urlscan.io logo urlscan.io
SecurityTrails logo

redirect-cf.ujscdn.com Open in urlscan Pro
104.21.9.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://captchastone.azurewebsites.net/us/index2.html
Effective URL: https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1...
Submission: On March 26 via manual from IN — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 9 domains to perform 23 HTTP transactions. The main IP is 104.21.9.70, located in and belongs to CLOUDFLARENET, US. The main domain is redirect-cf.ujscdn.com.
TLS certificate: Issued by GTS CA 1P5 on February 15th 2024. Valid for: 3 months.
This is the only time redirect-cf.ujscdn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.215.12.1 8075 (MICROSOFT...)
5 169.150.247.37 60068 (CDN77 _)
2 142.250.185.195 15169 (GOOGLE)
2 172.67.153.8 13335 (CLOUDFLAR...)
1 1 145.239.195.107 16276 (OVH)
1 1 188.114.96.3 13335 (CLOUDFLAR...)
7 104.21.9.70 13335 (CLOUDFLAR...)
2 157.90.27.45 ()
1 104.17.2.184 ()
1 104.17.3.184 ()
23 9
1    20.215.12.1 (Warsaw, Poland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
captchastone.azurewebsites.net
5    169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-37.bunnyinfra.net
psh-static.b-cdn.net
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
2    172.67.153.8 (United States)

ASN13335 (CLOUDFLARENET, US)
tb.appconfig12.com
1    145.239.195.107 (France)

ASN16276 (OVH, FR)
PTR: ns31414925.ip-145-239-195.eu
mbtrk1.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bucoa.dc-feed.com
7    104.21.9.70 (None, )

ASN13335 (CLOUDFLARENET, US)
redirect-cf.ujscdn.com
2    157.90.27.45 (None, )

ASN- ()
checkaf.com
1    104.17.2.184 (None, )

ASN- ()
challenges.cloudflare.com
1    104.17.3.184 (None, )

ASN- ()
challenges.cloudflare.com
Domain Requested by
7 redirect-cf.ujscdn.com redirect-cf.ujscdn.com
5 psh-static.b-cdn.net captchastone.azurewebsites.net
2 challenges.cloudflare.com redirect-cf.ujscdn.com
challenges.cloudflare.com
2 checkaf.com redirect-cf.ujscdn.com
2 tb.appconfig12.com psh-static.b-cdn.net
2 www.gstatic.com psh-static.b-cdn.net
1 bucoa.dc-feed.com 1 redirects
1 mbtrk1.com 1 redirects
1 captchastone.azurewebsites.net
23 9

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02		 2023-10-31 -
2024-06-27		 8 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
appconfig12.com
GTS CA 1P5		 2024-03-26 -
2024-06-24		 3 months crt.sh
ujscdn.com
GTS CA 1P5		 2024-02-15 -
2024-05-15		 3 months crt.sh
checkaf.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
Frame ID: E79A42288B0B8E2D40D47E8DA964F6FF
Requests: 21 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uvkg2/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: CF45B7D26A2977D86B2F318AE980F859
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://captchastone.azurewebsites.net/us/index2.html Page URL
  2. https://tb.appconfig12.com/ps/tb?id=&sm=robot-edge&sub_id=&click_id=&nrid=&reason=tb_exit Page URL
  3. https://mbtrk1.com/click.php?key=7ef1qd1lvftdju4n985s&tracker=pushlink-placeholder-tb_exit HTTP 302
    https://bucoa.dc-feed.com/dc?pl=Pwx2pgc2X0ST2DN0vyQCVA&sub_id=pushlink-placeholder-tb_exit HTTP 302
    https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy... Page URL
  4. https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.tr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Page Statistics

23
Requests

91 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

6
Countries

258 kB
Transfer

766 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://captchastone.azurewebsites.net/us/index2.html Page URL
  2. https://tb.appconfig12.com/ps/tb?id=&sm=robot-edge&sub_id=&click_id=&nrid=&reason=tb_exit Page URL
  3. https://mbtrk1.com/click.php?key=7ef1qd1lvftdju4n985s&tracker=pushlink-placeholder-tb_exit HTTP 302
    https://bucoa.dc-feed.com/dc?pl=Pwx2pgc2X0ST2DN0vyQCVA&sub_id=pushlink-placeholder-tb_exit HTTP 302
    https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&nrid=3de64702f6bbeb9916bd8b680ae61847&a=6 Page URL
  4. https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://mbtrk1.com/click.php?key=7ef1qd1lvftdju4n985s&tracker=pushlink-placeholder-tb_exit HTTP 302
  • https://bucoa.dc-feed.com/dc?pl=Pwx2pgc2X0ST2DN0vyQCVA&sub_id=pushlink-placeholder-tb_exit HTTP 302
  • https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&nrid=3de64702f6bbeb9916bd8b680ae61847&a=6

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index2.html
captchastone.azurewebsites.net/us/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://captchastone.azurewebsites.net/us/index2.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.215.12.1 Warsaw, Poland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
523d809ba0efd9efcdd33dabfcb3a8092aa4a3abcec6b887ab1224e07e1d05c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pl-PL,pl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Length
11020
Content-Type
text/html
Date
Tue, 26 Mar 2024 13:43:21 GMT
ETag
"1da7b96822a910c"
Last-Modified
Thu, 21 Mar 2024 13:48:52 GMT
Request-Context
appId=cid-v1:83665504-f0bb-48a5-996f-54a7d9411fda
Server
Kestrel
cfg.js
psh-static.b-cdn.net/us/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psh-static.b-cdn.net/us/cfg.js
Requested by
Host: captchastone.azurewebsites.net
URL: https://captchastone.azurewebsites.net/us/index2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
8830566bd303998ec3419c36e6fe813da7fe800bc439cb4e3155d5e6c5e82f5e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://captchastone.azurewebsites.net/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:22 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-664
cdn-cachedat
03/21/2024 13:57:41
cdn-pullzone
1328726
last-modified
Tue, 12 Mar 2024 17:01:38 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65f08a72-836"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
22fe961b-dbb1-4712-9a2e-907a4e9a1638
cache-control
public, max-age=2592000
cdn-requestid
30419bb199843215c474a88f94008767
cdn-requestcountrycode
PL
cdn-status
200
cdn-requestpullsuccess
True
3_2.js
psh-static.b-cdn.net/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psh-static.b-cdn.net/3_2.js
Requested by
Host: captchastone.azurewebsites.net
URL: https://captchastone.azurewebsites.net/us/index2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
ad6f564e6683ebce7b1af963018573cf220c5860a6b212bcfd6a56299a52798f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://captchastone.azurewebsites.net/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:22 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-662
cdn-cachedat
03/21/2024 13:57:35
cdn-pullzone
1328726
last-modified
Sun, 11 Feb 2024 23:12:15 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65c9544f-4eb5"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
22fe961b-dbb1-4712-9a2e-907a4e9a1638
cache-control
public, max-age=2592000
cdn-requestid
0b60dc7164a472b37d48bdb8ac09a4cf
cdn-requestcountrycode
PL
cdn-status
200
cdn-requestpullsuccess
True
2.js
psh-static.b-cdn.net/us/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psh-static.b-cdn.net/us/2.js
Requested by
Host: captchastone.azurewebsites.net
URL: https://captchastone.azurewebsites.net/us/index2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
fcf572c9688b0c27772a8b89b27c23594c7c08171a0469a4f231451eca5f0910

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://captchastone.azurewebsites.net/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:22 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-680
cdn-cachedat
03/21/2024 13:57:41
cdn-pullzone
1328726
last-modified
Thu, 21 Mar 2024 13:57:05 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fc3cb1-5e2b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
22fe961b-dbb1-4712-9a2e-907a4e9a1638
cache-control
public, max-age=2592000
cdn-requestid
df4571653d2d7ce36068e4aeab5be865
cdn-requestcountrycode
PL
cdn-status
200
cdn-requestpullsuccess
True
1.css
psh-static.b-cdn.net/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://psh-static.b-cdn.net/1.css
Requested by
Host: captchastone.azurewebsites.net
URL: https://captchastone.azurewebsites.net/us/index2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
6726b65c08782a50ae53d65834b86fa4237d289954c01b41b5548d7d0d205614

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://captchastone.azurewebsites.net/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:22 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-383
cdn-cachedat
03/21/2024 13:57:35
cdn-pullzone
1328726
last-modified
Mon, 10 Apr 2023 12:45:02 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"643404ce-1970"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
22fe961b-dbb1-4712-9a2e-907a4e9a1638
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
d054b2ef1caefdca7eefe7e3cb5d9c39
cdn-requestcountrycode
PL
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
corner.png
psh-static.b-cdn.net/ 		300 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://psh-static.b-cdn.net/corner.png
Requested by
Host: captchastone.azurewebsites.net
URL: https://captchastone.azurewebsites.net/us/index2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://captchastone.azurewebsites.net/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:22 GMT
cdn-edgestorageid
1080
cdn-storageserver
DE-661
cdn-cachedat
03/21/2024 13:57:36
cdn-pullzone
1328726
content-length
300
last-modified
Mon, 10 Apr 2023 12:45:03 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
588
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/png
cdn-cache
HIT
cdn-uid
22fe961b-dbb1-4712-9a2e-907a4e9a1638
cache-control
public, max-age=2592000
cdn-requestid
e585453d38a08c995eeb8a5ef3c66acf
accept-ranges
bytes
cdn-requestcountrycode
PL
cdn-status
200
cdn-requestpullsuccess
True
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: psh-static.b-cdn.net
URL: https://psh-static.b-cdn.net/us/2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://captchastone.azurewebsites.net/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 07:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Mar 2025 07:53:01 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: psh-static.b-cdn.net
URL: https://psh-static.b-cdn.net/us/2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://captchastone.azurewebsites.net/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 07:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9934
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Mar 2025 07:52:00 GMT
tb
tb.appconfig12.com/ps/ 		309 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tb.appconfig12.com/ps/tb?id=&sm=robot-edge&sub_id=&click_id=&nrid=&reason=tb_exit
Requested by
Host: psh-static.b-cdn.net
URL: https://psh-static.b-cdn.net/us/2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fb454e7b7077b2abb54c2c966290f32dac8ba77104a20dfb27d2b81fedbcd3

Request headers

Referer
https://captchastone.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pl-PL,pl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86a791cd9c039f2b-FRA
content-encoding
br
content-type
text/html
date
Tue, 26 Mar 2024 13:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lwUk3cEJ0wmEWi%2BJ8aMQ8Jw8tlwA6Gw2YDjTqQp7E2GavA7T5a5MKFNMtkv8DYHMD0CpNuioPVvavZOiZqJ8ftKQdayGDGq3RtJED5GhlnaIVaqFRISpoCse9tFIk2wcIb16qE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
redirect-cf.ujscdn.com/
Redirect Chain
  • https://mbtrk1.com/click.php?key=7ef1qd1lvftdju4n985s&tracker=pushlink-placeholder-tb_exit
  • https://bucoa.dc-feed.com/dc?pl=Pwx2pgc2X0ST2DN0vyQCVA&sub_id=pushlink-placeholder-tb_exit
  • https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJ...
53 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&nrid=3de64702f6bbeb9916bd8b680ae61847&a=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8c9af631a948e06bdd9289886afd2f201ba4f786dab9c13a9434e03ab1c165

Request headers

Referer
https://tb.appconfig12.com/ps/tb?id=&sm=robot-edge&sub_id=&click_id=&nrid=&reason=tb_exit
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pl-PL,pl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86a791d3ac4f1b93-FRA
content-encoding
br
content-type
text/html
date
Tue, 26 Mar 2024 13:43:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8o2o8Uu6LozeKUxg%2FBdD9mJ4jDBXioDDQCEhzZumCcUSVyxy5%2BevkQKSxhSU2jW3QeNdadooNbF6TKzKPn7sbmhUNEa858fO7zNn3RUXDmVjked1ynmaL5xHmsBwpgUOLEKy70HJyUCW"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86a791d1fe5b0410-FRA
content-length
0
date
Tue, 26 Mar 2024 13:43:25 GMT
location
https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&nrid=3de64702f6bbeb9916bd8b680ae61847&a=6
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFpbCtqKaSh7SOQUBCotvloQ%2B3cu2aHcifg19%2BQBhyP%2FLHrsyI1r4mThi4Wgx5GFRxrXRbz66sOxYFhALF5P7hkn82teSRO395UFxFzpvO3TEJ%2FWTc6tWEC103b1uNduZh9veg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
tb.appconfig12.com/ 		0
408 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tb.appconfig12.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform-version
"10.0.0"
Referer
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
308
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mfaZvBg3Z%2B5Km6RJYw97uw4daz20YLNdq3OaIQ7LYIWca%2FlawTMe79r%2FdM%2FkQxpyEz1Fk7Gu2tHjLe622oXLcuwOQKbiLpkgMlWqaLymLgrifVRYz98U6ufOrtlylfXzq%2FhbXI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
86a791ce2c999f2b-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
redirect-cf.ujscdn.com/ 		0
287 B 		Other
General
Check archive.org
Download Go to
Full URL
https://redirect-cf.ujscdn.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4539
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cB71dySdRrsLkwcE3xx5l0ctUUAWYB9y7KkPJyjXF26C2w7JNmI0HvJ2%2BCuOoy9cFvdpQ1H6RLQWD3vpcSeHwpEDo%2FDZunYQNDdJGAJdMLIxOvXvIK7cYcGl%2FB6nQqSyI4%2BOnyH0ipXs"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
86a791d4bd781b93-FRA
alt-svc
h3=":443"; ma=86400
data
checkaf.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://checkaf.com/data
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.27.45 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://redirect-cf.ujscdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://redirect-cf.ujscdn.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 26 Mar 2024 13:43:26 GMT
server
openresty
vary
Origin
data
checkaf.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://checkaf.com/data
Requested by
Host: redirect-cf.ujscdn.com
URL: https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&nrid=3de64702f6bbeb9916bd8b680ae61847&a=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.27.45 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://redirect-cf.ujscdn.com
date
Tue, 26 Mar 2024 13:43:26 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
openresty
content-length
0
vary
Origin
Primary Request pass
redirect-cf.ujscdn.com/ 		26 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
Requested by
Host: redirect-cf.ujscdn.com
URL: https://redirect-cf.ujscdn.com/redirect?r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&nrid=3de64702f6bbeb9916bd8b680ae61847&a=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b3b130af16956f9aa2ff6ca9fafa6b9d03ab835ab66b8c420552e6158093a6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pl-PL,pl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
KN+zoDIu8shZWuFHigjkwfrF2cBCt/IKV6gIAsOtxN8BVFhTdYDt4gRGj7aeTlZjYpMDPdjVIhGLjRRdnDbD/Wu+cFKRx9fKbU4g98n0MnjP9RsDfNiM610n5JckDBdHM/lqauNOS4VRRtW577Gn7w==$GfsGFwYPiP6zVSBO4wLdqw==
cf-mitigated
challenge
cf-ray
86a791d6bbc8bc01-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 26 Mar 2024 13:43:26 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VFEXhvxeMfO4%2Fke2elBuXyYddVKi60mqgirHLr5pxoqD59pOsn%2B5dNBTTEPNkSarVEfjRdlaGNxpfXp%2B5MiH2H4D%2F8dO1T0%2BYQraDLkBWhO5u%2FFT1hvkSGunwLM8c3wuOD4u3gxaLiPO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
redirect-cf.ujscdn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		504 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redirect-cf.ujscdn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86a791d6bbc8bc01
Requested by
Host: redirect-cf.ujscdn.com
URL: https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00698fe1342b320fe98c57d88849b382ed53af24953b12cf8565ce85f0ec7816

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.58"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=&__cf_chl_rt_tk=zxaDXSSsiEL4AxMlto.zogF4kset_aol8AoYoJnHJpo-1711460606-0.0.1.1-5162
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.58", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.58"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:26 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jta69kYX6FJtFiIDj%2Ffe4MZ%2FEPNhlh8z4y7aFjw9AefW5y7303TLEITdLhiNWhQCmZhsFmWl%2Bx2%2BP2vxBeaKhQ57X1bGn41kQyz9Hlnoi1S7lsrfrjcjOh7pEtUGcsGOnwZ6hfMEa7Fo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86a791d74caebc01-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit
Requested by
Host: redirect-cf.ujscdn.com
URL: https://redirect-cf.ujscdn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86a791d6bbc8bc01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://redirect-cf.ujscdn.com
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:26 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
86a791d8cc566ae8-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
redirect-cf.ujscdn.com/ 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect-cf.ujscdn.com/favicon.ico
Requested by
Host: redirect-cf.ujscdn.com
URL: https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.58"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.58", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.58"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1847
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZywhCLcuPe0YBGiNVt6d5BKNHEWBa3heN9hXBJphLCVrl%2Bje%2FNotfpTiiIsV07Ki%2FB8QMh%2F80yrwVD9%2FskFBN%2FFWlKSzLFYLY8XZ53FFymfUIpvtO7TiQsJRgXWY%2Fq0zpA9CAAjth%2Bv"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
86a791d88e50bc01-FRA
alt-svc
h3=":443"; ma=86400
f91a9342-78fd-42c4-9eae-c89d38b5b3c2
https://redirect-cf.ujscdn.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://redirect-cf.ujscdn.com/f91a9342-78fd-42c4-9eae-c89d38b5b3c2
Requested by
Host: redirect-cf.ujscdn.com
URL: https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
90ca9c57d12750e
redirect-cf.ujscdn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1317175498:1711458683:-jOFAhAnLq4o-FNnwmCJ9Qj4njzHgDIK4-hJxVshsdA/86a791d6bbc8bc01/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://redirect-cf.ujscdn.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1317175498:1711458683:-jOFAhAnLq4o-FNnwmCJ9Qj4njzHgDIK4-hJxVshsdA/86a791d6bbc8bc01/90ca9c57d12750e
Requested by
Host: redirect-cf.ujscdn.com
URL: https://redirect-cf.ujscdn.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=86a791d6bbc8bc01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9213dcecabf4f0d709e04d88c7eb770ae628b5f201ff15f38ab4ef3bbf8d7c9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"123.0.6312.58"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.58", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.58"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
90ca9c57d12750e
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:26 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsS4Kkg7IP%2BxEzAoxn8r17xKJzRKCQNUkSvyJMYc522E0NAhTyzzBrSOoxGLccIkSwa1FfsWM6JfDWnrSEuG7B7A3VIKsvJHr7jmZOaXkiudrFapheViucKrw2EBids7EKdEQc4XdFp4"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86a791d93f0cbc01-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
SIF7Pidv1hBGrdTFEScL6ZzTA6z0IB4XHqA0/lt6GpH0EjSC708sxMrPn64JPV1s$mTkZF18+OdV7YTQrV/hpgw==
favicon.ico
redirect-cf.ujscdn.com/ 		0
413 B 		Other
General
Check archive.org
Download Go to
Full URL
https://redirect-cf.ujscdn.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.58"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.58", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.58"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:43:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1847
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlRNkPZ8K%2Bv2qj4zxhhKS0mcncu%2B0hHCKEB5orjfcJR4JfXFX7FI%2BTGoU%2FiaWHzKKZ2kK1%2FvUarDXMCT5qR0vDYvqg8UdChhZb6YBPmHByeMuIzD5ITLHcqCIyiSZrIL70zTFTKmjkk8"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
86a791d96f67bc01-FRA
alt-svc
h3=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uvkg2/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame CF45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/uvkg2/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pl-PL,pl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86a791da09c2bbe9-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 26 Mar 2024 13:43:27 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
668494d2-99aa-4b4e-bf11-078b189557bf
https://redirect-cf.ujscdn.com/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://redirect-cf.ujscdn.com/668494d2-99aa-4b4e-bf11-078b189557bf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| __af

5 Cookies

Domain/Path Name / Value
captchastone.azurewebsites.net/ Name: alreadyVisited
Value: true
tb.appconfig12.com/ Name: __psu
Value: 3db7b52f-92a4-4871-9012-e5317ed6c729
mbtrk1.com/ Name: uclick
Value: hej29z15dz
mbtrk1.com/ Name: uclickhash
Value: hej29z15dz-hej29z15dz-2tfnfe-0-ojp26o-h9tlik-g6sci4-ecc2b2
bucoa.dc-feed.com/ Name: __dcu
Value: 8e97261b-bf41-478e-a9dc-e82117899ff2

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://redirect-cf.ujscdn.com/pass?nrid=3de64702f6bbeb9916bd8b680ae61847&a=6&r=https%3A%2F%2Fdc-ssp-trk.trknext.com%2Ftrk%3Fs1%3DQgmFxgdStwnpndy2MxfhLQcQr1fzoRfukp08lKDkGr%252BWHNKxd6LbuFiSCQdxcNrZAkA9jYvC0qOx53Hr2QSvmwHHFO6HAseEKrCGJOzVPPlumy87etoraSN6j9DfUB3onHwDkJimi0jXSKh3%252FVR9dgbO6O5gTViIGIXvxHeRCzcipBWcR%252Bx02rN4MPRyMfcnWJ5aoJ4T%252B4FBFqgnD8jaYvSB5Ye40wiVv%252BNBs0sFpQnR3tJRkkBMN9tR5KusHbv%252Fyfb2TV07OXuGA03%252BU76d3%252BcbuRGhWFIBNRAR3sRXhy31PRjeVdSBdxhkXx1mslpoLoVmGP8QFnPCKnjMho%252BQ3JSjnBr4YxMc6z6zJ7eipvefC0DA3ayipKipwPcYwl9nNpq6Cmv6ddZrbVQCUygbIzBV59dcldzTWn%252FXAPbrZrk%252BgxWci%252BvXMaHEitc2o1YiJT%252FGPB6yLGF8EyXzuuePQe8oQYnjrtbDiL3toYojoiJWHQlp9mJSUoos4uxHAdQ05KfZ0OY%252BRZf4a76d5BokmAaaw8QXY%252BSuYxTMzjPIDmRKaMl9IcAoxkJjCIrM0gxkcPyCWDOpxnIYXJqDtjTLPSlkalhswqp9FyUEmsStB%252FcTfJBER2wTGgUW3a%252BmpF%252BnDW5QUxmuzxv%252BdR7u78SJNzxOdk8GXEQxQfYFtzA5SV82mftesMPdrLmu2fpd6Bm%252BPyUkkqJJTEvmNOhs214dhdqcwJTYcjTN8jkFu%252BcVo8GlmxWCrnUQkv9v08mKNAc%252FLW1%252BEvHngHcz6PggOh9hdGnU%252BEbIVMjwLG1gAgYnC7dCTD7MhhuX0AwY2KzcMh0UuxbabVVM4LM8Iek1LoLY%252Bh1LOspwDa1lJHiPafexJT53fqF6klMFS96hpkLw8IF8aivD9mx7m7zxBGfYPa8%252FiiO9bapo7NgW8PLPfU4gNs7SJXLn%252Ffs9N1BZTf80Vob5MgZj1wpNapIcJsdyxdunLojFiDjrgFJNPyGm2H0wTIcuwjncXswKCMsUuLmfUHrWrgZFbfBitPFOhbwK1J11GkoWdphoVfCROCthJepxN9t2vhwyGWZQRZTmqlylcmiGUWguPePBvVvwE%252FzzK%252B5JS91Sl%252BX6z3BS3TrprQhP6g%253D%253D%26type%3D2%26brid%3DDB01-0HN1E32AF0JKA8MMP%26nrid%3D3de64702f6bbeb9916bd8b680ae61847&brid=
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bucoa.dc-feed.com
captchastone.azurewebsites.net
challenges.cloudflare.com
checkaf.com
mbtrk1.com
psh-static.b-cdn.net
redirect-cf.ujscdn.com
tb.appconfig12.com
www.gstatic.com
104.17.2.184
104.17.3.184
104.21.9.70
142.250.185.195
145.239.195.107
157.90.27.45
169.150.247.37
172.67.153.8
188.114.96.3
20.215.12.1
00698fe1342b320fe98c57d88849b382ed53af24953b12cf8565ce85f0ec7816
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
523d809ba0efd9efcdd33dabfcb3a8092aa4a3abcec6b887ab1224e07e1d05c3
6726b65c08782a50ae53d65834b86fa4237d289954c01b41b5548d7d0d205614
6a8c9af631a948e06bdd9289886afd2f201ba4f786dab9c13a9434e03ab1c165
75fb454e7b7077b2abb54c2c966290f32dac8ba77104a20dfb27d2b81fedbcd3
8830566bd303998ec3419c36e6fe813da7fe800bc439cb4e3155d5e6c5e82f5e
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
99b3b130af16956f9aa2ff6ca9fafa6b9d03ab835ab66b8c420552e6158093a6
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
ad6f564e6683ebce7b1af963018573cf220c5860a6b212bcfd6a56299a52798f
b9213dcecabf4f0d709e04d88c7eb770ae628b5f201ff15f38ab4ef3bbf8d7c9
d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcf572c9688b0c27772a8b89b27c23594c7c08171a0469a4f231451eca5f0910