urlscan.io logo urlscan.io
SecurityTrails logo

hc5hypumtq63d1336f6bcc2.kiezna.ru Open in urlscan Pro
2606:4700:3035::ac43:9eb8  Private Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.photonics.com/Newsletter/NewsletterLogin.aspx?NIID=12346&RedirectUrl=http://dnnbuo.24.gourmetcheez.com/znayjbd...
Effective URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
Submission: On February 03 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3035::ac43:9eb8, located in United States and belongs to CLOUDFLARENET, US. The main domain is hc5hypumtq63d1336f6bcc2.kiezna.ru.
TLS certificate: Issued by E1 on January 26th 2023. Valid for: 3 months.
This is the only time hc5hypumtq63d1336f6bcc2.kiezna.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.68.254 13335 (CLOUDFLAR...)
1 178.162.131.129 60781 (LEASEWEB-...)
1 178.210.179.151 42910 (PREMIERDC...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
19 6
1    172.67.68.254 (United States)

ASN13335 (CLOUDFLARENET, US)
www.photonics.com
1    178.162.131.129 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
dnnbuo.24.gourmetcheez.com
1    178.210.179.151 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: 178.210.179.151.static.markum.net
leneszdx.bykaratas.com
9    2606:4700:3035::ac43:9eb8 (United States)

ASN13335 (CLOUDFLARENET, US)
hc5hypumtq63d1336f6bcc2.kiezna.ru
1    2606:4700::6812:1284 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.hcaptcha.com
8    2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
9 kiezna.ru
hc5hypumtq63d1336f6bcc2.kiezna.ru
123 KB
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 15799
98 KB
1 hcaptcha.com
cloudflare.hcaptcha.com — Cisco Umbrella Rank: 8057
80 KB
1 bykaratas.com
leneszdx.bykaratas.com
7 KB
1 gourmetcheez.com
dnnbuo.24.gourmetcheez.com
745 B
1 photonics.com
www.photonics.com — Cisco Umbrella Rank: 466687
571 B
19 6
Domain Requested by
9 hc5hypumtq63d1336f6bcc2.kiezna.ru leneszdx.bykaratas.com
hc5hypumtq63d1336f6bcc2.kiezna.ru
dnnbuo.24.gourmetcheez.com
8 challenges.cloudflare.com 1 redirects challenges.cloudflare.com
dnnbuo.24.gourmetcheez.com
1 cloudflare.hcaptcha.com hc5hypumtq63d1336f6bcc2.kiezna.ru
1 leneszdx.bykaratas.com dnnbuo.24.gourmetcheez.com
1 dnnbuo.24.gourmetcheez.com
1 www.photonics.com 1 redirects
19 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
*.kiezna.ru
E1		 2023-01-26 -
2023-04-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-02 -
2023-04-02		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
Frame ID: A94A1C9A53FA6814E0E71514CFA27544
Requests: 16 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 4CC93C700B8D5DAFEBED4ED193B06DC7
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://www.photonics.com/Newsletter/NewsletterLogin.aspx?NIID=12346&RedirectUrl=http://dnnbuo.24.gour... HTTP 302
    http://dnnbuo.24.gourmetcheez.com/znayjbdy%20 Page URL
  2. http://leneszdx.bykaratas.com/ Page URL
  3. https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au Page URL

Page Statistics

19
Requests

84 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

309 kB
Transfer

737 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.photonics.com/Newsletter/NewsletterLogin.aspx?NIID=12346&RedirectUrl=http://dnnbuo.24.gourmetcheez.com/znayjbdy%20 HTTP 302
    http://dnnbuo.24.gourmetcheez.com/znayjbdy%20 Page URL
  2. http://leneszdx.bykaratas.com/ Page URL
  3. https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.photonics.com/Newsletter/NewsletterLogin.aspx?NIID=12346&RedirectUrl=http://dnnbuo.24.gourmetcheez.com/znayjbdy%20 HTTP 302
  • http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
Request Chain 13
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/925b3ffa/api.js?onload=_cf_chl_turnstile_l&render=explicit

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
znayjbdy%20
dnnbuo.24.gourmetcheez.com/
Redirect Chain
  • https://www.photonics.com/Newsletter/NewsletterLogin.aspx?NIID=12346&RedirectUrl=http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
  • http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
537 B
745 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
Protocol
HTTP/1.1
Server
178.162.131.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 02:28:43 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7937bc18197b91dd-FRA
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 02:28:43 GMT
location
http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=recXpbcYW24ycNZi1N%2BLJ2o2TmeliTsq01RV31qxryMT66sX8E8jlR46wG6asGAelELAoJm1Q04h%2BNM6awhZloGdRka9wTzWqdIv3KIWrqqI%2BT%2BOdw0xYqmeX7ixdzqe3Lxs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
/
leneszdx.bykaratas.com/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://leneszdx.bykaratas.com/
Requested by
Host: dnnbuo.24.gourmetcheez.com
URL: http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
Protocol
HTTP/1.1
Server
178.210.179.151 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
178.210.179.151.static.markum.net
Software
Apache /
Resource Hash

Request headers

Referer
http://dnnbuo.24.gourmetcheez.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 02:28:42 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Primary Request Mshahpoor.kalantary@pta.wa.gov.au
hc5hypumtq63d1336f6bcc2.kiezna.ru/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
Requested by
Host: leneszdx.bykaratas.com
URL: http://leneszdx.bykaratas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d44731f2862b7c64dae96dd228e40551de459d9b16339ee0196ae75a763911
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://leneszdx.bykaratas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7937bc1bcc29bb47-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 02:28:43 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asxudFpaVTTn1ZFnYBoMCAQJzrA9zoxzSxHtMFIOtfPWZZNNoFrv1ieukJQZGBjRd54Div8b9%2BVKw5eXcvy0wrCB0U1n2SQIXH95hhxePuAVkB5c5HJrJHPJ5rXJB4vtyOXUBdPY%2F6Dfjx%2BX7CwEKwgbPccixFXd%2FaysRrUYj5g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/styles/challenges.css
Requested by
Host: hc5hypumtq63d1336f6bcc2.kiezna.ru
URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Jan 2023 14:59:21 GMT
server
cloudflare
etag
W/"63d7db49-182e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7937bc1bec39bb47-FRA
expires
Fri, 03 Feb 2023 04:28:43 GMT
favicon.ico
hc5hypumtq63d1336f6bcc2.kiezna.ru/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/favicon.ico
Requested by
Host: hc5hypumtq63d1336f6bcc2.kiezna.ru
URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2beb656af4def662f7ac73e1fe1d4fcd138aac4e25c5c00d9e5cbf13e6cd472
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3U3kmsGT5UGZE7H59tRyWkJ09ukv%2FicwEfJDnzLf6zWFM0XTH%2BOvemfI9UStqFGwOe%2BZj3N14pTIxuldxUVzdP4XASTncfnechEMtH1on4C3%2BFv%2FcwkEPaRcd%2Fkd66eDTgiGdWX8DGYbhXMqEKVPWFsR%2B7PgW5GjWYKFHHmJuAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7937bc1bec3abb47-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
v1
hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		112 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7937bc1bcc29bb47
Requested by
Host: hc5hypumtq63d1336f6bcc2.kiezna.ru
URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8355083d458afaa4d8f24b1a3bc71404829cf4844ed760c653ae2db74cce59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au?__cf_chl_rt_tk=m9PQ9V9obTvTOYInd.FJSDVvP7DF_2iiOtoMdH76EiU-1675391323-0-gaNycGzNCJE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmHab3JrlZqaAc04GJv8jvrQ1pvs0BSJq%2BT4F%2FXqfDD4mIpt%2B5LtBWs9rXOlXcEvjXh2KDXXdCS4LuiGwR68stDGWlsQqwnHK86AsQWIq59gmfEB%2B7OzXoxNnrArau6DQV8LfvFvzQMCiYbWL2m53QCIXyOE6vLN1kGFRjCvE2o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7937bc1bfc47bb47-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/images/trace/managed/js/ 		42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7937bc1bcc29bb47
Requested by
Host: hc5hypumtq63d1336f6bcc2.kiezna.ru
URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au?__cf_chl_rt_tk=m9PQ9V9obTvTOYInd.FJSDVvP7DF_2iiOtoMdH76EiU-1675391323-0-gaNycGzNCJE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au?__cf_chl_rt_tk=m9PQ9V9obTvTOYInd.FJSDVvP7DF_2iiOtoMdH76EiU-1675391323-0-gaNycGzNCJE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Jan 2023 14:59:21 GMT
server
cloudflare
etag
"63d7db49-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7937bc1bfc49bb47-FRA
content-length
42
expires
Fri, 03 Feb 2023 04:28:43 GMT
api.js
cloudflare.hcaptcha.com/1/ 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Requested by
Host: hc5hypumtq63d1336f6bcc2.kiezna.ru
URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7937bc1bcc29bb47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59a4f0c66e696603ad5267b5c183c40ec37815746d0286ac5c00f263b54a3f9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
strict-transport-security
max-age=0
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
last-modified
Thu, 02 Feb 2023 17:18:41 GMT
server
cloudflare
etag
W/"777d334016fd859eff9671706a59e51c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
7937bc1c5bf38ff5-FRA
x-amz-cf-id
92KYRtfC-D_xcBPV_8uP1H6TMDqe8rqkIdz-Y7pklMWQGualpqbOIA==
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
913daa682ccc885
hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4114254637331676:1675386437:uYoWNs0HSbM5VLf108C4nsdFflYwEm0zTPGVv23uZWE/7937bc1bcc29bb47/ 		94 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4114254637331676:1675386437:uYoWNs0HSbM5VLf108C4nsdFflYwEm0zTPGVv23uZWE/7937bc1bcc29bb47/913daa682ccc885
Requested by
Host: hc5hypumtq63d1336f6bcc2.kiezna.ru
URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7937bc1bcc29bb47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72ee6b13f454ba27a002176e73f7672013b06a7aa52036ff42791958fce5d6e3

Request headers

Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
CF-Challenge
913daa682ccc885
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
content-encoding
br
cf_chl_gen
6JdRu5TsTHOQ8zO7z7Yqx+9oPrShmx3VqPX7t4u8B8XqosXwVEd8id0opxIewYPKsGR9ukqL25Vi4NDhOMcqFpDKz9OJP7a3SRN5eODR1RluKpkQINfALLCl/eazdVsBOyG/SfRtNlprAdzQH8RTak0KCwcBKQPdKcfU8ZzOA1P/hC3AEOlePenu1zCIPCXRrG4xLWWV4XSNXkAtJpbR/eovvGgqAQzXrAUJgTQoxRPTFIdZtF3A/+/blEoamkU4v49Qu8XAzdNEGNhS2VIg3RfABq0GZM7cQIwBLBY17phbjhPCLICw86rhfQr4gGTWc3LFyD3NXzh4PXmO9mRP+6lIvrXiiMwgFVIDMVDsNS1Qu612cxI97/juKmFjm+sS$nkufTvyMykvdJNHdlufXtg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuEFvSicJ8pE2h05xyer4k1oMYGT40RJRnKKWsc6aKYzzgeV8rGH013zi6hydGF95Ev0nYjLCYvAa3vs3HC4Gjl9uqrHm2EfweQWnyywfGK5KQFLl7H3Hk6TiBukDUIIKWB2ZiLOVlZtzM1DoCAiwhsoa5n2xpDSIUMyRVNbWAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7937bc1cea4d39d3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
iOeCLoR_lR5V87r
hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/img/7937bc1bcc29bb47/1675391323677/ 		61 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/img/7937bc1bcc29bb47/1675391323677/iOeCLoR_lR5V87r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936270201dbfeaa6c03e0f777262e18f97afe8b1c23a1958accbec27a4cf751e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7937bc1d7aa039d3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnLtpzNv6yrAH8CrmWkgXePN3y6gakTH2rGfp5FQrnWfFn2FYXe0RoVSVsAHcDjdTvnqknVo8qIAuD9WlLM3hmZnZFVEIY0zWu0L%2BKOBpSNVnyRfcw7gvmhRK1ETjyXoWAtP6W%2BKiUwIuYgZzQJc3FyYcQwcWdyRG7QnPDGWKgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
mgXwqnB3i_Fl1zY
hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/pat/7937bc1bcc29bb47/1675391323677/bf8affcaddfe47323178685cad794ae927fc0b09d1a01543e5c005f8bbd6f1cc/ 		1 B
966 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/pat/7937bc1bcc29bb47/1675391323677/bf8affcaddfe47323178685cad794ae927fc0b09d1a01543e5c005f8bbd6f1cc/mgXwqnB3i_Fl1zY
Requested by
Host: dnnbuo.24.gourmetcheez.com
URL: http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:43 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gv4r_yt3-RzIxeGhcrXlK6Sf8CwnRoBVD5cAF-LvW8cwAIWhjNWh5cHVtdHE2M2QxMzM2ZjZiY2MyLmtpZXpuYS5ydQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAovhnF-5AxQKgIE33Z8z8UZD-A3JonmaJ2WjtJw44wSJ4ZRDi8TOl3msgbzSTp4OjuB13Q81gVXHf-1jieosPnwwuobcictrtG8Q_VyFkxtLH3B8Dy7aLVCCXoGAZjUyFiUjMoh6Jchy_HyObEQSMgnCo5f2W_-428Cqbv8YMNsTrNjMA_uiiM5NkWmg-TVHHEQWJd6_nAAshIK1581vwBKEOmRYvbcoZMO502KNYZ0JaowHieqgCaudU5de9cuFT515icCkbBIIrRphgs-78P4ZenGTG0FtJ7zIC4PMbx96SQZ_aKI3D5v7ikfTNcXMsq5peQ1SEI3twSZJkWzKEtwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lORaNXc8l5dFPHjy%2Fy7lFAD6r6FMeBjskM74gWLCY7GIr1xDuJTryUih6RuHNFOM03BUo%2Fr9SqJEF%2B0NSfoeLMmdHMWFGWzDwgR7AUBvd70JfFafjHLXWUBcJpfz%2BZ4KiqlvxmbmMwqyqoPbUWPfDcoDeTAD1w%2B4wxGPHRYi%2FLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7937bc1d9ab239d3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
913daa682ccc885
hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4114254637331676:1675386437:uYoWNs0HSbM5VLf108C4nsdFflYwEm0zTPGVv23uZWE/7937bc1bcc29bb47/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4114254637331676:1675386437:uYoWNs0HSbM5VLf108C4nsdFflYwEm0zTPGVv23uZWE/7937bc1bcc29bb47/913daa682ccc885
Requested by
Host: hc5hypumtq63d1336f6bcc2.kiezna.ru
URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7937bc1bcc29bb47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9eb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e3113de2d284c8244421feadd16fbcd54c63c64fe9d48f292297c3a7c1d9ba

Request headers

Referer
https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
CF-Challenge
913daa682ccc885
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Feb 2023 02:28:45 GMT
content-encoding
br
cf_chl_gen
HnpRj51d/kYk08J6eUeNq1NsSQZ8r9OCHSueeyLLL2I=$5dPTyPWkjM/Cp9VGBt/Mag==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBJUiGfX68CKAHipuWjmGsBoWJDode4bQ49I8HEUlZ47Ip1CK7LoPFp5hc%2FOynT004T%2FSzkHqfxz2gDrClVmyO3tXEhTDEALqgKhbEPDegjnAJ2e36a1Ob2JEQ5C8nMpBroKUIEONZD8ri%2Fv1AFgu8uQDmcVJCTZ4SBL6kja%2FGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7937bc256ebc39d3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/925b3ffa/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/925b3ffa/api.js?onload=_cf_chl_turnstile_l&render=explicit
11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/925b3ffa/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6714e5fb8951d17fe337f2e403fe5812257e7bb9109c2db031047fb08e72282

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
7937bc25fe068fdc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
/turnstile/v0/b/925b3ffa/api.js?onload=_cf_chl_turnstile_l&render=explicit
date
Fri, 03 Feb 2023 02:28:45 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
7937bc25ddf78fdc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
accept-encoding
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 4CC9 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80215441cab7a7b7a3ce9ace48c66c260296b8a68a24b21c8cd64556ede7dee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7937bc262acf9256-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:28:45 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 4CC9 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7937bc262acf9256
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4484fd673ef4b4c0bb2cc58e2f142e3b7f7092f00cb693585b65d428d17c2934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:45 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7937bc265ae69256-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
306c1bbb20e73e8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2727215156311656:1675389916:BMWW3Y9iy8VDm8BnxfdslPLdrbzrPRDu1hjAodYuwuo/7937bc262acf9256/ Frame 4CC9 		60 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2727215156311656:1675389916:BMWW3Y9iy8VDm8BnxfdslPLdrbzrPRDu1hjAodYuwuo/7937bc262acf9256/306c1bbb20e73e8
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7937bc262acf9256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34fb97b1126745ac7f49bb8c3600b9d02290c8d1aa2f7a7ff679c01f9b35e6b

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
CF-Challenge
306c1bbb20e73e8
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Feb 2023 02:28:45 GMT
content-encoding
br
cf_chl_gen
I4verotXF/iMHc8w3k0Ya9BxaVT1g4qOtq91Es3imwJTotPRR+aOR7TgBtInMh8L1Rqj8ZOmLNm75fodWUaVDEYqzfBFMqeaGJG2Kyvy0qyXHZUX1JO8CwsBKlwvwXtYkD6HMSq0oWRVfHX9U4n4fTRYvSTjJl+oomycxkqzQlUW4Z8rcaU1w27Fr9oWAQsOEgXevCI65UCRtWBlgY+mNTfbdqaT8pb8fqWSQClB8q3KVu1bLgP9QJYg+C5LOZ3uomWScuBogm3QUKCOu5i7QJ6QFYVtfrcmnR1vJXX5qvUwSTxnQPtfEoS2VbSbyaHH$J10FpNUGquSBioBez0hAHA==
server
cloudflare
cf-ray
7937bc273b479256-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
h8o22XYZEHn4qcy
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7937bc262acf9256/1675391325331/663fe12071e84675af233623ce3e27ae56083eb196ac63065e37dcd7ea9fef97/ Frame 4CC9 		1 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7937bc262acf9256/1675391325331/663fe12071e84675af233623ce3e27ae56083eb196ac63065e37dcd7ea9fef97/h8o22XYZEHn4qcy
Requested by
Host: dnnbuo.24.gourmetcheez.com
URL: http://dnnbuo.24.gourmetcheez.com/znayjbdy%20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:46 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gZj_hIHHoRnWvIzYjzj4nrlYIPrGWrGMGXjfc1-qf75cAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAovhnF-5AxQKgIE33Z8z8UZD-A3JonmaJ2WjtJw44wSJ4ZRDi8TOl3msgbzSTp4OjuB13Q81gVXHf-1jieosPnwwuobcictrtG8Q_VyFkxtLH3B8Dy7aLVCCXoGAZjUyFiUjMoh6Jchy_HyObEQSMgnCo5f2W_-428Cqbv8YMNsTrNjMA_uiiM5NkWmg-TVHHEQWJd6_nAAshIK1581vwBKEOmRYvbcoZMO502KNYZ0JaowHieqgCaudU5de9cuFT515icCkbBIIrRphgs-78P4ZenGTG0FtJ7zIC4PMbx96SQZ_aKI3D5v7ikfTNcXMsq5peQ1SEI3twSZJkWzKEtwIDAQAB, max-age=20
server
cloudflare
cf-ray
7937bc2c0d949256-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
Al6rvA1eRAFl_6P
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7937bc262acf9256/1675391325334/ Frame 4CC9 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7937bc262acf9256/1675391325334/Al6rvA1eRAFl_6P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c116fcfdc86f809f1e0302c801871b7068852f9f28e8b3a9ce49879bb7b2f924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:28:46 GMT
server
cloudflare
cf-ray
7937bc2d7e119256-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
306c1bbb20e73e8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2727215156311656:1675389916:BMWW3Y9iy8VDm8BnxfdslPLdrbzrPRDu1hjAodYuwuo/7937bc262acf9256/ Frame 4CC9 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2727215156311656:1675389916:BMWW3Y9iy8VDm8BnxfdslPLdrbzrPRDu1hjAodYuwuo/7937bc262acf9256/306c1bbb20e73e8
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7937bc262acf9256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18e2fc4cd2fb2632530ac04d31ebdaed5116d036929d173927bdb74e95c4d4f

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcgu1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
CF-Challenge
306c1bbb20e73e8
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Feb 2023 02:28:46 GMT
content-encoding
br
cf_chl_gen
d4sjWs3aTns1xmiqVzN6x1v76MvJy91XLhfLn66IM4o=$ZX+nq5JJ68MIW1H3GbBzFg==
server
cloudflare
cf-ray
7937bc2dee3b9256-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| _cf_chl_opt function| sendRequest function| _cf_chl_hload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx string| _cf_chl_hlep string| prefix object| languagesToIterate object| Raven object| hcaptcha boolean| _cf_chl_hloaded object| _ undefined| _cf_gcr function| _cf_chl_turnstile_l object| cfChallengeAPI object| turnstile

2 Cookies

Domain/Path Name / Value
www.photonics.com/ Name: ASP.NET_SessionId
Value: gpkrskt40d05ghxrwup1kpvs
.challenges.cloudflare.com/ Name: __cf_bm
Value: BPN6uA7UeCS2UXfeiF257tp8CUMeWR1EZtS_RhfzbeU-1675391325-0-Abz668KpxeZqqmQPxc4TfIQyFCcbWyz0u0lW3FIA3qOlXcRzgKhKkOBgkyuXIhpCF+1mnghiew6Y+wq8+BoYo10=

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/Mshahpoor.kalantary@pta.wa.gov.au
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://hc5hypumtq63d1336f6bcc2.kiezna.ru/cdn-cgi/challenge-platform/h/b/pat/7937bc1bcc29bb47/1675391323677/bf8affcaddfe47323178685cad794ae927fc0b09d1a01543e5c005f8bbd6f1cc/mgXwqnB3i_Fl1zY
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7937bc262acf9256/1675391325331/663fe12071e84675af233623ce3e27ae56083eb196ac63065e37dcd7ea9fef97/h8o22XYZEHn4qcy
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
cloudflare.hcaptcha.com
dnnbuo.24.gourmetcheez.com
hc5hypumtq63d1336f6bcc2.kiezna.ru
leneszdx.bykaratas.com
www.photonics.com
172.67.68.254
178.162.131.129
178.210.179.151
2606:4700:3035::ac43:9eb8
2606:4700::6812:1284
2606:4700::6812:7b9
30e3113de2d284c8244421feadd16fbcd54c63c64fe9d48f292297c3a7c1d9ba
4484fd673ef4b4c0bb2cc58e2f142e3b7f7092f00cb693585b65d428d17c2934
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
72ee6b13f454ba27a002176e73f7672013b06a7aa52036ff42791958fce5d6e3
936270201dbfeaa6c03e0f777262e18f97afe8b1c23a1958accbec27a4cf751e
a2beb656af4def662f7ac73e1fe1d4fcd138aac4e25c5c00d9e5cbf13e6cd472
a34fb97b1126745ac7f49bb8c3600b9d02290c8d1aa2f7a7ff679c01f9b35e6b
a6714e5fb8951d17fe337f2e403fe5812257e7bb9109c2db031047fb08e72282
a80215441cab7a7b7a3ce9ace48c66c260296b8a68a24b21c8cd64556ede7dee
b59a4f0c66e696603ad5267b5c183c40ec37815746d0286ac5c00f263b54a3f9
bc8355083d458afaa4d8f24b1a3bc71404829cf4844ed760c653ae2db74cce59
c116fcfdc86f809f1e0302c801871b7068852f9f28e8b3a9ce49879bb7b2f924
c2d44731f2862b7c64dae96dd228e40551de459d9b16339ee0196ae75a763911
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
f18e2fc4cd2fb2632530ac04d31ebdaed5116d036929d173927bdb74e95c4d4f
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa