urlscan.io logo urlscan.io
SecurityTrails logo

almansourco.moch.gov.iq Open in urlscan Pro
2606:4700:20::681a:13a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://almansourco.moch.gov.iq/
Effective URL: https://almansourco.moch.gov.iq/
Submission: On May 23 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:4700:20::681a:13a, located in United States and belongs to CLOUDFLARENET, US. The main domain is almansourco.moch.gov.iq.
TLS certificate: Issued by GTS CA 1P5 on April 13th 2023. Valid for: 3 months.
This is the only time almansourco.moch.gov.iq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 7 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
8 moch.gov.iq
almansourco.moch.gov.iq
88 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
7 2
Domain Requested by
8 almansourco.moch.gov.iq 2 redirects almansourco.moch.gov.iq
0 fonts.googleapis.com Failed almansourco.moch.gov.iq
7 2

This site contains no links.

Subject Issuer Validity Valid
moch.gov.iq
GTS CA 1P5		 2023-04-13 -
2023-07-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://almansourco.moch.gov.iq/
Frame ID: 61E42C7D291B59C659F0380A97262BEB
Requests: 4 HTTP requests in this frame

Frame: https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: 1EE3A75AD01DADCB8828B352847F8411
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

almansourco.moch.gov.iq-->Secure Gateway

Page URL History Show full URLs

  1. http://almansourco.moch.gov.iq/ HTTP 301
    https://almansourco.moch.gov.iq/ Page URL

Page Statistics

7
Requests

71 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

87 kB
Transfer

105 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://almansourco.moch.gov.iq/ HTTP 301
    https://almansourco.moch.gov.iq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
almansourco.moch.gov.iq/
Redirect Chain
  • http://almansourco.moch.gov.iq/
  • https://almansourco.moch.gov.iq/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://almansourco.moch.gov.iq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dedf331de0bef662d9a90c4f68b70df419ac609ae7eeeb03ef853fd56660277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7cbd4117a8ca0171-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 May 2023 12:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1fWuY8lIl4Prv%2Bmzl3rXWYMeVZLovfQQ4NUFFG4NaXVfbibNhnB5xnOvtu8k9K765iGsPqrimSxyRbex16PKYtCFdcclkm2GWNz8Q237Zm2xIek0mRqbBDZBaClt%2FfkiJ2yqRLVpJfu7I1la36rp7Kfqlwa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7cbd41159f27016b-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 23 May 2023 12:20:39 GMT
Expires
Tue, 23 May 2023 13:20:39 GMT
Location
https://almansourco.moch.gov.iq/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYvw4WxtAvIQXcKugZ8PXw5RA3X%2FvghOmYZuob7Vg0fRten5tIejI4Lgo2NISNHURIgz8I3U4r6EpmN2%2FwzQFzA6zYHkA%2F9pT4LxMMwShOhVWkvCeQyId53DrzRUHxWERGNLtZCv4aasdC92yo3SsIgFGAwu"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
style.css
almansourco.moch.gov.iq/msg/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://almansourco.moch.gov.iq/msg/style.css
Requested by
Host: almansourco.moch.gov.iq
URL: https://almansourco.moch.gov.iq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62da220ead28a9ff0f858bc75db589aa6ee8a239463880baf0f7f2a745fe915
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com *.fbcdn.net fbcdn.net static.xx.fbcdn.net youtube.com *.cdn-today.com cdn-today.com *.tawk.to cdn.jsdelivr.net *.bootstrapcdn.com *.gstatic.com maps.gstatic.com cdn-today.com *.uptocloud.net uptocloud.net *.googleapis.com *.google.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net; frame-src 'self' *.youtube.com *.google.com *.devoyard.com:1444 assets.zendesk.com cdn-today.com *.facebook.com *.uptocloud.net youtube.com uptocloud.net s-static.ak.facebook.com tautt.zendesk.com; object-src 'self' *.youtube.com static.xx.fbcdn.net *.fbcdn.net *.cdn-today.com cdn-today.com *.bootstrapcdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://almansourco.moch.gov.iq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:20:41 GMT
x-server-powered-by
Secure Gateway®
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
master-only
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com *.fbcdn.net fbcdn.net static.xx.fbcdn.net youtube.com *.cdn-today.com cdn-today.com *.tawk.to cdn.jsdelivr.net *.bootstrapcdn.com *.gstatic.com maps.gstatic.com cdn-today.com *.uptocloud.net uptocloud.net *.googleapis.com *.google.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net; frame-src 'self' *.youtube.com *.google.com *.devoyard.com:1444 assets.zendesk.com cdn-today.com *.facebook.com *.uptocloud.net youtube.com uptocloud.net s-static.ak.facebook.com tautt.zendesk.com; object-src 'self' *.youtube.com static.xx.fbcdn.net *.fbcdn.net *.cdn-today.com cdn-today.com *.bootstrapcdn.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-secure_gateway_id
b51e500426bfdddd443f8859a73793ec
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Sep 2021 23:46:29 GMT
server
cloudflare
etag
W/"613a9cd5-83a"
expect-ct
enforce; max-age=3600
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUScyI0PMrExnFMDZe7gNu8Qt0lGkXbLWh8L2JQMoe7o9LpbNZ8XqXgsGwOhzyPeLTIRDptRJqKdmZAMrFN4kD6pyF%2BrbVBVEF2OeIrX5MKnE8OCDINpqrWFEr9kR%2F6nuTHwlGzI0LGSs1fXAWxTqlAPu1VF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
feature-policy
accelerometer 'none'; autoplay 'none'; camera 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; sync-xhr 'none'; usb 'none';
cf-ray
7cbd411f1a0b0171-CDG
securegateway.gif
almansourco.moch.gov.iq/msg// 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://almansourco.moch.gov.iq/msg//securegateway.gif
Requested by
Host: almansourco.moch.gov.iq
URL: https://almansourco.moch.gov.iq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6b63ba06c82b6d82effeb03d90112b5d96cdb99cf60780229beebfb4953d42
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com *.fbcdn.net fbcdn.net static.xx.fbcdn.net youtube.com *.cdn-today.com cdn-today.com *.tawk.to cdn.jsdelivr.net *.bootstrapcdn.com *.gstatic.com maps.gstatic.com cdn-today.com *.uptocloud.net uptocloud.net *.googleapis.com *.google.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net; frame-src 'self' *.youtube.com *.google.com *.devoyard.com:1444 assets.zendesk.com cdn-today.com *.facebook.com *.uptocloud.net youtube.com uptocloud.net s-static.ak.facebook.com tautt.zendesk.com; object-src 'self' *.youtube.com static.xx.fbcdn.net *.fbcdn.net *.cdn-today.com cdn-today.com *.bootstrapcdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://almansourco.moch.gov.iq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:20:41 GMT
x-server-powered-by
Secure Gateway®
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
master-only
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com *.fbcdn.net fbcdn.net static.xx.fbcdn.net youtube.com *.cdn-today.com cdn-today.com *.tawk.to cdn.jsdelivr.net *.bootstrapcdn.com *.gstatic.com maps.gstatic.com cdn-today.com *.uptocloud.net uptocloud.net *.googleapis.com *.google.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net; frame-src 'self' *.youtube.com *.google.com *.devoyard.com:1444 assets.zendesk.com cdn-today.com *.facebook.com *.uptocloud.net youtube.com uptocloud.net s-static.ak.facebook.com tautt.zendesk.com; object-src 'self' *.youtube.com static.xx.fbcdn.net *.fbcdn.net *.cdn-today.com cdn-today.com *.bootstrapcdn.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-secure_gateway_id
1d4d086511199fe05bebcc1aad381be5
content-length
67590
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Apr 2020 00:04:02 GMT
server
cloudflare
etag
"5e97a0f2-10806"
expect-ct
enforce; max-age=3600
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lk3y9364OLsxHRPrxuVABQafG6LIaHnQp4wfwEZXt8nJa9h4AqpsBS09PGerhLbFi5isWWnR0i1XtSiwbJbmkvYgh7ytnJWMxA9bNsVY6Yy7zXoHCP86QcSDkRUcze9od1zRhR8suKTsAtXy%2FO5jhRA9rzma"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
cache-control
max-age=14400
feature-policy
accelerometer 'none'; autoplay 'none'; camera 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; sync-xhr 'none'; usb 'none';
accept-ranges
bytes
cf-ray
7cbd411f1a0c0171-CDG
css
fonts.googleapis.com/ 		0
0
invisible.js
almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame 1EE3
Redirect Chain
  • https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
27 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Protocol
H2
Server
2606:4700:20::681a:13a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159255c499b27282f0366e6e276b01c943d132a78a3ba880f68847afa30813e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:20:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrlyaAXckdBcjq8jBt2QfFvhmUTIvW9zFzrQ4GIpczQtlR0lw7vAma9eJ5pBy%2BN0r8cUNeI7brI1ZnbJf7X5VrwZDq4FELxOtCLc3WJxNNc7A4z5AZdRWuM940zfnCEQqEdD6PRzG7oc2z2QOAaZAbvZvzMc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cbd4120fc6d0171-CDG

Redirect headers

date
Tue, 23 May 2023 12:20:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt2qZVZ2OzkTSqEbcCSh7wFqgmjGco3ipSqnvzEoodmKdzUMWD9LKZWoeNVwur6iI4Q4iFraWwdcW%2B%2FJJoA8yn%2Bh38zQQ6G4T%2BJoAotRuDn%2B0M2d%2BoElD0xmlL1XW15bo%2BtHMFzto99sT4Z9Dv0mks15NMmF"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7cbd4120dc470171-CDG
pica.js
almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1EE3 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9574f2a7e0d2fd05192a80c3a6dc9c3439315841dbd0a79b0522f31c8ba596b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:20:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbpLeGCFxtZ7YvnG%2FhEL34vaYLAULVToAJ2LUpRIpO2ebaCzw7fTGJpj2m3ps%2Fem9Wfa7kC7fJ7eEZFOQEgyVDz9Y2LqOonIayVqo3WPk6Yie7A4Ur30fsx8BfO7GNTB9hM02MajAlSXrXOPlm4T%2BrO%2B2COo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cbd41214cb30171-CDG
7cbd4117a8ca0171
almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1EE3 		2 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/h/g/cv/result/7cbd4117a8ca0171
Requested by
Host: almansourco.moch.gov.iq
URL: https://almansourco.moch.gov.iq/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 May 2023 12:20:42 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7cbd41277b5a0171-CDG
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t42Ks4oduWkTYQWNOcUdkMFrtSTQMIY0u7cQe5ED7Vv6aipF058tVcfTzTjTlpocWa7hb8T1DzOx%2FR6ezWUW1hj6rXOkCrW3ahYHbwMuHtpHjVRZeMtWwKUFRwpdQD5ZCIIAOXBynu0iIZ4E5RHlYvwyWTK3"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto:400,300

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| now number| timeup number| counter function| timer number| count

1 Cookies

Domain/Path Name / Value
.moch.gov.iq/ Name: __cf_bm
Value: SYtxbJanlqYfTLt3PpfPXUa2d12Ex7QrIPIqP4QPgxk-1684844442-0-AckW9RePksI4nsIrSAZXFJbTOMC72D3FwgAGYrWnDaW2M8XzhxEBvH9vFJLwuI/jrvlDEsNo+dADSCcN7fe1LvviiYUAL9I9DcBbgmpABxv/

2 Console Messages

Source Level URL
Text
network error URL: https://almansourco.moch.gov.iq/
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://almansourco.moch.gov.iq/
Message:
Mixed Content: The page at 'https://almansourco.moch.gov.iq/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,300'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block