urlscan.io logo urlscan.io
SecurityTrails logo

onlineaccesspoint1.qeei.ru Open in urlscan Pro
2606:4700:20::681a:41a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u29083802.ct.sendgrid.net/ls/click?upn=DWx3gEkFwjBvbqb17Y9WkM8h9vHZbQi2wLoNMPs6aC4ktHpIkxAFnOA63669Wc6stdhTrzb-2Fuo-2B-2B7...
Effective URL: https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
Submission: On September 16 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2606:4700:20::681a:41a, located in United States and belongs to CLOUDFLARENET, US. The main domain is onlineaccesspoint1.qeei.ru.
TLS certificate: Issued by E1 on August 10th 2022. Valid for: 3 months.
This is the only time onlineaccesspoint1.qeei.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.28 11377 (SENDGRID)
1 1 74.201.124.110 12182 (INTERNAP-...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
23 4
1    167.89.118.28 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u29083802.ct.sendgrid.net
1    74.201.124.110 (United States)

ASN12182 (INTERNAP-2BLK, US)
weblaunch.blifax.com
8    2606:4700:20::681a:41a (United States)

ASN13335 (CLOUDFLARENET, US)
onlineaccesspoint1.qeei.ru
3    2606:4700::6812:1284 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.hcaptcha.com
12    2606:4700::6812:177a (United States)

ASN13335 (CLOUDFLARENET, US)
cf-assets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
15 hcaptcha.com
cloudflare.hcaptcha.com — Cisco Umbrella Rank: 19306
cf-assets.hcaptcha.com — Cisco Umbrella Rank: 32529
1 MB
8 qeei.ru
onlineaccesspoint1.qeei.ru
107 KB
1 blifax.com
weblaunch.blifax.com — Cisco Umbrella Rank: 423074
256 B
1 sendgrid.net
u29083802.ct.sendgrid.net
451 B
23 4
Domain Requested by
12 cf-assets.hcaptcha.com cloudflare.hcaptcha.com
cf-assets.hcaptcha.com
8 onlineaccesspoint1.qeei.ru onlineaccesspoint1.qeei.ru
3 cloudflare.hcaptcha.com onlineaccesspoint1.qeei.ru
cf-assets.hcaptcha.com
1 weblaunch.blifax.com 1 redirects
1 u29083802.ct.sendgrid.net 1 redirects
23 5

This site contains no links.

Subject Issuer Validity Valid
*.qeei.ru
E1		 2022-08-10 -
2022-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-02 -
2023-04-02		 a year crt.sh
*.cf-assets.hcaptcha.com
E1		 2022-08-18 -
2022-11-16		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
Frame ID: 2C6A5D8E59B492B5978FE28FA3B5E6AC
Requests: 9 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: 506353CCE2241501AD96A769ADB8F944
Requests: 4 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: 7EE3B12EBA15FF413412EA06C728EE24
Requests: 4 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: 867E9CFB9175A7ADDDE5300639078F72
Requests: 4 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: 3684D05D31B1AD958CCBC83DD2DFA117
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u29083802.ct.sendgrid.net/ls/click?upn=DWx3gEkFwjBvbqb17Y9WkM8h9vHZbQi2wLoNMPs6aC4ktHpIkxAFnOA63669Wc6... HTTP 302
    https://weblaunch.blifax.com/listener3/redirect?l=6afe&u=https://onlineaccesspoint1.qeei.ru/%2524messias.... HTTP 303
    https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br Page URL

Page Statistics

23
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

1452 kB
Transfer

3777 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u29083802.ct.sendgrid.net/ls/click?upn=DWx3gEkFwjBvbqb17Y9WkM8h9vHZbQi2wLoNMPs6aC4ktHpIkxAFnOA63669Wc6stdhTrzb-2Fuo-2B-2B7AZ-2F-2FAeTT9VcwpMqXvH-2BSUak89xDj8syFhijtwF9HlXqrzV07PPILbnlTp3LBtqSZxSumj7J2-2BEmUM-2FIGdKHLvG-2BsdrYvUUzQmkEVazHM3RNHGkLf9lHanaVvsf2IpJ5OPZ82dHwM4eKZPxuqadrXB-2BLtMKou764yCmLunZ7oCMgGz2-2BNG7NL6qxFUXZzxwfZddTP8FyOoi0Q0HQ9ee4XxrVFvDpQzvuxw9TO5FXjXCRsnOWoYzb-2Fjhnmo5JMx7o4nTtoV4LKHsx7gVSibuSecoh2oBAb9o-3DUQu__OcIStu9C-2BMU7Yl1WLiCISLiKn823AKS7R8UsRoKZ1LDkzuchZsrRru6f8yFBhKX0AQ-2BHIfejrm5KDIu4eZ92QUV0LnAcUXBc-2BIUzkF-2FPS8v0F-2BmETA63AdrTVWkNm0vV6i5V0Lo-2FC4xSMAQ-2F3NU0bipZn-2BMAetoVlyflCBLqzmM1NP-2Fj-2FAMt3fIHtwDr0EMSL2snuXMU3KFvXBvfcmOkDVWfV-2Fs2FwhWDyGFTbS7Pyr9EX4aGIHWBpIA91YyPntXqP2x55UDHxafak7L6bIXdk8EoB2IjQlQccW6t9aUrIAj8Ud2Iw3BTPdRwzb9A3p1OCNeCVOX-2FNdutSE54Bs2zozB9czaq8GtkaxHowC1pej6vNI-2Fmfe79Ke-2BQTdKGp4eosYy-2FUX6C-2Fjmz7UOQvZSNoIgkWzS8Ywh8-2B1LGAiJt2Qg-2BtjJEZ-2BhTxpwzGP-2BrQFp4u3opKBGOyzvWUeu9GKkOw-3D-3D HTTP 302
    https://weblaunch.blifax.com/listener3/redirect?l=6afe&u=https://onlineaccesspoint1.qeei.ru/%2524messias.cruz@gruposimoes.com.br&redirect_mongo_id=63228152c6b10d002be5e469&utm_source=Springbot&utm_medium=Email&utm_campaign=63228152c6b10d002be5e46a HTTP 303
    https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request $messias.cruz@gruposimoes.com.br
onlineaccesspoint1.qeei.ru/
Redirect Chain
  • https://u29083802.ct.sendgrid.net/ls/click?upn=DWx3gEkFwjBvbqb17Y9WkM8h9vHZbQi2wLoNMPs6aC4ktHpIkxAFnOA63669Wc6stdhTrzb-2Fuo-2B-2B7AZ-2F-2FAeTT9VcwpMqXvH-2BSUak89xDj8syFhijtwF9HlXqrzV07PPILbnlTp3LBt...
  • https://weblaunch.blifax.com/listener3/redirect?l=6afe&u=https://onlineaccesspoint1.qeei.ru/%2524messias.cruz@gruposimoes.com.br&redirect_mongo_id=63228152c6b10d002be5e469&utm_source=Springbot&utm_...
  • https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba6a90f74728266cf4e9ec881d1b5f1be548a78c7320d0f6819266773a12f6dd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass
1
cf-ray
74b9761eaa7e6931-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 12:03:52 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS4xlkXBCiambU8kbuf%2FBSFjWXNnsAVl%2BCK5smWrCRyU8DdN4BrQ47RcgP7SyZnFxbux%2FibnolaR8Mr6Llyw4nzDuiQqGgQrjknrS45Rb3%2F0YYukuA8WkKY25ePLjaJPrGAGnekTwo5PThPBo0MTD0rLuAS3Gnme"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html
Date
Fri, 16 Sep 2022 12:03:51 GMT
Location
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
Server
X-AspNet-Version
X-Powered-By
v1
onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=74b9761eaa7e6931
Requested by
Host: onlineaccesspoint1.qeei.ru
URL: https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de899312905d95a96cb88f62755ea066bb57b81ad7e51df9a7baf6b225643dec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br?__cf_chl_rt_tk=1OKKua.sILu2dlCKpK_0ZHlB4f2wrYBKwi3kmMt74J8-1663329832-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3E0AnkCzDsmhVlCOABEvMuKGAglax50%2FjeMTKFm28wdcrpkMoCQ3vpHu%2FDyggflFJkPylUnOqnqbCZpr3GzTBfXP1Yw7AJ235Ft4Wu3lsPj5KAGo%2Fs4kRKFw9YK9T%2BePmHvNCCXwtIpiYbjHp2qG7Iv8h8J7IUz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
74b9761f0af56931-FRA
transparent.gif
onlineaccesspoint1.qeei.ru/cdn-cgi/images/trace/managed/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlineaccesspoint1.qeei.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=74b9761eaa7e6931
Requested by
Host: onlineaccesspoint1.qeei.ru
URL: https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br?__cf_chl_rt_tk=1OKKua.sILu2dlCKpK_0ZHlB4f2wrYBKwi3kmMt74J8-1663329832-0-gaNycGzNCFE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br?__cf_chl_rt_tk=1OKKua.sILu2dlCKpK_0ZHlB4f2wrYBKwi3kmMt74J8-1663329832-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 13:37:59 GMT
server
cloudflare
etag
"63232ab7-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
74b9761f0af66931-FRA
vary
Accept-Encoding
content-length
42
expires
Fri, 16 Sep 2022 14:03:52 GMT
transparent.gif
onlineaccesspoint1.qeei.ru/cdn-cgi/images/trace/managed/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlineaccesspoint1.qeei.ru/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=74b9761eaa7e6931
Requested by
Host: onlineaccesspoint1.qeei.ru
URL: https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br?__cf_chl_rt_tk=1OKKua.sILu2dlCKpK_0ZHlB4f2wrYBKwi3kmMt74J8-1663329832-0-gaNycGzNCFE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br?__cf_chl_rt_tk=1OKKua.sILu2dlCKpK_0ZHlB4f2wrYBKwi3kmMt74J8-1663329832-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 13:37:59 GMT
server
cloudflare
etag
"63232ab7-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
74b9761f0af76931-FRA
vary
Accept-Encoding
content-length
42
expires
Fri, 16 Sep 2022 14:03:52 GMT
api.js
cloudflare.hcaptcha.com/1/ 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Requested by
Host: onlineaccesspoint1.qeei.ru
URL: https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=74b9761eaa7e6931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlineaccesspoint1.qeei.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:52 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
etag
W/"84729783ded6e9166650d2e40d1556b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
x-amz-cf-pop
FRA56-P4
cf-ray
74b9761fada9926b-FRA
x-amz-cf-id
ybnGg_HDdwV0RL1lfsjRHumWQ5uQ8cnBF1V5ZnOtgrcXsAWKDff2jQ==
8ef48729d75da8c
onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8174077029353713:1663326359:ko1puVAomvnwbQNajU5L9XVH2cnpZxrHtH_ZzeFCvT0/74b9761eaa7e6931/ 		147 KB
73 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8174077029353713:1663326359:ko1puVAomvnwbQNajU5L9XVH2cnpZxrHtH_ZzeFCvT0/74b9761eaa7e6931/8ef48729d75da8c
Requested by
Host: onlineaccesspoint1.qeei.ru
URL: https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=74b9761eaa7e6931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b1257fca7a852cce6b3f2c463952cb38a4d32a49a12c3e22f4508d9c41c1a6

Request headers

Referer
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
CF-Challenge
8ef48729d75da8c
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Sep 2022 12:03:53 GMT
content-encoding
br
cf_chl_gen
swGaBHGNcLLWZq8jO9ShfGSRbMwlm2NagdKzE5w+ICMUP5Yhl7CZ4qLXT9rLDx3/nadtFFwpN6JaavyygoQcJdN1Q3pYOj99u4CtY8nUKh9reiN6fKoRIlw++NAG1ZMhtNo5Hr4othQDyFEFRWtzKq3Ia3ZYh2wGxEc4jcSKTy0L5rXoph/4idiBa3hdy4sOBwAPQQoRkPvk5TiTfNGsdZIawnKmCh5xTV+h5vT75lCRBUHSPE7paIVFHOYkXR1ma14J5b9QvOWV7pjEjOX/9CQl89O8srAVkzKTTxx3bBzKL5zFRHcQc74Ik6lYBljNuDAcDCqhPAM2Qpg1xhzQJnnt8EJF6rLuAydmMDRKhUlHVFNynJURgoZA97fK+ev7CS5xVERfomGu0C6E6aYG2zmqroE7O2AWas+xoHpL0a7bLQ/nxXxqIp8OWZ48LVEb$6XjhOH5SNUV1Z+sFyEliTA==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQlogfx7l4VUI0IQKh5WD60Y5UfKtqfZEvmbca0JiZq8ahDXogtRsjiFPhy2%2Byx%2B%2B49iBnYgGgsZk5LPFCA%2F3TSl8%2FjKIrCCSgQsy9W7HFpIlCMd80XSB5TnHOIGIoEQCPaNhtaywdtse0h9qIjZzHBURWEVnAOe"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
74b976201c836931-FRA
RsntmHBlaFKfM20
onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/pat/74b9761eaa7e6931/1663329832993/1074059ce5d3a0850bf6f138d076392c7fd332c30c720667d5732418897d2833/ 		1 B
790 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/pat/74b9761eaa7e6931/1663329832993/1074059ce5d3a0850bf6f138d076392c7fd332c30c720667d5732418897d2833/RsntmHBlaFKfM20
Requested by
Host: onlineaccesspoint1.qeei.ru
URL: https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:53 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gEHQFnOXToIUL9vE40HY5LH_TMsMMcgZn1XMkGIl9KDMAGm9ubGluZWFjY2Vzc3BvaW50MS5xZWVpLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArPWDWDxMEVVv-fr_T4Q6BnyQFaKWmQnndeiJ1lkz78RKe6gzUdiPtkI9ERGirGVbEnpCqcmNwHEOVs2Oo-dYi2GRjbFUhCg-4bxe45rkFxJ7OM7T68U6sAH7HNNWwikCKPuNQrxdkpmmlOcilqmNaLP5qCF4_yACeHlC8TVCHEGcQEdszgo1T0iW1tPgCOmJv4_M2DAZx2hA2XM3V_GYfJknypmSHduTylMyyfPdIhXjO-GXCONePEcgg_Fe2XfFsctLUk_7UaUf0184_xnIe8aSX3ZV7mAJyScAvgfaRNig4oCVH6KaEj70MT92lmS_v899Ku9i8sWX5WFTaMZVewIDAQAB, max-age=15
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74b976248b416931-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSVaD9NQD%2FXaWL6KyBwAbo2MpjsPVkGZHYGZNnCgOrxYKNBDaMwkSD%2B7zTccVybzwbrwBliHMN55UBAhN0%2FQVUWSfDyNscSc2br6qK3zCZ0HqRoYSsoT0hTbsXpkqMU7micVVC1DKis86oF8eSlIL1B7QsuKchTC"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
J4UbsF8lplWKCPO
onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/img/74b9761eaa7e6931/1663329832993/ 		61 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/img/74b9761eaa7e6931/1663329832993/J4UbsF8lplWKCPO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba1a75f5d4c69e7d6829ecf7806315e0b5c17a301da22f9ef7792d426156e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74b97624bb8b6931-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQsArdJexRC9EK5mbPYDWpNnClXlhz4uz6M9RKXzTWIE4TbmgZZuxLkMPcLIx%2F0T0uGF1RaL9%2Fs9toqAyODZJ7Xwco%2BRY4XgACY3x3mt8MYmpb4SDlrxByCUsDIz2M2lXP9jNLHvm8QNuRFyjKGPIj2SWx8MoVLL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
8ef48729d75da8c
onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8174077029353713:1663326359:ko1puVAomvnwbQNajU5L9XVH2cnpZxrHtH_ZzeFCvT0/74b9761eaa7e6931/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8174077029353713:1663326359:ko1puVAomvnwbQNajU5L9XVH2cnpZxrHtH_ZzeFCvT0/74b9761eaa7e6931/8ef48729d75da8c
Requested by
Host: onlineaccesspoint1.qeei.ru
URL: https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=74b9761eaa7e6931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0cde0339856f23db4a8f50cced5c2f72fa8e4cf7ba1398b3be2f63531fafe0

Request headers

Referer
https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
CF-Challenge
8ef48729d75da8c
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
content-encoding
br
cf_chl_gen
qwHTlq1yn85+/0LvBweOPHENf0FUBRpEvw2KKNNwMos=$m7pIBuRdO5ftpsp4971pCw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maUXO1qLpfADYMpZ%2FfbwwP94eT7pFQFSjevTsKdVN6Q85lOTDiUjLDKudGSx67dkFoIvVzbI%2FMHA59M5NpNB%2FEfksQvTAxWG%2FfMJ6a1MvUdaW%2BoLGfK5avn97MVD1ZqPrjqLd0YXRHbtbdEO%2FDqfGsjxwvokeQw5"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
74b976270f6f6931-FRA
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame 5063 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineaccesspoint1.qeei.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2538331
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
74b976280e3f92a2-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 12:03:54 GMT
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id
kCb55F4VMZVEzqdNUl4558nkmjZhdwUMJhSF3x2phOJTeUHlO50QNA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame 7EE3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineaccesspoint1.qeei.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2538331
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
74b976280e4492a2-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 12:03:54 GMT
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id
kCb55F4VMZVEzqdNUl4558nkmjZhdwUMJhSF3x2phOJTeUHlO50QNA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame 867E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineaccesspoint1.qeei.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2538331
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
74b976280e4692a2-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 12:03:54 GMT
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id
kCb55F4VMZVEzqdNUl4558nkmjZhdwUMJhSF3x2phOJTeUHlO50QNA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame 3684 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineaccesspoint1.qeei.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2538331
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
74b976280e4792a2-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 12:03:54 GMT
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id
kCb55F4VMZVEzqdNUl4558nkmjZhdwUMJhSF3x2phOJTeUHlO50QNA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/ Frame 5063 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
45215
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
etag
W/"84729783ded6e9166650d2e40d1556b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
cf-ray
74b976285ea592a2-FRA
x-amz-cf-id
ybnGg_HDdwV0RL1lfsjRHumWQ5uQ8cnBF1V5ZnOtgrcXsAWKDff2jQ==
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/ Frame 867E 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
45215
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
etag
W/"84729783ded6e9166650d2e40d1556b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
cf-ray
74b976287eca92a2-FRA
x-amz-cf-id
ybnGg_HDdwV0RL1lfsjRHumWQ5uQ8cnBF1V5ZnOtgrcXsAWKDff2jQ==
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/ Frame 3684 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
45215
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
etag
W/"84729783ded6e9166650d2e40d1556b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
cf-ray
74b976287ecb92a2-FRA
x-amz-cf-id
ybnGg_HDdwV0RL1lfsjRHumWQ5uQ8cnBF1V5ZnOtgrcXsAWKDff2jQ==
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/ Frame 7EE3 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
45215
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 21:59:15 GMT
server
cloudflare
etag
W/"84729783ded6e9166650d2e40d1556b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
cf-ray
74b976287ecd92a2-FRA
x-amz-cf-id
ybnGg_HDdwV0RL1lfsjRHumWQ5uQ8cnBF1V5ZnOtgrcXsAWKDff2jQ==
truncated
/ Frame 7EE3 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3684 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
cloudflare.hcaptcha.com/ Frame 7EE3 		543 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/checksiteconfig?v=1f7dc62&host=onlineaccesspoint1.qeei.ru&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d646d29fc2d34ab7a5b0dcb5f29af2be0ae3a029cfb1e8ef9d95405163f706d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
application/json
Referer
https://cf-assets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
content-encoding
gzip
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cf-assets.hcaptcha.com
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
74b976296bcd926b-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
checksiteconfig
cloudflare.hcaptcha.com/ Frame 3684 		543 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/checksiteconfig?v=1f7dc62&host=onlineaccesspoint1.qeei.ru&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7bee213cc6f95421fe88bc51f9c293dcaafd01cfff8cc951bc92f89b859ea87
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
application/json
Referer
https://cf-assets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
content-encoding
gzip
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cf-assets.hcaptcha.com
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
74b976297bd7926b-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
hsw.js
cf-assets.hcaptcha.com/c/7b6cd21f/ Frame 5063 		956 KB
358 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/c/7b6cd21f/hsw.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ffef3f2e9efc1e758bb019d82ed23650cdead9f383f263f38e77c9b98dcd805
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
41658
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 19:33:22 GMT
server
cloudflare
etag
W/"84bdb7bd52960277ec334157278a2667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P1
cf-ray
74b97629a81a92a2-FRA
x-amz-cf-id
xBGeSAAVMCRYqfkh8sJqh9aUiZEL2V571fbafw9-hh9MZGOrmv39ag==
hsw.js
cf-assets.hcaptcha.com/c/7b6cd21f/ Frame 867E 		956 KB
358 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/c/7b6cd21f/hsw.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ffef3f2e9efc1e758bb019d82ed23650cdead9f383f263f38e77c9b98dcd805
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
41658
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 19:33:22 GMT
server
cloudflare
etag
W/"84bdb7bd52960277ec334157278a2667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P1
cf-ray
74b97629a81b92a2-FRA
x-amz-cf-id
xBGeSAAVMCRYqfkh8sJqh9aUiZEL2V571fbafw9-hh9MZGOrmv39ag==
e
cf-assets.hcaptcha.com/i/d5ef5ba/ Frame 5063 		113 KB
114 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/i/d5ef5ba/e
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/c/7b6cd21f/hsw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b88f429e0878e43e76be34e0dba0debe8b60a4883851de1645f0e57456d21e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
854080
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-length
115920
last-modified
Fri, 02 Sep 2022 07:03:20 GMT
server
cloudflare
etag
"ce885833508f58ddc1f45b0d115561ea"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
cf-ray
74b9762b4b0e92a2-FRA
x-amz-cf-id
6z4yjeuMXJ2B-rMnZLXEYW2WXUCOd1r_6wjRK5euMMDzMu0PEVmveA==
e
cf-assets.hcaptcha.com/i/d5ef5ba/ Frame 867E 		113 KB
113 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/i/d5ef5ba/e
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/c/7b6cd21f/hsw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:177a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b88f429e0878e43e76be34e0dba0debe8b60a4883851de1645f0e57456d21e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:03:54 GMT
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
854080
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-length
115920
last-modified
Fri, 02 Sep 2022 07:03:20 GMT
server
cloudflare
etag
"ce885833508f58ddc1f45b0d115561ea"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
cf-ray
74b9762b5b2392a2-FRA
x-amz-cf-id
6z4yjeuMXJ2B-rMnZLXEYW2WXUCOd1r_6wjRK5euMMDzMu0PEVmveA==

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _cf_chl_opt function| a function| b function| SHA256 function| _cf_chl_hload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest object| _cf_chl_ctx string| _cf_chl_hlep string| prefix object| Raven object| hcaptcha boolean| _cf_chl_hloaded object| _ undefined| _cf_gcr

3 Cookies

Domain/Path Name / Value
onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8174077029353713:1663326359:ko1puVAomvnwbQNajU5L9XVH2cnpZxrHtH_ZzeFCvT0/74b9761eaa7e6931 Name: cf_chl_seq_8ef48729d75da8c
Value: fvBkPZeGdUrhSj6
onlineaccesspoint1.qeei.ru/ Name: cf_chl_prog
Value: b
.cf-assets.hcaptcha.com/ Name: __cf_bm
Value: 1tsps1FduAX_GLGPURSQxnQ9w_LYNM9tvgYL6uabIHc-1663329834-0-AWDxXYpCkYPZEsAvDCUv12gk0yyvEi4KjesOuraLh9FYyJF+yetSOIaecnid/09VNYGrLlGv8anymFujhbLARYQ=

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://onlineaccesspoint1.qeei.ru/$messias.cruz@gruposimoes.com.br
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://onlineaccesspoint1.qeei.ru/cdn-cgi/challenge-platform/h/b/pat/74b9761eaa7e6931/1663329832993/1074059ce5d3a0850bf6f138d076392c7fd332c30c720667d5732418897d2833/RsntmHBlaFKfM20
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN