urlscan.io logo urlscan.io
SecurityTrails logo

www.ortas.online Open in urlscan Pro
2606:4700:20::ac43:44f5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ns2.rtv.gov.sy/
Effective URL: http://www.ortas.online/
Submission Tags: l4ing sub gov h8 sy Search All
Submission: On April 23 via api from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::ac43:44f5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ortas.online.
This is the only time www.ortas.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 82.137.248.4 29256 (INT-PDN-S...)
1 1 82.137.248.19 29256 (INT-PDN-S...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 7 2606:4700::68... 13335 (CLOUDFLAR...)
18 4
Apex Domain
Subdomains		 Transfer
8 ortas.online
www.ortas.online
131 KB
7 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4009
126 KB
2 rtv.gov.sy
ns2.rtv.gov.sy
www.rtv.gov.sy
616 B
18 3
Domain Requested by
8 www.ortas.online www.ortas.online
7 challenges.cloudflare.com 1 redirects www.ortas.online
challenges.cloudflare.com
1 www.rtv.gov.sy 1 redirects
1 ns2.rtv.gov.sy
18 4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www.ortas.online/
Frame ID: E1187C303919BCE31BA622A642E329A7
Requests: 14 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: B64F9CEBD663248D10625FD51A53BD6B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://ns2.rtv.gov.sy/ Page URL
  2. http://www.rtv.gov.sy/ HTTP 301
    http://www.ortas.online/ Page URL

Page Statistics

18
Requests

28 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

258 kB
Transfer

583 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ns2.rtv.gov.sy/ Page URL
  2. http://www.rtv.gov.sy/ HTTP 301
    http://www.ortas.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ns2.rtv.gov.sy/ 		181 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ns2.rtv.gov.sy/
Protocol
HTTP/1.1
Server
82.137.248.4 , Syrian Arab Republic, ASN29256 (INT-PDN-STE-AS STE PDN Internal AS, SY),
Reverse DNS
Software
nginx /
Resource Hash
8b7427be6eebeafed4b1349bc0be7ef4d79234a9074110e380895b275395963a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
181
Content-Type
text/html
Date
Sun, 23 Apr 2023 22:46:59 GMT
ETag
"2e012cf-b5-58820d30044da"
Last-Modified
Sun, 05 May 2019 09:44:03 GMT
Server
nginx
Primary Request /
www.ortas.online/
Redirect Chain
  • http://www.rtv.gov.sy/
  • http://www.ortas.online/
6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f2e69c16fe9a4ec92c971e59ef70c7d3943b80cb6fb8ddd684aa8833ed8f7a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://ns2.rtv.gov.sy/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-RAY
7bc9a554bec10bce-AMS
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Cross-Origin-Embedder-Policy
require-corp
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Sun, 23 Apr 2023 22:47:00 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Permissions-Policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy
same-origin
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGmp3DmPX4vmDJfOncLKE%2FQYwX4z2mWdaHf9TzJMX5%2FY8jl6E3mm%2F5NsRQ1VQdTnrb4NFzSeJZZDkGeM5vf%2BFb65TZ0UZYSizO2UtXkgG5615zOXPU7JpJLLcRWt1h3i3Fz3cByxO1QKfaCZLws%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cf-mitigated
challenge

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 23 Apr 2023 22:47:00 GMT
Location
http://www.ortas.online/
Server
nginx
challenges.css
www.ortas.online/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/styles/challenges.css
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 22:47:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 Apr 2023 16:29:34 GMT
Server
cloudflare
ETag
W/"643ec56e-19c8"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
7bc9a554f9851c88-AMS
Expires
Mon, 24 Apr 2023 00:47:00 GMT
v1
www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7bc9a554bec10bce
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8abbe3d02603f5140152e9673373a4947c63a114298c7064a64f72925b54572

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=agbn4IMfwWDPs9LAwERI44Ec9ydCcVj95NneJJcDspg-1682290020-0-gaNycGzNBpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 22:47:00 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0SbAyooDIVhZ27J0KkWkJqo7p3qarATVucff9u5Pq5EFLc7DSbUwY2k2S4CCbtFzxzdtw0TnB1zgKzGkBougxhc1%2B%2BwEYA00m08GOK6f9YhXcajBVHxCWz60foYgCRD9IDYiZ6dlIjaPxf8Cj4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
Connection
keep-alive
CF-RAY
7bc9a55519a31c88-AMS
transparent.gif
www.ortas.online/cdn-cgi/images/trace/managed/js/ 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7bc9a554bec10bce
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/?__cf_chl_rt_tk=agbn4IMfwWDPs9LAwERI44Ec9ydCcVj95NneJJcDspg-1682290020-0-gaNycGzNBpA
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=agbn4IMfwWDPs9LAwERI44Ec9ydCcVj95NneJJcDspg-1682290020-0-gaNycGzNBpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 22:47:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 Apr 2023 16:29:34 GMT
Server
cloudflare
ETag
"643ec56e-2a"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7bc9a5553dc30a49-AMS
Content-Length
42
Expires
Mon, 24 Apr 2023 00:47:00 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b40667594c82d7c843189fa25ecf138c252bda05d50bcbf9e84c6c1b5b150f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 22:47:00 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7bc9a556cf1006c0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 23 Apr 2023 22:47:00 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7bc9a5569eea06c0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
favicon.ico
www.ortas.online/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/favicon.ico
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907f041f0b7d83e204314b7e20a13be10671767bc702636d9b62a96f633d1378
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 22:47:00 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
same-origin
Connection
close
Referrer-Policy
same-origin
Server
cloudflare
Cross-Origin-Opener-Policy
same-origin
cf-mitigated
challenge
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxZPnq3tIhZU8F3esHx7FcmeGPfupvgqPks7oAA%2Bc4ghM6w4FklMrnzvKYeycgPwRR7q6bqW1tCMNsGOzycYE1r1fe25fTBjyC3mo6EX6aTEA3eBOTAP5wdEbAtgtJY%2F0PRfRZrKGz%2F8963%2FLkc%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Permissions-Policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
CF-RAY
7bc9a5564ac51c88-AMS
Expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
3b2dfd75cde2e2b
www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1739278905:1682288612:YLkFS5XuLscAs9wLCRv8hkSesloMUoZX6wvqzqlrUvw/7bc9a554bec10bce/ 		115 KB
62 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1739278905:1682288612:YLkFS5XuLscAs9wLCRv8hkSesloMUoZX6wvqzqlrUvw/7bc9a554bec10bce/3b2dfd75cde2e2b
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7bc9a554bec10bce
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be903b3ee612b4154beac25a6f231f18aac75b49413cab8d57895c339674d73

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
3b2dfd75cde2e2b
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 23 Apr 2023 22:47:00 GMT
Content-Encoding
gzip
cf_chl_gen
SBhZxgobK22vnwY/hOetALsU8549s5oGyCcW+32AR3nmAtToeGz2pJCgv8vzmcB5LHIN6JkfCHbbB/ci48I+49/g5m2Jiz84OhWOwyXfGPUe3n/qdxcAPeGvyxHr9ix0ReAXE0CMHomDm95Ag2kQL2vOAWELOtEyPaeOt8ToU+zBt9Pyp9aY1rmZzt0TM00vUSzhsyKcxx954XWOKMwxZbdwJqKZhr1x3KesASHVBGNb1GkmCe88cIGNXcFtIVKWUJwHnt3nOCBW8yC/snwGIVc8/I32pB9MBePnCef4o0JZkxNHUkHwEWLAUoypxbu4WSPSVu9btZ7s5Xzo/laddYoygNNccUK/O29JjWX0RhNX+TUhJuBWiGlsD+ymctCuAIoiJQ23lMS0otIG2GXpowKuY4i0siE/F/aqmhYcinYjuLUdypMy7bcjpGb2SFr15w3KzKOGilaAKoVAxlhc2ikKULxC9seohP4l0x458R+3ak2Hb7maFAWtv3DO41f8$htPa3t6M97ZC505nRU3xeQ==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fcbf06mofPV1U%2BfVorwl4jqdVGDwuR7uVGxVOcwEFvR%2FQczi7sM7IJMqB0OUFJC6NZUiGee2GVTQmR%2FyLxDfd9tvJGCmfWPo51y3%2BY84u%2BVLLxLfUBsz%2FJE8t%2FkAaG3wTNMuQeAajgFHFkBGQ7M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7bc9a5570f340a49-AMS
PG1CSnuZ0TLXm8E
www.ortas.online/cdn-cgi/challenge-platform/h/g/img/7bc9a554bec10bce/1682290020973/ 		61 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/img/7bc9a554bec10bce/1682290020973/PG1CSnuZ0TLXm8E
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b67a044c73be7d54fa102380db02bd9d016f4eddf54cb574fa576003faaa99

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 22:47:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Fks9qqjLCAEXXwl7%2Bu1q9JQ7uiXKZL6VbdG7QVdRZAXdG%2FQoPD5rACgEYBajYFi7JR5cGR7IR%2FIvWfryyeWZ6zQwdbx2dBjcYuJNGlMbVe1qzWl7exen1tlmcG%2FXS2ASljLIXX%2FKsB2mJj5XZE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Connection
keep-alive
CF-RAY
7bc9a55bfb9e0a49-AMS
0949bf5d-4bb6-4886-b4cb-4dcc65895e77
http://www.ortas.online/ 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.ortas.online/0949bf5d-4bb6-4886-b4cb-4dcc65895e77
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
2c7f0f7e-5a4c-41e3-80aa-eb0958c409ef
http://www.ortas.online/ 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.ortas.online/2c7f0f7e-5a4c-41e3-80aa-eb0958c409ef
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
3b2dfd75cde2e2b
www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1739278905:1682288612:YLkFS5XuLscAs9wLCRv8hkSesloMUoZX6wvqzqlrUvw/7bc9a554bec10bce/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/1739278905:1682288612:YLkFS5XuLscAs9wLCRv8hkSesloMUoZX6wvqzqlrUvw/7bc9a554bec10bce/3b2dfd75cde2e2b
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7bc9a554bec10bce
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e3d26f2914887d935e33b6676b3edff2e39c771023108e6c607600de672e66

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
3b2dfd75cde2e2b
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 23 Apr 2023 22:47:02 GMT
Content-Encoding
gzip
cf_chl_gen
wnoaqfdVSYDEJPHx/WUq39I+pjdKzoaN2hDKCgNuVDG+bZeAKlrjXbF8AYKdC/sC$TJkjlDi+HxZQZTxWnwrZtQ==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHmx%2BMr641PMMrg950g%2FsoO%2FPAAZ%2BgCsBoPeQe0NCLUS%2BISZVqjb5Jvt46dUMwj69NQxvLgguryhkd2ORA1J0dFMYtwMLF0gmfDPx90cpV45qQGUt76aZBAKqiohL%2Bqq5QNKmcgfLmJVdnFJRak%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7bc9a55fbef60a49-AMS
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame B64F 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fa8fdc1ad43e464162e1911dc0cc179cd2a0763c01c25231c6560bbbb0b986

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7bc9a560682fd0b5-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 22:47:02 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame B64F 		152 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7bc9a560682fd0b5
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a08cf4d32796ef6f325dbe46c2744eecd10c4ad36158a659fc71dd8fc9524ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 22:47:02 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7bc9a560e89ad0b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
57c8b63fb6b1830
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2135779290:1682288557:d3AFhO3L2eYE5IPvfrq92uRB-7fHRLq27RgnH_4kU1A/7bc9a560682fd0b5/ Frame B64F 		101 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2135779290:1682288557:d3AFhO3L2eYE5IPvfrq92uRB-7fHRLq27RgnH_4kU1A/7bc9a560682fd0b5/57c8b63fb6b1830
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7bc9a560682fd0b5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d86cff2b08f7ca1c1e341f36319ac53f584a2c497b7f3e4c2ddde5e99193ff8

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
57c8b63fb6b1830
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 22:47:02 GMT
content-encoding
br
cf_chl_gen
cvP9MPGMxume/0QqjEnija//bF3UbHabazqu1KwgixxEqfLUqUkXh8vdPRR/Uvqgj9zsx0OWboEE6o9fvxxm6PD0Sch0HsvD1cg2m9JIUka359AmPig6+bzyMcsqqkHWiq8OyM5dTIQ7fGFq2GqEZaNh8jafcetTPWoCeWK4w81pKwbpyfmNuAVGF6nTm1kZXngQEBs0zp8I4BKdocSqf2h8OddaaFnHFv9DW1XPYHJ46OfbvtSJfR6gIviGnC8Gbgrf/rSXp7Dy4AdP4+lp22HLBeD+OT7HXiHasCndVjktJh2FAAPqbT3kmPticqxpzYc49Y3tv44MNR/6e9dYlB/pr7ZpLWlypQ6slsSaDLGrFtTGbXqNAEwHXk3cdqHF3hJMAumWjmwrYRxNhUqMqHLmyudL3s6ORVXb7ke7XAwDjOjcwzR39BJP72rjKWTCDVGd6wlvJkoj8fEdmzZR0Q==$wNGwi6S0SDRyTwUqTWEcUA==
server
cloudflare
cf-ray
7bc9a5620959d0b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
6jXvrjztEMXHNCq
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7bc9a560682fd0b5/1682290022729/ Frame B64F 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7bc9a560682fd0b5/1682290022729/6jXvrjztEMXHNCq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccfec2c1cf67dd7faf9f909f0b7e643051e8e448024a78ddae08ff15ebd05d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 22:47:02 GMT
server
cloudflare
cf-ray
7bc9a56299aed0b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
de6a2e6b-cb0e-4893-83af-dbc0069f591b
https://challenges.cloudflare.com/ Frame B64F 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/de6a2e6b-cb0e-4893-83af-dbc0069f591b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
57c8b63fb6b1830
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2135779290:1682288557:d3AFhO3L2eYE5IPvfrq92uRB-7fHRLq27RgnH_4kU1A/7bc9a560682fd0b5/ Frame B64F 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2135779290:1682288557:d3AFhO3L2eYE5IPvfrq92uRB-7fHRLq27RgnH_4kU1A/7bc9a560682fd0b5/57c8b63fb6b1830
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7bc9a560682fd0b5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4299524d62becc9c63787dc1d70c900142131583d5c8ac649dffa4750aea38

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/40any/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
57c8b63fb6b1830
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 22:47:04 GMT
content-encoding
br
cf_chl_gen
HoJhauB3kosqNJQqYrTtMJQL1WOufD13RoF9t4RmO85hrgWMVnUUu9TCZsbk0jWB$pGFgIuKykE0cUxwU/CpbRA==
server
cloudflare
cf-ray
7bc9a56a8f87d0b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_turnstile_l function| SHA256 function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: http://www.ortas.online/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other error URL: http://www.ortas.online/
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: http://www.ortas.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
ns2.rtv.gov.sy
www.ortas.online
www.rtv.gov.sy
2606:4700:20::ac43:44f5
2606:4700::6812:6b9
82.137.248.19
82.137.248.4
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
0b40667594c82d7c843189fa25ecf138c252bda05d50bcbf9e84c6c1b5b150f9
0b4299524d62becc9c63787dc1d70c900142131583d5c8ac649dffa4750aea38
15e3d26f2914887d935e33b6676b3edff2e39c771023108e6c607600de672e66
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
36b67a044c73be7d54fa102380db02bd9d016f4eddf54cb574fa576003faaa99
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
5be903b3ee612b4154beac25a6f231f18aac75b49413cab8d57895c339674d73
8a08cf4d32796ef6f325dbe46c2744eecd10c4ad36158a659fc71dd8fc9524ad
8b7427be6eebeafed4b1349bc0be7ef4d79234a9074110e380895b275395963a
907f041f0b7d83e204314b7e20a13be10671767bc702636d9b62a96f633d1378
90fa8fdc1ad43e464162e1911dc0cc179cd2a0763c01c25231c6560bbbb0b986
92f2e69c16fe9a4ec92c971e59ef70c7d3943b80cb6fb8ddd684aa8833ed8f7a
9d86cff2b08f7ca1c1e341f36319ac53f584a2c497b7f3e4c2ddde5e99193ff8
ccfec2c1cf67dd7faf9f909f0b7e643051e8e448024a78ddae08ff15ebd05d73
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8abbe3d02603f5140152e9673373a4947c63a114298c7064a64f72925b54572
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa