urlscan.io logo urlscan.io
SecurityTrails logo

6wfziot3uw63f5434a7d6c0.opticair.ru Open in urlscan Pro
2606:4700:3032::ac43:c46d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/g4LKCM8698SAkqqnHwlqLk?domain=annotatorjs.com
Effective URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Submission: On February 23 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3032::ac43:c46d, located in United States and belongs to CLOUDFLARENET, US. The main domain is 6wfziot3uw63f5434a7d6c0.opticair.ru.
TLS certificate: Issued by E1 on February 4th 2023. Valid for: 3 months.
This is the only time 6wfziot3uw63f5434a7d6c0.opticair.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.113 30031 (MIMECAST-)
1 193.3.19.236 50340 (SELECTEL-MSK)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
17 4
Apex Domain
Subdomains		 Transfer
9 opticair.ru
6wfziot3uw63f5434a7d6c0.opticair.ru
134 KB
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5871
103 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 8561
2 KB
1 annotatorjs.com
annotatorjs.com
364 B
17 4
Domain Requested by
9 6wfziot3uw63f5434a7d6c0.opticair.ru 6wfziot3uw63f5434a7d6c0.opticair.ru
annotatorjs.com
8 challenges.cloudflare.com 1 redirects 6wfziot3uw63f5434a7d6c0.opticair.ru
challenges.cloudflare.com
annotatorjs.com
2 protect-us.mimecast.com 2 redirects
1 annotatorjs.com
17 4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
truity.biz
R3		 2023-02-22 -
2023-05-23		 3 months crt.sh
*.opticair.ru
E1		 2023-02-04 -
2023-05-05		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Frame ID: D4F045C9A38CBA79E7D4686244559851
Requests: 14 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: FD17EC3EF1D0D36A06460E321C9C9592
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/g4LKCM8698SAkqqnHwlqLk?domain=annotatorjs.com HTTP 307
    https://protect-us.mimecast.com/r/zS5XrmUDNSQ7Koj7xiOhN_kmrvC7tmk2OxnpW9hGAhnqpXtegzLTwRiWNXzz9W3ejci2zyiUO_... HTTP 307
    https://annotatorjs.com/npv7u Page URL
  2. https://6wfziot3uw63f5434a7d6c0.opticair.ru/ Page URL

Page Statistics

17
Requests

94 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

236 kB
Transfer

485 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/g4LKCM8698SAkqqnHwlqLk?domain=annotatorjs.com HTTP 307
    https://protect-us.mimecast.com/r/zS5XrmUDNSQ7Koj7xiOhN_kmrvC7tmk2OxnpW9hGAhnqpXtegzLTwRiWNXzz9W3ejci2zyiUO_4wTnnrU5Wnpyulj2YIEpgGPpwBdLMjyT0Cr6hNQ8y5IAfu3dguCOziEoyeqSWPoBwjn6xkeL5mrpSxJFUeokuBzh5OhLD1d4-4ENdMHNlkMWdiNV4ZdCUgb0qtmZbw9pGMvZgI9FWhoumDCvBx7GzUfLa8-HW5rnXDjN8mYAsYCDrlU2N9v6RrZZDDETmvd6vUZU8NGKW5nAQa8pcjyvj6fm4Sa8oyVyV0RYEGlUggpnm-iZ1lk6Xhlk8hdkXyx4Pab_avOA3tYJUXWlfdZcKdCjobjkFgvNmxFA7klUDb2jIqYoGKkKdJC0yGVHXlVxnQ1x_8WBcSZ2tK7BITyG-xTaci49LAPO7Db-npvzq7t1Rdm0j80vQOigA1kTKsRahRyp4sAVuWRGRfiEAzkp0jOU1HdSeNsbdLOTOAnsxf6AdMM2fKUVKhReHdFSi3ddpEmr8I09dfGpZSBAKCAH8dxPsu5IvHXhMIc4-S03vx57afkyggR2D9kCL2cTtHtIpdXmNGYtJWErsccB9rJI68A1iFUvsZt-j1uiEkSSa2bcikPqU1h5POQ96VPm13gMq7w3m5FdaV19h0DES_G6vR7wHbJbAnaQBtwE3o55TDbOr7BGHDvdc_ErNpFWgPWk4cCikm78aIDWyW36hltvzVTeWGkotkXJmu4isHJ4cOEO2JzDXemvTMDyowhPO3cWp3aJMnoXxEcwwCblqF2xXJqQIIazu4OQgzLJBkE_qR8LQeB5B4DBBdPeDoJxnYrg5uuSTCseVa1wY59Sef1fsi9-y5xYQEGAgQUEjZd9VSGCEIcQiLb5WX8GfPN54OP9tYd5bp-O5bLzTbpX73EAnTz-oacuvcK_ImQooSWJg0CPQy45hm6oU3BKZhQedffBtuW_KLxfVsGe0TSQXZnFaoGncZmHkjj2pD4FUSLEjmcn4asi4HGxOqF1Y6Xpkg6M5cqJ_iJEuR4-9y5L7LaMcZLdbSFsvuk-7atLGfymZm7Tyd2JQaXgqwtHWKx2vRlyhF3EJq8Lkk33yDeaiP81l8L5KDZD-c4S2wur6PVHss0MB0TJRFM8lfAKy4ers94PbQQlVvoGxWiZOV54xG55LWzVNGZrCzNW1DmFkCZooR07TMu43zCjRtTfGD970KunQEv8HQyr63SCNKQkNj6RQruKwmzBCjkxRM2WvRg9HBNpJQbd_kb7T0xD3jQ_SAjsanP_Sxzdpq13sa_JJSborb0trUoHj41ndnkADC_xii-VIAozj2i7I5du40_OwT61mcqVxdDQaESLlhwLirjU_kRoGe0AIEXQA3BHdLG2sSKmAnTljKA-lOD2rrVh24e5tVBU75xMsZ22QiCS16kTCa4qaQi8Ii73-Dkn-IR0RSt4yyDl9XjakGRE7qJ8y6jd--uhh9cka6yYtKNdZCpxV7dH4KAelqLkZMlYJ7lhgSyMcYm44Aton-F4QwlGy2vAxQyXURo_N6EAOFMZQkZ5qhCCOHI1i4P0qKOAj0JqXJwyV1lKXrLxrdIaOdtEgIJC6eU44HkvdBVzV15-aeQLzVyvZDFOoOn1Yh7CkA-abImOMTBoaKU19XUeoqS2YacQ64y5lP8VlIXvWCow4PKanzXCxDuLCbT1PZtifQCIJDdiUOO5pMvEpRaZxjPZhZLuha0touaQdPGon7iXqHZg8J7fRwBhrwxeapqi3kFKqzrMB5yvvptPYRQ1Z9AgyfEj7ZsV6aEkhV8LYlT47tY2Ejg2c1cI8KKWiElWsLY0pro7aqbbwUpZCUrFx1SXPnhxhL1sUw6T1eYsZ3AgdQm2upGxY3A6Ov1X4 HTTP 307
    https://annotatorjs.com/npv7u Page URL
  2. https://6wfziot3uw63f5434a7d6c0.opticair.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-us.mimecast.com/s/g4LKCM8698SAkqqnHwlqLk?domain=annotatorjs.com HTTP 307
  • https://protect-us.mimecast.com/r/zS5XrmUDNSQ7Koj7xiOhN_kmrvC7tmk2OxnpW9hGAhnqpXtegzLTwRiWNXzz9W3ejci2zyiUO_4wTnnrU5Wnpyulj2YIEpgGPpwBdLMjyT0Cr6hNQ8y5IAfu3dguCOziEoyeqSWPoBwjn6xkeL5mrpSxJFUeokuBzh5OhLD1d4-4ENdMHNlkMWdiNV4ZdCUgb0qtmZbw9pGMvZgI9FWhoumDCvBx7GzUfLa8-HW5rnXDjN8mYAsYCDrlU2N9v6RrZZDDETmvd6vUZU8NGKW5nAQa8pcjyvj6fm4Sa8oyVyV0RYEGlUggpnm-iZ1lk6Xhlk8hdkXyx4Pab_avOA3tYJUXWlfdZcKdCjobjkFgvNmxFA7klUDb2jIqYoGKkKdJC0yGVHXlVxnQ1x_8WBcSZ2tK7BITyG-xTaci49LAPO7Db-npvzq7t1Rdm0j80vQOigA1kTKsRahRyp4sAVuWRGRfiEAzkp0jOU1HdSeNsbdLOTOAnsxf6AdMM2fKUVKhReHdFSi3ddpEmr8I09dfGpZSBAKCAH8dxPsu5IvHXhMIc4-S03vx57afkyggR2D9kCL2cTtHtIpdXmNGYtJWErsccB9rJI68A1iFUvsZt-j1uiEkSSa2bcikPqU1h5POQ96VPm13gMq7w3m5FdaV19h0DES_G6vR7wHbJbAnaQBtwE3o55TDbOr7BGHDvdc_ErNpFWgPWk4cCikm78aIDWyW36hltvzVTeWGkotkXJmu4isHJ4cOEO2JzDXemvTMDyowhPO3cWp3aJMnoXxEcwwCblqF2xXJqQIIazu4OQgzLJBkE_qR8LQeB5B4DBBdPeDoJxnYrg5uuSTCseVa1wY59Sef1fsi9-y5xYQEGAgQUEjZd9VSGCEIcQiLb5WX8GfPN54OP9tYd5bp-O5bLzTbpX73EAnTz-oacuvcK_ImQooSWJg0CPQy45hm6oU3BKZhQedffBtuW_KLxfVsGe0TSQXZnFaoGncZmHkjj2pD4FUSLEjmcn4asi4HGxOqF1Y6Xpkg6M5cqJ_iJEuR4-9y5L7LaMcZLdbSFsvuk-7atLGfymZm7Tyd2JQaXgqwtHWKx2vRlyhF3EJq8Lkk33yDeaiP81l8L5KDZD-c4S2wur6PVHss0MB0TJRFM8lfAKy4ers94PbQQlVvoGxWiZOV54xG55LWzVNGZrCzNW1DmFkCZooR07TMu43zCjRtTfGD970KunQEv8HQyr63SCNKQkNj6RQruKwmzBCjkxRM2WvRg9HBNpJQbd_kb7T0xD3jQ_SAjsanP_Sxzdpq13sa_JJSborb0trUoHj41ndnkADC_xii-VIAozj2i7I5du40_OwT61mcqVxdDQaESLlhwLirjU_kRoGe0AIEXQA3BHdLG2sSKmAnTljKA-lOD2rrVh24e5tVBU75xMsZ22QiCS16kTCa4qaQi8Ii73-Dkn-IR0RSt4yyDl9XjakGRE7qJ8y6jd--uhh9cka6yYtKNdZCpxV7dH4KAelqLkZMlYJ7lhgSyMcYm44Aton-F4QwlGy2vAxQyXURo_N6EAOFMZQkZ5qhCCOHI1i4P0qKOAj0JqXJwyV1lKXrLxrdIaOdtEgIJC6eU44HkvdBVzV15-aeQLzVyvZDFOoOn1Yh7CkA-abImOMTBoaKU19XUeoqS2YacQ64y5lP8VlIXvWCow4PKanzXCxDuLCbT1PZtifQCIJDdiUOO5pMvEpRaZxjPZhZLuha0touaQdPGon7iXqHZg8J7fRwBhrwxeapqi3kFKqzrMB5yvvptPYRQ1Z9AgyfEj7ZsV6aEkhV8LYlT47tY2Ejg2c1cI8KKWiElWsLY0pro7aqbbwUpZCUrFx1SXPnhxhL1sUw6T1eYsZ3AgdQm2upGxY3A6Ov1X4 HTTP 307
  • https://annotatorjs.com/npv7u
Request Chain 5
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
npv7u
annotatorjs.com/
Redirect Chain
  • https://protect-us.mimecast.com/s/g4LKCM8698SAkqqnHwlqLk?domain=annotatorjs.com
  • https://protect-us.mimecast.com/r/zS5XrmUDNSQ7Koj7xiOhN_kmrvC7tmk2OxnpW9hGAhnqpXtegzLTwRiWNXzz9W3ejci2zyiUO_4wTnnrU5Wnpyulj2YIEpgGPpwBdLMjyT0Cr6hNQ8y5IAfu3dguCOziEoyeqSWPoBwjn6xkeL5mrpSxJFUeokuBzh5...
  • https://annotatorjs.com/npv7u
84 B
364 B 		Document
General
Check archive.org
Download Go to
Full URL
https://annotatorjs.com/npv7u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.3.19.236 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
3930377106446d68fc669d54c04ebe96b2c6fbe6c7bc47d6208ae8120aecfeef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
84
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Feb 2023 13:38:14 GMT
ETag
"54-5f559ae639c58"
Keep-Alive
timeout=60
Last-Modified
Thu, 23 Feb 2023 08:20:10 GMT
Server
nginx

Redirect headers

Cache-control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Feb 2023 13:38:14 GMT
Location
https://annotatorjs.com/npv7u
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex, nofollow
Primary Request /
6wfziot3uw63f5434a7d6c0.opticair.ru/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80aa077e07f188d49d51c79ba1469daae71193887b140b43d8283b75cdae874f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://annotatorjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79e05c591c561a28-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 23 Feb 2023 13:38:14 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FSrLTFdHZhLS1HZgNAQa5axjWqD00x9%2F1%2BLIlQCXhBewJDDPWUtZTnwmNggSV%2BpORUBcz6WOG%2BgLBPxoEi%2FBpuLFhJd%2BdA32IWkfFQyYoTw0BwzOlWCg6anS5eiPp6SSMgeAeRfkaUoVqzmdGQazRQNsaQm9sZm%2Fuvb6AemFiE%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/styles/challenges.css
Requested by
Host: 6wfziot3uw63f5434a7d6c0.opticair.ru
URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Feb 2023 11:26:11 GMT
server
cloudflare
etag
W/"63f4aa53-182e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
79e05c595ca21a28-EWR
expires
Thu, 23 Feb 2023 15:38:14 GMT
favicon.ico
6wfziot3uw63f5434a7d6c0.opticair.ru/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/favicon.ico
Requested by
Host: 6wfziot3uw63f5434a7d6c0.opticair.ru
URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89249a4d769f8cc2568bad23a2bf92753882777e6d33d394b7494cb6130c1cef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:14 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmBx56vKd58iSXw568o3LA%2FE4v%2FjNzlRB3TWJzaFmZov0QY0ueW2YHKv0n8FDna5z4plNqOdVr3gTJXURa%2F0WIFV6NZvgcKWZ3w7eE%2BKV54PD7ESQAXYrPXe3enYWig12qX480LNs6YrB9BOvaeCDlzpi5RCFbLnHXIoSi9ISkiKDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
79e05c595ca31a28-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
v1
6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		122 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=79e05c591c561a28
Requested by
Host: 6wfziot3uw63f5434a7d6c0.opticair.ru
URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd73085d6a3142d5692ed6e91a54d501d8592552579c992f5b795024490cf36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/?__cf_chl_rt_tk=AZGG6hDKHnkXtld864wqd6sVsrZN3GOurHN8OQ03idQ-1677159494-0-gaNycGzNCfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ8tbxv3l%2BPKhmAu4lHDZ8ymuoT8JfWogDPwUfEibP5o0dRPfttA3z3l%2BKcnDkHNALf111J8Xbpxr2Gu8i5bhFzAiOm8HVHJbAyLdfbpheWysMmb44nyQBm7YY9jqcF%2BYNg2y0RxGztJeC1aFqvxPjVncvJzAN6oMsAjWUI7cGy2lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
79e05c599cdb1a28-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/images/trace/managed/js/ 		42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=79e05c591c561a28
Requested by
Host: 6wfziot3uw63f5434a7d6c0.opticair.ru
URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/?__cf_chl_rt_tk=AZGG6hDKHnkXtld864wqd6sVsrZN3GOurHN8OQ03idQ-1677159494-0-gaNycGzNCfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/?__cf_chl_rt_tk=AZGG6hDKHnkXtld864wqd6sVsrZN3GOurHN8OQ03idQ-1677159494-0-gaNycGzNCfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Feb 2023 11:26:11 GMT
server
cloudflare
etag
"63f4aa53-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
79e05c599cdc1a28-EWR
content-length
42
expires
Thu, 23 Feb 2023 15:38:14 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/6756a6af/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: 6wfziot3uw63f5434a7d6c0.opticair.ru
URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88552553af10ffa83f22bb8e02c1b88809c85181ce2e45d5827f479eec1e4be1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:14 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
79e05c5a7946d153-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
date
Thu, 23 Feb 2023 13:38:14 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
79e05c5a5932d153-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
accept-encoding
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
42a1ba327132d27
6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.46188373846686925:1677157602:ItFMLbRJ_vkLW8UTWMHHUArH4W-VQXK-FFwxapA96ns/79e05c591c561a28/ 		114 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.46188373846686925:1677157602:ItFMLbRJ_vkLW8UTWMHHUArH4W-VQXK-FFwxapA96ns/79e05c591c561a28/42a1ba327132d27
Requested by
Host: 6wfziot3uw63f5434a7d6c0.opticair.ru
URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=79e05c591c561a28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b7a07ccf34f687d82a0429675014edb4267bd4fc07cc8305402553d68b36c6

Request headers

Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
42a1ba327132d27
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Feb 2023 13:38:14 GMT
content-encoding
br
cf_chl_gen
NGPvBn1QeJdPdFIfSKgozKm3OL2wg0H8j8FaWYlS5JrYmemIEfrOPzU5lAHvxW6R4U4Rdm8GVyK4B7uniS4CGYMNPO6gg/gKnKG9deOrgirpgTzeKcr/0YRObGYUnoImwjlKd7zXs2Q3ptfF+5AFLj2dB9YhTOiklrIibv4d5hz8q0M+zzJ77hkUAvS/8bL2vQVcA/qAyWxi7z8AJwLiC4u7lPiuc2P90e87/dGxHXcL7178G9ED2yxUR59rC53wtHGAXsefpHmlC7U2p8fVEKlYGO5M0uAhVCXmNkTbPgyD2d2OSOIt0HpubTaXQVX2ShUE2wdZZt29k3ZHh4aQjzlYEqmVUyxIxM6ye48e/qqvIjpgtrCqVjCAR/KVsUXj4juWUleguss/kNAPOr3/64ioIKwfwzPSObO6HUMVcwM=$IlVu5ltV/4J7Cl9flS689A==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9eiMqHI5ER8C%2B2OE%2FtPoT3RlVgV7LOivUUs1m6oG1lJdXOq01NKDMwvZ3CYKHXB9HO1OJnApnvcKzOg1dXxVbQoUYUuj7Xie%2B6bQzvEnLJAU8Xgx%2FnxNfv56EICLlG1ZrYXX0eT4xDHFE%2FU2gVntIDe7Rpo1qYKHBqeps8Ftbu6Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79e05c5aaeca17fd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
USezOYo0iuaQ3OJ
6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/img/79e05c591c561a28/1677159494836/ 		61 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/img/79e05c591c561a28/1677159494836/USezOYo0iuaQ3OJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d360d570d243ed9c3fc8f403c23c217a9b16e20d337bd48af376421a6141aba0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
79e05c6118c317fd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCSlzMYOtCHCD0f58P6OGsBA3DAKJdAz%2FpaULVyO1KrF4w18EUTv0xhodOjVrhQJSUCO3v6SC%2FfsQDhIsEqe9Gl3KhHmK0RQOJ7GBu04%2BYL9WCy3rDXza4DhR3CkjgqNgS%2B8hXKlF8rI25aDwMtuPQm2xXiORAtk6Q7PJU%2F9LyfTLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
8QwwdrH5HLxx7yU
6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/pat/79e05c591c561a28/1677159494842/d933f1a35c8c49ea07859d82da55f07ef9b920efd4b8908684462192de9094bc/ 		1 B
972 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/pat/79e05c591c561a28/1677159494842/d933f1a35c8c49ea07859d82da55f07ef9b920efd4b8908684462192de9094bc/8QwwdrH5HLxx7yU
Requested by
Host: annotatorjs.com
URL: https://annotatorjs.com/npv7u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:16 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g2TPxo1yMSeoHhZ2C2lXwfvm5IO_UuJCGhEYhkt6QlLwAIzZ3Znppb3QzdXc2M2Y1NDM0YTdkNmMwLm9wdGljYWlyLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvU0PH_Q7Pnf8hW_hxUpGAyuO8_Fq741wSGoWWWE4Fs6o4d9YAQmB8NJZKwtjC6kXQm-9iJm-2-l5Zd0u7iaXIdcfAf-g7V6jK6ZV4Vd3kqVDWPojMTgzY8UC9CkOJ6rkMeClcILaPTAe0-1efD7yNnOuChC15xCuBNDcsS22KLYU6XVzx8JCht1szeDhpWPGa9zXPYFm4jrEzIApawuy9xhPO2-m0TGqzv3IRG20R2cnjdsgiziiIXGmM3QAE_quSNOQW77EIvWEfliyclxt1_mXVBltEAEwAVU69X-6l2XNIt_2DNgSy9KNFZoCbGbxJN7_L7ebWE9lG8qtBsD9HQIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3X2pC3cx4l%2FOpFSuosH%2BHLemyUBfG6RuIDWhbb8Nq5Kt00nKUL5b%2FF0E2z%2BSbesXL1oOfqQG3%2BRWMUIi59JdjSyPwTGDhQndA9Ovk2KVGdRLh6E69vzEDTX34aj%2FCdY4SiGak9rLXITvcgI4hIgp5dIck4IwDwNOQPLIScFAU1SSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79e05c65e8f417fd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
42a1ba327132d27
6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.46188373846686925:1677157602:ItFMLbRJ_vkLW8UTWMHHUArH4W-VQXK-FFwxapA96ns/79e05c591c561a28/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.46188373846686925:1677157602:ItFMLbRJ_vkLW8UTWMHHUArH4W-VQXK-FFwxapA96ns/79e05c591c561a28/42a1ba327132d27
Requested by
Host: 6wfziot3uw63f5434a7d6c0.opticair.ru
URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=79e05c591c561a28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c46d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6268a5da89cae94f59b76ffe77c826b6651cdd19cf3d34763a978ab7edf5c18f

Request headers

Referer
https://6wfziot3uw63f5434a7d6c0.opticair.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
42a1ba327132d27
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Feb 2023 13:38:16 GMT
content-encoding
br
cf_chl_gen
wiJpvMsVAliL4L3wCLpq0m5UZ+COijH3OhOCeLPBemQ=$A18DBTy/eEw3Ql9UkrHHWg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHJ6wnuTjolkzhk1lll1LyCiUmOSqcTqhbByQJ9mLg8z2HxQrooWlTt0iYTjRy2ZVdPtyqz99oVgANR731YzgGWdhF4Qsikqu6mRt9omROZS2IMN9ZB%2FqPJsUUUp%2Bbia%2FDsJLfAPfGWiq2zr%2FNVne8nJlRjHli31yQNcUfkXRF7kng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79e05c667a1f17fd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame FD17 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f85569075cc2a7e1f2bd00cbd91acbc4ffd374c0efd7dbf2ac4390d249b4b1f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
79e05c671fa8d15f-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 13:38:16 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame FD17 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79e05c671fa8d15f
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02dcec8db8569ea8ad6946d143f258ab269418649769771f34a3f5d2db59e6f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:16 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
79e05c678ff6d15f-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
42117d716ff3724
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.27377265494699277:1677157573:NG3fib14h9b-h0rEnJkDMaSzH7ICgXw6or0wkcIbvKs/79e05c671fa8d15f/ Frame FD17 		50 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.27377265494699277:1677157573:NG3fib14h9b-h0rEnJkDMaSzH7ICgXw6or0wkcIbvKs/79e05c671fa8d15f/42117d716ff3724
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79e05c671fa8d15f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad692868a33b7baf0942827dc8b947f6bb8c19342eaedb6a3871a13d1ef374de

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
42117d716ff3724
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Feb 2023 13:38:17 GMT
content-encoding
br
cf_chl_gen
HMIL/osa+izPtAdaaUClIIUth4vwEoM3oubyRDQayG/v00hr0aNgZxSpc+ypMzX/TWbBuG53zjsJqwk61ZQXwrNwJmDukqvbQaN+g+QztRgdcJ+9jfYM0jHmGsDFYjVoH+nZUgfKZY9SVUaWQeQpobj31bBMHdAMF0W7vOGtNtoNc+0vQCD7KImrz7wUUn5nSS/WWlsh36E3JDO43g79qWeKoNOVcO6b2wXwNLzrgCHoQ+ColU+iJyFKwqwO2sCdHIpS5z7qgc0lyvoly+u0D72sviK45Zus0btS0gL0hpgLjXDv+XFdv+1POQ8Jdt9/$B3zfyWNIrGDxkMb/V6maWg==
server
cloudflare
cf-ray
79e05c68f90ad15f-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
wctk7PETsIhrM3P
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/79e05c671fa8d15f/1677159497136/ Frame FD17 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/79e05c671fa8d15f/1677159497136/wctk7PETsIhrM3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43d09024784097c74bea1e895d2de28e73b05f6804c38bfb72a5a12d4391b76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:17 GMT
server
cloudflare
cf-ray
79e05c69b9afd15f-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
vt2RNSjvsyZCKRW
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79e05c671fa8d15f/1677159497140/fd0e527cab3bf5b3878cb92f1f9599f3b960100c57e67326ac6e7bbb23695df4/ Frame FD17 		1 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79e05c671fa8d15f/1677159497140/fd0e527cab3bf5b3878cb92f1f9599f3b960100c57e67326ac6e7bbb23695df4/vt2RNSjvsyZCKRW
Requested by
Host: annotatorjs.com
URL: https://annotatorjs.com/npv7u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:38:17 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g_Q5SfKs79bOHjLkvH5WZ87lgEAxX5nMmrG57uyNpXfQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvU0PH_Q7Pnf8hW_hxUpGAyuO8_Fq741wSGoWWWE4Fs6o4d9YAQmB8NJZKwtjC6kXQm-9iJm-2-l5Zd0u7iaXIdcfAf-g7V6jK6ZV4Vd3kqVDWPojMTgzY8UC9CkOJ6rkMeClcILaPTAe0-1efD7yNnOuChC15xCuBNDcsS22KLYU6XVzx8JCht1szeDhpWPGa9zXPYFm4jrEzIApawuy9xhPO2-m0TGqzv3IRG20R2cnjdsgiziiIXGmM3QAE_quSNOQW77EIvWEfliyclxt1_mXVBltEAEwAVU69X-6l2XNIt_2DNgSy9KNFZoCbGbxJN7_L7ebWE9lG8qtBsD9HQIDAQAB, max-age=20
server
cloudflare
cf-ray
79e05c6e4dd5d15f-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
42117d716ff3724
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.27377265494699277:1677157573:NG3fib14h9b-h0rEnJkDMaSzH7ICgXw6or0wkcIbvKs/79e05c671fa8d15f/ Frame FD17 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.27377265494699277:1677157573:NG3fib14h9b-h0rEnJkDMaSzH7ICgXw6or0wkcIbvKs/79e05c671fa8d15f/42117d716ff3724
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79e05c671fa8d15f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe5361cc768269da4f25ca60bf45796b5860880e5dffc488cae6ba3b0cf8199

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/zs7a0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
42117d716ff3724
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Feb 2023 13:38:18 GMT
content-encoding
br
cf_chl_gen
MQopSkAarN8v1+pK+9cFD8KEqVpkFXAxyc47yRS66Fw=$qFjLV03UaadHP8l23GmGUg==
server
cloudflare
cf-ray
79e05c706fcad15f-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| SHA256 function| _cf_chl_turnstile_l object| _cf_chl_ctx string| prefix object| languagesToIterate object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

1 Cookies

Domain/Path Name / Value
.challenges.cloudflare.com/ Name: __cf_bm
Value: 8LpsL0QsSNMGfX86GM20p2qDjQnOlscLY1vs85ixMcs-1677159494-0-AQMMrobU8xccjJNj7vSxRzD6VG+Pb37C5itbAwgsSkbXxzrRVy5/cqgFL/BLwGGEBUsSAds2BHhn6ahiW7GUnUY=

7 Console Messages

Source Level URL
Text
network error URL: https://annotatorjs.com/npv7u
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://6wfziot3uw63f5434a7d6c0.opticair.ru/cdn-cgi/challenge-platform/h/g/pat/79e05c591c561a28/1677159494842/d933f1a35c8c49ea07859d82da55f07ef9b920efd4b8908684462192de9094bc/8QwwdrH5HLxx7yU
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79e05c671fa8d15f/1677159497140/fd0e527cab3bf5b3878cb92f1f9599f3b960100c57e67326ac6e7bbb23695df4/vt2RNSjvsyZCKRW
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6wfziot3uw63f5434a7d6c0.opticair.ru
annotatorjs.com
challenges.cloudflare.com
protect-us.mimecast.com
193.3.19.236
205.139.111.113
2606:4700:3032::ac43:c46d
2606:4700::6812:7b9
02dcec8db8569ea8ad6946d143f258ab269418649769771f34a3f5d2db59e6f0
1fe5361cc768269da4f25ca60bf45796b5860880e5dffc488cae6ba3b0cf8199
3930377106446d68fc669d54c04ebe96b2c6fbe6c7bc47d6208ae8120aecfeef
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
54b7a07ccf34f687d82a0429675014edb4267bd4fc07cc8305402553d68b36c6
6268a5da89cae94f59b76ffe77c826b6651cdd19cf3d34763a978ab7edf5c18f
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7fd73085d6a3142d5692ed6e91a54d501d8592552579c992f5b795024490cf36
80aa077e07f188d49d51c79ba1469daae71193887b140b43d8283b75cdae874f
88552553af10ffa83f22bb8e02c1b88809c85181ce2e45d5827f479eec1e4be1
89249a4d769f8cc2568bad23a2bf92753882777e6d33d394b7494cb6130c1cef
ad692868a33b7baf0942827dc8b947f6bb8c19342eaedb6a3871a13d1ef374de
c43d09024784097c74bea1e895d2de28e73b05f6804c38bfb72a5a12d4391b76
d360d570d243ed9c3fc8f403c23c217a9b16e20d337bd48af376421a6141aba0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
f85569075cc2a7e1f2bd00cbd91acbc4ffd374c0efd7dbf2ac4390d249b4b1f5
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa