urlscan.io logo urlscan.io
SecurityTrails logo

www.ortas.online Open in urlscan Pro
2606:4700:20::681a:910  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ns2.rtv.gov.sy/
Effective URL: http://www.ortas.online/
Submission Tags: gov sy subleak l4ing Search All
Submission: On July 19 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 2606:4700:20::681a:910, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ortas.online.
This is the only time www.ortas.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 82.137.248.4 29256 (INT-PDN-S...)
1 1 82.137.248.19 29256 (INT-PDN-S...)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
26 5
1    82.137.248.4 (Damascus, Syrian Arab Republic)

ASN29256 (INT-PDN-STE-AS STE PDN Internal AS, SY)
ns2.rtv.gov.sy
1    82.137.248.19 (Damascus, Syrian Arab Republic)

ASN29256 (INT-PDN-STE-AS STE PDN Internal AS, SY)
www.rtv.gov.sy
10    2606:4700:20::681a:910 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ortas.online
3    2606:4700::6812:1384 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.hcaptcha.com
12    2606:4700::6812:167a (United States)

ASN13335 (CLOUDFLARENET, US)
cf-assets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
15 hcaptcha.com
cloudflare.hcaptcha.com — Cisco Umbrella Rank: 15840
cf-assets.hcaptcha.com — Cisco Umbrella Rank: 28373
1 MB
10 ortas.online
www.ortas.online
103 KB
2 rtv.gov.sy
ns2.rtv.gov.sy
www.rtv.gov.sy
616 B
26 3
Domain Requested by
12 cf-assets.hcaptcha.com cloudflare.hcaptcha.com
cf-assets.hcaptcha.com
10 www.ortas.online www.ortas.online
3 cloudflare.hcaptcha.com www.ortas.online
cf-assets.hcaptcha.com
1 www.rtv.gov.sy 1 redirects
1 ns2.rtv.gov.sy
26 5

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
www.cloudflare.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-02 -
2023-04-02		 a year crt.sh
*.cf-assets.hcaptcha.com
E1		 2022-06-20 -
2022-09-18		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.ortas.online/
Frame ID: E3AAFB8CF41F31AF3FFDFE6C3ED407D1
Requests: 13 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Frame ID: 5FB9C6085B4F3A56078791FC82DA7CCF
Requests: 4 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Frame ID: 47C2901F36421117A395207BCD17FFFF
Requests: 4 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Frame ID: BF8D6064FB4786B34573611784F30C01
Requests: 4 HTTP requests in this frame

Frame: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Frame ID: A466C700F0050C4F486E713192B879DE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please Wait... | Cloudflare

Page URL History Show full URLs

  1. http://ns2.rtv.gov.sy/ Page URL
  2. http://www.rtv.gov.sy/ HTTP 301
    http://www.ortas.online/ Page URL

Page Statistics

26
Requests

58 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

1414 kB
Transfer

3718 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ns2.rtv.gov.sy/ Page URL
  2. http://www.rtv.gov.sy/ HTTP 301
    http://www.ortas.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ns2.rtv.gov.sy/ 		181 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ns2.rtv.gov.sy/
Protocol
HTTP/1.1
Server
82.137.248.4 Damascus, Syrian Arab Republic, ASN29256 (INT-PDN-STE-AS STE PDN Internal AS, SY),
Reverse DNS
Software
nginx /
Resource Hash
8b7427be6eebeafed4b1349bc0be7ef4d79234a9074110e380895b275395963a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
181
Content-Type
text/html
Date
Tue, 19 Jul 2022 14:31:53 GMT
ETag
"2e012cf-b5-58820d30044da"
Last-Modified
Sun, 05 May 2019 09:44:03 GMT
Server
nginx
Primary Request /
www.ortas.online/
Redirect Chain
  • http://www.rtv.gov.sy/
  • http://www.ortas.online/
13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f2c2b380f763c7c16ac2b7dba63533262222fe6bbe3c3022f64ef7828ac805
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://ns2.rtv.gov.sy/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Chl-Bypass
1
CF-RAY
72d429dcd82d59b9-MXP
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Jul 2022 14:31:55 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Permissions-Policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FAgBh%2B%2FuD9MaFItzvTQKhqfAoGuCwzY9oUhUW2Ci5QhskE1E2XOC7R84Z6z5xwccXc6EF5sthQoEI4ekTBIflUKCpk2Bn9o%2BwSPQMlEWJSvpxvJq6ZGxgP25Shqs75Nvg0DdGMyxd%2F5wY5Wizk%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 19 Jul 2022 14:31:54 GMT
Location
http://www.ortas.online/
Server
nginx
cf.errors.css
www.ortas.online/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/styles/cf.errors.css
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 14:31:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Jul 2022 14:44:32 GMT
Server
cloudflare
ETag
W/"62cd88d0-5e44"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=7200, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
72d429dd5dcb83a8-MXP
Vary
Accept-Encoding
Expires
Tue, 19 Jul 2022 16:31:55 GMT
v1
www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=72d429dcd82d59b9
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad5c9f4d8691f4cdcc46b660227f6225af69a06c1af8adc836e1e4c1c4f64c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=7dbZX4YzmYMYPK3Eql_PqwzSz_kU0zjNWt_WXNrgzbc-1658241115-0-gaNycGzNA70
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 14:31:55 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMZHsEGlRctZQL8a3T%2B2xHYfvy%2BsSDLNwtJ1Mz%2FIKxGqOxDmR%2BaK%2B518NDF9k5zplE%2BktzpjTy05Iy%2B2%2BW9PY2090uhzWDqv3mOeXyvdzL0KRlKjFzZCVtVT4vCjgjRPyov8Gl77iEiOXtraQig%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
Connection
keep-alive
CF-RAY
72d429dd7e1583a8-MXP
transparent.gif
www.ortas.online/cdn-cgi/images/trace/managed/js/ 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/cdn-cgi/images/trace/managed/js/transparent.gif?ray=72d429dcd82d59b9
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/?__cf_chl_rt_tk=7dbZX4YzmYMYPK3Eql_PqwzSz_kU0zjNWt_WXNrgzbc-1658241115-0-gaNycGzNA70
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=7dbZX4YzmYMYPK3Eql_PqwzSz_kU0zjNWt_WXNrgzbc-1658241115-0-gaNycGzNA70
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 14:31:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Jul 2022 14:44:32 GMT
Server
cloudflare
ETag
"62cd88d0-2a"
X-Frame-Options
DENY
Content-Type
image/gif
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
72d429dd9c833763-MXP
Vary
Accept-Encoding
Content-Length
42
Expires
Tue, 19 Jul 2022 16:31:55 GMT
transparent.gif
www.ortas.online/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=72d429dcd82d59b9
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/?__cf_chl_rt_tk=7dbZX4YzmYMYPK3Eql_PqwzSz_kU0zjNWt_WXNrgzbc-1658241115-0-gaNycGzNA70
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=7dbZX4YzmYMYPK3Eql_PqwzSz_kU0zjNWt_WXNrgzbc-1658241115-0-gaNycGzNA70
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 14:31:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 15 Jul 2022 15:34:13 GMT
Server
cloudflare
ETag
"62d188f5-2a"
X-Frame-Options
DENY
Content-Type
image/gif
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
72d429dda980baca-MXP
Vary
Accept-Encoding
Content-Length
42
Expires
Tue, 19 Jul 2022 16:31:55 GMT
browser-bar.png
www.ortas.online/cdn-cgi/images/ 		715 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 14:31:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 15 Jul 2022 15:34:13 GMT
Server
cloudflare
ETag
"62d188f5-2cb"
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
72d429ddab74bae2-MXP
Vary
Accept-Encoding
Content-Length
715
Expires
Tue, 19 Jul 2022 16:31:55 GMT
cf-no-screenshot-warn.png
www.ortas.online/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 14:31:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 15 Jul 2022 15:34:13 GMT
Server
cloudflare
ETag
"62d188f5-a20"
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
72d429ddad8abb26-MXP
Vary
Accept-Encoding
Content-Length
2592
Expires
Tue, 19 Jul 2022 16:31:55 GMT
api.js
cloudflare.hcaptcha.com/1/ 		279 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=72d429dcd82d59b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e98609f5ef55dd0c2f502ec4925dec1e3ae4ce9d73be0ff7a7ea799777ea4b5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:55 GMT
via
1.1 b2373cd296c22c460cd352ec0beb0b2c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
etag
W/"eb250a18c008d1b060582897c4cadf79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
TXL50-P3
cf-ray
72d429de1afb2325-ZRH
x-amz-cf-id
-kgpLPkbFIfAJfHmD7Karb-40R2DNhFR5CThqL_MQPoCBor0UcY7EA==
f6b0d532c745136
www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7486350660827333:1658236155:RIFRwnk33oX2D5zfAd4Jt6DQejOBsBB36f6mlAuhK7c/72d429dcd82d59b9/ 		130 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7486350660827333:1658236155:RIFRwnk33oX2D5zfAd4Jt6DQejOBsBB36f6mlAuhK7c/72d429dcd82d59b9/f6b0d532c745136
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=72d429dcd82d59b9
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec4df0cf0913c1f740e2d0cc94d5d511eeab2d820acd9308d4e70e7b5c987ef9

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
CF-Challenge
f6b0d532c745136
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 19 Jul 2022 14:31:56 GMT
Content-Encoding
gzip
cf_chl_gen
lmjaxIunR/ImP17gdemEqO9zeb85mcK6W1fbJBQqhi2s0UZKog17Twof7z+dRLF9AVPrsojak24bmfYl1T5Cj/4UjNCoec/4F79udG8jb2wHOaaj7kjXFBRYYQ6KdibAho+7IDtksRvqvGkyxLQzeIb643IHCt5i6nrLKqfdKBtrfRW6+WmonVGZt7N5+bDRSMzpfs51rwZ52GplJYBr2impvx8NAYVCIDn6yvqrgCwjguToa2/78K85MBnHYOJ744aWEMRboiqKO6GSzwrjg8uwHqqi9hkxRInkeyHLLi8BmmSbO1F4NEGAvMZASZSmlCetPJFDY+95Kc9c6pPMuVK3HJ+kGQEsWesutengPPy25pjfcmcDuiCS5RmCOFW6$VriUW1dIzZCC9omI/j+czg==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hI%2BEJRYV6euc%2B5TXRLaNtUJRz2TjHYq7ZOo8G7e4ieYMbpq0MTiuN2%2BT4AMo7GOu08ZqYoFDtVpivkjCrWPJiqOdICazCCwT31CJGb%2BHZ67b6j7bUgmhoh6OoTJpQp%2BTnpS6ucTwVvSYL0Haus%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
72d429de9b96baca-MXP
D4EJflN0boKzK6n
www.ortas.online/cdn-cgi/challenge-platform/h/g/img/72d429dcd82d59b9/1658241115952/ 		61 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/img/72d429dcd82d59b9/1658241115952/D4EJflN0boKzK6n
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30492b00b6e31941d4180dc2533a50f34c3a312027df0656793024f0bfeaa353

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 14:31:56 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w%2FSVh5J0SO6KdN3BiL7uOG%2Fb9G3ZFwL%2FKQGcgchZQ6HcarhP0s%2B%2FK2OfnOGY7Ac3iM4Zwxs%2BKeqhijVKEqI8p3FUR5OuCwxLNcZi3TmLtVoUU1JQXDH93uVQBvoAEsXLHO3zk2mQcVhRbj202g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Connection
keep-alive
CF-RAY
72d429dfae17baca-MXP
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
f6b0d532c745136
www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7486350660827333:1658236155:RIFRwnk33oX2D5zfAd4Jt6DQejOBsBB36f6mlAuhK7c/72d429dcd82d59b9/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7486350660827333:1658236155:RIFRwnk33oX2D5zfAd4Jt6DQejOBsBB36f6mlAuhK7c/72d429dcd82d59b9/f6b0d532c745136
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=72d429dcd82d59b9
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a2398c1dcb6555b86baa519470b638ed34fc63ba18216d6807f0deb7a7370f9

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
CF-Challenge
f6b0d532c745136
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 19 Jul 2022 14:31:57 GMT
Content-Encoding
gzip
cf_chl_gen
pXfkV7W7HJbDciyEQ6c44AXjs/ng0OXYmfQL3so5lVw=$YfuQtQfKD04/iyZrkQAS7Q==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgDMgaQL2mh7Sd1mxoEouw4IdpFGdPeAAU1ur5B3At3QQc8BoJj2K87vTq9QXNj28fpZEroKOF3BwcAGRnMVY8cDqR0ohN0QF5i9gJ7G7fdAeBeCFeCLCQdfyYc%2F0kYyl6AZLUDADKnChX4rHWg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
72d429e92c2cbaca-MXP
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/ Frame 5FB9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4648d8364585def0ac749dc1e41d2e035688ca1e9cd1cb97f160fa476f741d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://www.ortas.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31515
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
72d429ea08132325-ZRH
content-encoding
gzip
content-type
text/html
date
Tue, 19 Jul 2022 14:31:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 02 Aug 2022 14:31:57 GMT
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
x-amz-cf-id
kQmyCpVUk4dII_DOVNVN4WywBOKoykOmafTvbwOrkTmbm3601Qterw==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/ Frame 47C2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4648d8364585def0ac749dc1e41d2e035688ca1e9cd1cb97f160fa476f741d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://www.ortas.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31515
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
72d429ea08142325-ZRH
content-encoding
gzip
content-type
text/html
date
Tue, 19 Jul 2022 14:31:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 02 Aug 2022 14:31:57 GMT
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
x-amz-cf-id
kQmyCpVUk4dII_DOVNVN4WywBOKoykOmafTvbwOrkTmbm3601Qterw==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/ Frame BF8D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4648d8364585def0ac749dc1e41d2e035688ca1e9cd1cb97f160fa476f741d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://www.ortas.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31515
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
72d429ea08182325-ZRH
content-encoding
gzip
content-type
text/html
date
Tue, 19 Jul 2022 14:31:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 02 Aug 2022 14:31:57 GMT
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
x-amz-cf-id
kQmyCpVUk4dII_DOVNVN4WywBOKoykOmafTvbwOrkTmbm3601Qterw==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
hcaptcha.html
cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/ Frame A466 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Requested by
Host: cloudflare.hcaptcha.com
URL: https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4648d8364585def0ac749dc1e41d2e035688ca1e9cd1cb97f160fa476f741d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://www.ortas.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31515
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
72d429ea08162325-ZRH
content-encoding
gzip
content-type
text/html
date
Tue, 19 Jul 2022 14:31:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 02 Aug 2022 14:31:57 GMT
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
via
1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
x-amz-cf-id
kQmyCpVUk4dII_DOVNVN4WywBOKoykOmafTvbwOrkTmbm3601Qterw==
x-amz-cf-pop
TXL50-P3
x-cache
Hit from cloudfront
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/f6d1797/ Frame A466 		279 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e98609f5ef55dd0c2f502ec4925dec1e3ae4ce9d73be0ff7a7ea799777ea4b5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:57 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
49616
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-length
80432
access-control-allow-origin
*
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
etag
"eb250a18c008d1b060582897c4cadf79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
cache-control
public, max-age=1209600
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
cf-ray
72d429ea58a02325-ZRH
x-amz-cf-id
r5pLxrjykRIr7hMe1BENdC0OVJVus7KDcFwiY52r2GhHBCYS9RXXMw==
expires
Tue, 02 Aug 2022 14:31:57 GMT
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/f6d1797/ Frame 5FB9 		279 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e98609f5ef55dd0c2f502ec4925dec1e3ae4ce9d73be0ff7a7ea799777ea4b5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:57 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
49616
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-length
80432
access-control-allow-origin
*
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
etag
"eb250a18c008d1b060582897c4cadf79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
cache-control
public, max-age=1209600
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
cf-ray
72d429ea68c92325-ZRH
x-amz-cf-id
r5pLxrjykRIr7hMe1BENdC0OVJVus7KDcFwiY52r2GhHBCYS9RXXMw==
expires
Tue, 02 Aug 2022 14:31:57 GMT
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/f6d1797/ Frame 47C2 		279 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e98609f5ef55dd0c2f502ec4925dec1e3ae4ce9d73be0ff7a7ea799777ea4b5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:57 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
49616
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-length
80432
access-control-allow-origin
*
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
etag
"eb250a18c008d1b060582897c4cadf79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
cache-control
public, max-age=1209600
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
cf-ray
72d429ea68ce2325-ZRH
x-amz-cf-id
r5pLxrjykRIr7hMe1BENdC0OVJVus7KDcFwiY52r2GhHBCYS9RXXMw==
expires
Tue, 02 Aug 2022 14:31:57 GMT
hcaptcha.js
cf-assets.hcaptcha.com/captcha/v1/f6d1797/ Frame BF8D 		279 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e98609f5ef55dd0c2f502ec4925dec1e3ae4ce9d73be0ff7a7ea799777ea4b5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
Origin
https://cf-assets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:57 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
49616
x-cache
Hit from cloudfront
strict-transport-security
max-age=0
content-length
80432
access-control-allow-origin
*
last-modified
Wed, 13 Jul 2022 15:04:08 GMT
server
cloudflare
etag
"eb250a18c008d1b060582897c4cadf79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
cache-control
public, max-age=1209600
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
cf-ray
72d429ea68cf2325-ZRH
x-amz-cf-id
r5pLxrjykRIr7hMe1BENdC0OVJVus7KDcFwiY52r2GhHBCYS9RXXMw==
expires
Tue, 02 Aug 2022 14:31:57 GMT
truncated
/ Frame A466 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
cloudflare.hcaptcha.com/ Frame A466 		530 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/checksiteconfig?v=f6d1797&host=www.ortas.online&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e999489a6d503d5cd8f10e244d85cf332f739a055b9f691f3cb675dfe538a24
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
application/json
Referer
https://cf-assets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Jul 2022 14:31:58 GMT
content-encoding
gzip
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cf-assets.hcaptcha.com
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
72d429eb5a542325-ZRH
cf-chl-bypass
2
truncated
/ Frame 47C2 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
cloudflare.hcaptcha.com/ Frame 47C2 		530 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/checksiteconfig?v=f6d1797&host=www.ortas.online&sitekey=45fbc4de-366c-40ef-9274-9f3feca1cd6c&sc=1&swa=1
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b3655c67ccf0a1c9959003ec8eb1726bffab8317808e72e1e674e01c65356d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
application/json
Referer
https://cf-assets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Jul 2022 14:31:58 GMT
content-encoding
gzip
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cf-assets.hcaptcha.com
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
72d429ebaabb2325-ZRH
cf-chl-bypass
2
hsw.js
cf-assets.hcaptcha.com/c/e2f3190c/ Frame 5FB9 		956 KB
360 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/c/e2f3190c/hsw.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac4f346f8b7cec433660e0ab10f7726abd85d4cd2578518df07d67f6f0e5dce
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:58 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
22648
x-cache
Hit from cloudfront
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 08:09:27 GMT
server
cloudflare
etag
W/"3604865f8e11a021fbeef1c78754b5da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA56-P4
cf-ray
72d429ec0b452325-ZRH
x-amz-cf-id
wocxSwCzdgIm62KHNHuz2bZohy2ML0kQe5brH0qjRj5dfW7jFW-a5A==
expires
Tue, 02 Aug 2022 14:31:58 GMT
hsw.js
cf-assets.hcaptcha.com/c/e2f3190c/ Frame BF8D 		956 KB
360 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/c/e2f3190c/hsw.js
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac4f346f8b7cec433660e0ab10f7726abd85d4cd2578518df07d67f6f0e5dce
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:58 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
22648
x-cache
Hit from cloudfront
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 08:09:27 GMT
server
cloudflare
etag
W/"3604865f8e11a021fbeef1c78754b5da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA56-P4
cf-ray
72d429ec0b4d2325-ZRH
x-amz-cf-id
wocxSwCzdgIm62KHNHuz2bZohy2ML0kQe5brH0qjRj5dfW7jFW-a5A==
expires
Tue, 02 Aug 2022 14:31:58 GMT
e
cf-assets.hcaptcha.com/i/f492821/ Frame BF8D 		95 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/i/f492821/e
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/c/e2f3190c/hsw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1cd22902dc15130a5961a298b48591f8db204376a9e9b7ef1eb708208cfe944
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:58 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
11627
x-cache
Hit from cloudfront
content-length
97567
last-modified
Fri, 15 Jul 2022 15:52:23 GMT
server
cloudflare
etag
"b7bc85e76f5e4d077464a580f1c3727f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/octet-stream
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
cf-ray
72d429edee782325-ZRH
x-amz-cf-id
EArtrGQuIrQyrJLzxTag8sha0ecezOvALVm2Hvdxk4mowaqN-yL1uQ==
expires
Tue, 02 Aug 2022 14:31:58 GMT
e
cf-assets.hcaptcha.com/i/f492821/ Frame 5FB9 		95 KB
95 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cf-assets.hcaptcha.com/i/f492821/e
Requested by
Host: cf-assets.hcaptcha.com
URL: https://cf-assets.hcaptcha.com/c/e2f3190c/hsw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:167a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1cd22902dc15130a5961a298b48591f8db204376a9e9b7ef1eb708208cfe944
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-assets.hcaptcha.com/captcha/v1/f6d1797/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:31:58 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
11627
x-cache
Hit from cloudfront
content-length
97567
last-modified
Fri, 15 Jul 2022 15:52:23 GMT
server
cloudflare
etag
"b7bc85e76f5e4d077464a580f1c3727f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/octet-stream
cache-control
public, max-age=1209600
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
cf-ray
72d429ee0eb62325-ZRH
x-amz-cf-id
EArtrGQuIrQyrJLzxTag8sha0ecezOvALVm2Hvdxk4mowaqN-yL1uQ==
expires
Tue, 02 Aug 2022 14:31:58 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _cf_chl_opt function| a function| b object| _cf_translation function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| SHA256 function| _cf_chl_hload object| _cf_chl_ctx string| _cf_chl_hlep object| Raven object| hcaptcha boolean| _cf_chl_hloaded object| _

3 Cookies

Domain/Path Name / Value
www.ortas.online/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7486350660827333:1658236155:RIFRwnk33oX2D5zfAd4Jt6DQejOBsBB36f6mlAuhK7c/72d429dcd82d59b9 Name: cf_chl_seq_f6b0d532c745136
Value: 1PwFg5NFuikkv9J
www.ortas.online/ Name: cf_chl_prog
Value: b
.cf-assets.hcaptcha.com/ Name: __cf_bm
Value: PhW20R7Yu23qAD5EYKoPWEEBwngw3DkhCakwYnU30hc-1658241117-0-AXRTiW7yy6GfgpFFlhxeHG+Va6NA29FWz2HxLkbF/+54w+dMeH3FpgZCfZUkEP0VaCivZKQp7cQmZhxo0e3zW4o=

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: http://www.ortas.online/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf-assets.hcaptcha.com
cloudflare.hcaptcha.com
ns2.rtv.gov.sy
www.ortas.online
www.rtv.gov.sy
2606:4700:20::681a:910
2606:4700::6812:1384
2606:4700::6812:167a
82.137.248.19
82.137.248.4
01f2c2b380f763c7c16ac2b7dba63533262222fe6bbe3c3022f64ef7828ac805
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
30492b00b6e31941d4180dc2533a50f34c3a312027df0656793024f0bfeaa353
39b3655c67ccf0a1c9959003ec8eb1726bffab8317808e72e1e674e01c65356d
4a2398c1dcb6555b86baa519470b638ed34fc63ba18216d6807f0deb7a7370f9
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6e999489a6d503d5cd8f10e244d85cf332f739a055b9f691f3cb675dfe538a24
8ad5c9f4d8691f4cdcc46b660227f6225af69a06c1af8adc836e1e4c1c4f64c5
8b7427be6eebeafed4b1349bc0be7ef4d79234a9074110e380895b275395963a
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
9e98609f5ef55dd0c2f502ec4925dec1e3ae4ce9d73be0ff7a7ea799777ea4b5
b1cd22902dc15130a5961a298b48591f8db204376a9e9b7ef1eb708208cfe944
cac4f346f8b7cec433660e0ab10f7726abd85d4cd2578518df07d67f6f0e5dce
cf4648d8364585def0ac749dc1e41d2e035688ca1e9cd1cb97f160fa476f741d
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
ec4df0cf0913c1f740e2d0cc94d5d511eeab2d820acd9308d4e70e7b5c987ef9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629