urlscan.io logo urlscan.io
SecurityTrails logo

riftworld.ru Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://riftworld.ru/
Effective URL: https://riftworld.ru/
Submission: On January 13 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is riftworld.ru.
TLS certificate: Issued by GTS CA 1P5 on January 12th 2024. Valid for: 3 months.
This is the only time riftworld.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 5
Apex Domain
Subdomains		 Transfer
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
462 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
45 KB
5 riftworld.ru
riftworld.ru
9 KB
0 antibot.cloud Failed
cloud.antibot.cloud Failed
alt.antibot.cloud Failed
16 4
Domain Requested by
5 www.google.com riftworld.ru
www.gstatic.com
www.google.com
5 riftworld.ru 2 redirects riftworld.ru
4 www.gstatic.com www.google.com
www.gstatic.com
2 fonts.gstatic.com www.google.com
0 alt.antibot.cloud Failed riftworld.ru
0 cloud.antibot.cloud Failed riftworld.ru
16 6

This site contains no links.

Subject Issuer Validity Valid
riftworld.ru
GTS CA 1P5		 2024-01-12 -
2024-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://riftworld.ru/
Frame ID: 1D55FF64BA8CE0978403BD8E65D43951
Requests: 6 HTTP requests in this frame

Frame: https://riftworld.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: F38C6CB3B1EF4011204C82B3B4185ED2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
Frame ID: 50CB7EB30A7081AAB7304A43A91FF159
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wacht.

Page URL History Show full URLs

  1. http://riftworld.ru/ HTTP 301
    https://riftworld.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

16
Requests

81 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

515 kB
Transfer

1187 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://riftworld.ru/ HTTP 301
    https://riftworld.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://riftworld.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://riftworld.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
riftworld.ru/
Redirect Chain
  • http://riftworld.ru/
  • https://riftworld.ru/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://riftworld.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6939704ec5596b0f7b7815cb9b22da0d64b2491a8577174d95daa09c4b43bf03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
844a2f28aae80c39-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 02:24:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<https://cloud.antibot.cloud/antibot7.php>; rel=dns-prefetch
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHGEexvKtuzReT0k1%2F%2FnmvuD%2FTSONx9IqlySlHy7AGg3RF7oUdp3YITn0%2F8h5vHyldNDKlFozgRAjvWaAm5sVt7HfYqDCNtR80dRthD%2BYJzgvpfSKr0y83m4BEU%2F0zP1Tj1hrEK1jm1Nu0c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex

Redirect headers

CF-RAY
844a2f284cea66ec-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 13 Jan 2024 02:24:39 GMT
Expires
Sat, 13 Jan 2024 03:24:39 GMT
Location
https://riftworld.ru/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTI8y6eVJ5rSiAb%2FEuwuY%2FWF%2BncFie2R9yYvSWCdbNg%2FPlnU4XqxZ4EVCq9yeQ1xVqrgMVYj%2B9yWZCT9RJwwOo1iHYiS7Ex6oFMGDruMU%2BncOu%2FInTiW7n2caXaSLI1CnbxY81MKkRRhaYg%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB
Requested by
Host: riftworld.ru
URL: https://riftworld.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d7c4c0bc92c90d10fdf9047b33a60efa67b9ec56ef421a8b1619018386f23016
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://riftworld.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 02:24:40 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9238b80c2136d2ea6bdd9fadc5a0f80dc61f11104a40d17084d4f4cc3dc13447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftworld.ru/
Origin
https://riftworld.ru
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207120
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 12:05:30 GMT
main.js
riftworld.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame F38C
Redirect Chain
  • https://riftworld.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://riftworld.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftworld.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: riftworld.ru
URL: https://riftworld.ru/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6979b84ed9c49044eac4e25c3f6dcc00ca47e58a5602a15a1c3d03fd0cc4eb5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CfeUGi%2FjsLDJXi0tZFVrYQskKjfRXpi45w7MZOkEiC7AbuHFNOmuq1p90YAiIFUltmHvQMXgXb79lYqexYgudNmdIHHzqj5YET4m5uJi5zbYzs1fd5lUpLwk8ZYNEVraeOUYdXY2paSHHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
844a2f2b1c5b0c39-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 13 Jan 2024 02:24:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynukeE82Vcc57wFzPUtVO54JcE7mSR%2FxgkRJj0B7H%2FVzQt9EswkRu1Vw3WYEbI2RoJR3socY5Q3jTSuPYw7oklT67UaXaDwzOWSouQ70EI3PdOZf%2Bj46uNoE1LAPgfWkhIdqv45pe%2B8qhZ0%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
844a2f2afc4e0c39-AMS
alt-svc
h3=":443"; ma=86400
844a2f28aae80c39
riftworld.ru/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F38C 		0
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://riftworld.ru/cdn-cgi/challenge-platform/h/b/jsd/r/844a2f28aae80c39
Requested by
Host: riftworld.ru
URL: https://riftworld.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Jan 2024 02:24:40 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3hzkNq0eO7YADvNyclv3cq9ItW0MwJwZQ30wBmNzWCdcxnRcjR82pR7ArbTCIeG%2F5qLH0yXbkC1lzbgC5Gk6%2FQC8Ljwc1hS9BH7udRBdvTPqLw6842M6niOGzAzJPEFQ%2FkYjmCTMf9Ven0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
844a2f2b8fee6572-AMS
alt-svc
h3=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame 50CB 		44 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9889d0a97b3c73a83f9afa8dab65232dd887aa0a0c67c47540d949bd44a5af0e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-awwsS2mWcr0yypcPYRPErQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://riftworld.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-awwsS2mWcr0yypcPYRPErQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 02:24:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 50CB 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 19:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 19:16:46 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 50CB 		505 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9238b80c2136d2ea6bdd9fadc5a0f80dc61f11104a40d17084d4f4cc3dc13447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207120
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 12:05:30 GMT
SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
www.google.com/js/bg/ Frame 50CB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:51:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
322380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6849
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:51:40 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 50CB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:56:54 GMT
x-content-type-options
nosniff
age
368866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 15 Jan 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 50CB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 05:31:50 GMT
x-content-type-options
nosniff
age
420770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 05:31:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 50CB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:09:14 GMT
x-content-type-options
nosniff
age
321326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:09:14 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 50CB 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3743ab7552a5dd616a0d6210a47b76b887fc2bae4a60ad7db878cb538c0b133
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 02:24:40 GMT
reload
www.google.com/recaptcha/api2/ Frame 50CB 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
37f701b9573a73a77fceb136007fbc2be0e7aedcf3b70c5af5a5ce6abdb23f91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley7dsaAAAAAF2quj2hEhZMAbDW5TF5Wxd5CdJB&co=aHR0cHM6Ly9yaWZ0d29ybGQucnU6NDQz&hl=nl&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=jr8hpot60mo1
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 13 Jan 2024 02:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 02:24:40 GMT
antibot7.php
cloud.antibot.cloud/ 		0
0
antibot7.php
alt.antibot.cloud/ 		0
0
truncated
/ 		100 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85732431cdf463c63305d1b5f11daeaa2469bde3774a5c18806129b0cbd57afd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://riftworld.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cloud.antibot.cloud
URL
https://cloud.antibot.cloud/antibot7.php
Domain
alt.antibot.cloud
URL
https://alt.antibot.cloud/antibot7.php

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| userip object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| b64_to_utf8 string| country string| action string| h1 string| h2 string| ipfull string| ip string| via string| v string| re string| rk string| ho string| cid string| ptr number| width number| height number| cwidth number| cheight number| colordepth number| pixeldepth string| phpreferrer string| referrer function| Button function| CloudTest object| recaptcha object| closure_lm_296427

6 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APYnBZW7kWc0W_5vKm5aaV7VGf63WFSl9o5MEGiKSmzmKxPVbczXcu_OHx6fBFC7_9fAFN5dJwswTJZv2ktObzY
riftworld.ru/ Name: antibot_uid
Value: c0e8f514a3d1b71a757cbc0d58d5c0a0
riftworld.ru/ Name: antibot_country
Value: NL
riftworld.ru/ Name: antibot_lang
Value: nl
riftworld.ru/ Name: antibot_ptr
Value: 2001%3A1af8%3A5000%3Aa026%3A0005%3A0000%3A0000%3A0005
.riftworld.ru/ Name: cf_clearance
Value: .xsQ1Lynr5x0RtzZv4eDOyor2w.RGnVVhFu6LVRByQo-1705112680-0-2-13e8c35d.ec70a81.911319b8-0.2.1705112680

2 Console Messages

Source Level URL
Text
network error URL: https://cloud.antibot.cloud/antibot7.php
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://alt.antibot.cloud/antibot7.php
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED