize

3 Cookies

2 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

3 Cookies

2 Console Messages

Security Headers

www.orangeobserver.com Open in urlscan Pro
2606:4700:20::681a:889 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

1067 kB
Transfer

2828 kB
Size

3
Cookies

25 HTTP transactions
2 data transactions