Submitted URL: http://ns1.rtv.gov.sy/
Effective URL: http://www.ortas.online/
Submission Tags: l4ing sy sub gov h8 Search All
Submission: On April 18 via api from UA — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700:20::681a:910, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ortas.online.
This is the only time www.ortas.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 82.137.248.4 29256 (INT-PDN-S...)
1 1 82.137.248.19 29256 (INT-PDN-S...)
17 2606:4700:20:... 13335 (CLOUDFLAR...)
2 12 2606:4700::68... 13335 (CLOUDFLAR...)
28 4
Apex Domain
Subdomains
Transfer
17 ortas.online
www.ortas.online
302 KB
12 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4009
237 KB
2 rtv.gov.sy
ns1.rtv.gov.sy
www.rtv.gov.sy
616 B
28 3
Domain Requested by
17 www.ortas.online www.ortas.online
12 challenges.cloudflare.com 2 redirects www.ortas.online
challenges.cloudflare.com
1 www.rtv.gov.sy 1 redirects
1 ns1.rtv.gov.sy
28 4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2022-09-18 -
2023-09-17
a year crt.sh

This page contains 3 frames:

Primary Page: http://www.ortas.online/
Frame ID: DB8053B1D5F2B2ACFFA5EED913BCF288
Requests: 25 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/7lbss/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 20259ABA06B2C84AD893DCDD3EF92C8A
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: DB4E5B8720AA7AF4263A74F8A5214607
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://ns1.rtv.gov.sy/ Page URL
  2. http://www.rtv.gov.sy/ HTTP 301
    http://www.ortas.online/ Page URL
  3. http://www.ortas.online/ Page URL

Page Statistics

28
Requests

29 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

539 kB
Transfer

1133 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ns1.rtv.gov.sy/ Page URL
  2. http://www.rtv.gov.sy/ HTTP 301
    http://www.ortas.online/ Page URL
  3. http://www.ortas.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.rtv.gov.sy/ HTTP 301
  • http://www.ortas.online/
Request Chain 5
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit
Request Chain 20
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ns1.rtv.gov.sy/
181 B
424 B
Document
General
Full URL
http://ns1.rtv.gov.sy/
Protocol
HTTP/1.1
Server
82.137.248.4 , Syrian Arab Republic, ASN29256 (INT-PDN-STE-AS STE PDN Internal AS, SY),
Reverse DNS
Software
nginx /
Resource Hash
8b7427be6eebeafed4b1349bc0be7ef4d79234a9074110e380895b275395963a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
181
Content-Type
text/html
Date
Tue, 18 Apr 2023 19:38:30 GMT
ETag
"2e012cf-b5-58820d30044da"
Last-Modified
Sun, 05 May 2019 09:44:03 GMT
Server
nginx
/
www.ortas.online/
Redirect Chain
  • http://www.rtv.gov.sy/
  • http://www.ortas.online/
6 KB
5 KB
Document
General
Full URL
http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14dd5f8ea9543f8aaf1a5f786cfe0bb7a420236dc8545d359c03d2f9a72b42fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://ns1.rtv.gov.sy/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-RAY
7b9f5e62bd329bd0-FRA
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Cross-Origin-Embedder-Policy
require-corp
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Tue, 18 Apr 2023 19:38:32 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Permissions-Policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy
same-origin
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwJoBvwCPTzPmodVh3FOvpfWWcPnrDaNthXfBXgWIxqqKrufxfRSfAa9LhAZnHAj2SgXG3E%2BCS%2Bi1Fh7G0smqXCOUgG2F7zqLvHgNmaautdB7%2FpYPqCQ6IA%2BeByxRHUUf6Dk3Lb9mycBIFRlZ6o%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 18 Apr 2023 19:38:30 GMT
Location
http://www.ortas.online/
Server
nginx
challenges.css
www.ortas.online/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
http://www.ortas.online/cdn-cgi/styles/challenges.css
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:48:21 GMT
Server
cloudflare
ETag
W/"642ee9c5-19c8"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
7b9f5e62efe337d7-FRA
Expires
Tue, 18 Apr 2023 21:38:32 GMT
v1
www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/
146 KB
52 KB
Script
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e62bd329bd0
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923ac12f058e8e7b6431ee9fe60175c7310ab8d7154a298761717624c5359eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=leBnXTYo0JlJQsbjJM4QVilMBb3gvmSlp8dyIdgjQZs-1681846712-0-gaNycGzNBpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:32 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpTKy%2Fz4Bs5M46CITW%2Fh07ePZtquUOnt7JhblOxpg2ERUss7BdIaHhIe4Sl1PhQ7QshxoblfkPKvmnumpf7NoH1D5jis6JgIrJhDx5MxLHODbP0QZ6IdHhQip3oZX9vSUVpBDlds5Kar9ypi%2Bcw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
Connection
keep-alive
CF-RAY
7b9f5e63081537d7-FRA
transparent.gif
www.ortas.online/cdn-cgi/images/trace/managed/js/
42 B
477 B
Image
General
Full URL
http://www.ortas.online/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7b9f5e62bd329bd0
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/?__cf_chl_rt_tk=leBnXTYo0JlJQsbjJM4QVilMBb3gvmSlp8dyIdgjQZs-1681846712-0-gaNycGzNBpA
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=leBnXTYo0JlJQsbjJM4QVilMBb3gvmSlp8dyIdgjQZs-1681846712-0-gaNycGzNBpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:48:21 GMT
Server
cloudflare
ETag
"642ee9c5-2a"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7b9f5e631abe3a96-FRA
Content-Length
42
Expires
Tue, 18 Apr 2023 21:38:32 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit
15 KB
5 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b086fd8b5f60107d01e2d7815964d3c903c9e4976bc9acd8c054de7dc513294

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:38:32 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7b9f5e639e5fbb62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 18 Apr 2023 19:38:32 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age=300, public
cf-ray
7b9f5e637e33bb62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
favicon.ico
www.ortas.online/
6 KB
6 KB
Image
General
Full URL
http://www.ortas.online/favicon.ico
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e939deae2de9e3c9fadf806b0457e18391e0f8d436e57a93ce77d48ca7fa83de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:32 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
same-origin
Connection
close
Referrer-Policy
same-origin
Server
cloudflare
Cross-Origin-Opener-Policy
same-origin
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqy%2B1LuMbV7AWdVb9JURGiUlRGER56SFglIM413nMyfR6A71bGqMQ87rX2PpFZ%2BFXhwcXnORUF7fOitAuesF6ZRhmi8Yn5h1%2BPVGBQB5iSuzsZrs1qvgboyjDkqTLefqCaUlF%2FImFcxTy%2FJng3M%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Permissions-Policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
CF-RAY
7b9f5e63688737d7-FRA
Expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
ac203b05e3a6ebb
www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1295408214:1681845712:qZlyJMnVRBcOTcW6GqprxlTHb3WBhyngNSfAv3zYqAo/7b9f5e62bd329bd0/
134 KB
102 KB
XHR
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1295408214:1681845712:qZlyJMnVRBcOTcW6GqprxlTHb3WBhyngNSfAv3zYqAo/7b9f5e62bd329bd0/ac203b05e3a6ebb
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e62bd329bd0
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0530c09fff84a378726e4aec0385eb6511aea999d360bac1b7357b7045a6a75

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
ac203b05e3a6ebb
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 18 Apr 2023 19:38:33 GMT
Content-Encoding
gzip
cf_chl_gen
ldmToy1y40/bM/9HK68ZxBtuBiopzlvQ7Y1HDmOUgREkWI7kMPT8IPSIv5O57FFmUrbRjr66OgUxNx8Unt5FclzHBIwPHRiFY/LNHlRZnUngAGnu5NRO93LIrEJBRCCLGrDw64LB41gAhmDH4nSE7IoU9tPjb08BTWfCdeCW1Lfy2xU9Wb9gLVEzxrQbFprCEPJE8MJKJf0NHhM/xFRV0sCJCXhkACQf3m1C/p+aJGJ6bCZqOUWZaufZcC3v4ilgGunkT9mycNgNyOV3C12Lf8+wiZZk+CDTJhrNTzeutqJBxEgs/JQX5VIHexZnATarj+lREeEe6PEM+sQp2I2u5WIgO7U2SYQw/+e0HtNqttXqmOAcMYyVam8ac657zAqz4Z3uM3oLoE6vyjuJxEnlBYK6tudO3mweOZmQFmsD8vQ=$Pgm5qiYvY5f0EAnqnWM0cA==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQ18NztEVqlr5BmszbYTKW9ofVj5GB6t7qetQ6zvvKY%2F1VOI5yhcyH6P%2FPb8YcqJtV0XHJNMfFUxM0r2kEMRYX6S5LMIP9VjpTMOr9l7fkZvmCUeN8ojM9%2BRR%2B11BctKIv5aLL655BLYf%2B9MdAY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7b9f5e641c433a96-FRA
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
managed
www.ortas.online/cdn-cgi/challenge-platform/h/b/beacon/ov1/1295408214:1681845712:qZlyJMnVRBcOTcW6GqprxlTHb3WBhyngNSfAv3zYqAo/7b9f5e62bd329bd0/ac203b05e3a6ebb/
0
498 B
XHR
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/beacon/ov1/1295408214:1681845712:qZlyJMnVRBcOTcW6GqprxlTHb3WBhyngNSfAv3zYqAo/7b9f5e62bd329bd0/ac203b05e3a6ebb/managed
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e62bd329bd0
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 18 Apr 2023 19:38:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Connection
keep-alive
CF-RAY
7b9f5e6b2d9c3a96-FRA
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfvdL6iK3VEXyzyztYCJhDH3z5iqevcXufGvVoUDHxJ9OB02yPoXu7jWF6urydTpcXh14jR6MrKxlnnBhxPe1X822sJVr97XvwHiYSwC0GiWoGSJ1p2r1WX1BGEkqNXcmy2G5AZuYoTnRn5kja4%3D"}],"group":"cf-nel","max_age":604800}
wvWvUtbVaAWQwHF
www.ortas.online/cdn-cgi/challenge-platform/h/b/img/7b9f5e62bd329bd0/1681846712990/
61 B
604 B
Image
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/img/7b9f5e62bd329bd0/1681846712990/wvWvUtbVaAWQwHF
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39cb3c68407f3fc9244cc2bd1ec956e6a6bd63c362f3431d5c878df0ffcb030

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:35 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4%2FLsUfFW5fOqhYyJ5VJ7BrILf90yHI4Y4%2F9SfCajW%2F4kFye%2FlxLDHWkAPE9FuMBJWTB66dZ6HLwe6eIbmnXtTtnn2L3ohmUQIELV%2BC7U3gqVplz4JZ%2Fg1lUCRlBhLxOncJiYdhOGW1pXp%2BfJbQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Connection
keep-alive
CF-RAY
7b9f5e73d9ba3a96-FRA
ac203b05e3a6ebb
www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1295408214:1681845712:qZlyJMnVRBcOTcW6GqprxlTHb3WBhyngNSfAv3zYqAo/7b9f5e62bd329bd0/
7 KB
6 KB
XHR
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1295408214:1681845712:qZlyJMnVRBcOTcW6GqprxlTHb3WBhyngNSfAv3zYqAo/7b9f5e62bd329bd0/ac203b05e3a6ebb
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e62bd329bd0
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7343bd434b35dd9887274952354ee7977a28e14608edd0d7e400f22e2ef192d9

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
ac203b05e3a6ebb
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 18 Apr 2023 19:38:35 GMT
Content-Encoding
gzip
cf_chl_gen
icbyyft0+rS7cGkSGMguLMy83PZqIW3AP4Q9PC9QxFN1rBqflNXVpnBls/3Xm28c$adFhn3hn/45slE8p1YwWqw==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlBhThUkVM9r17Pg9krCB9OrtXaYaBL0RzGlBQkJLVXfC4yDSt7G19iOn3Yj80Zi72pywTE9%2B%2Fru2YujAVKBCS2TXcC1HQiNWBXmHUAui2aDmI24gyAUoResxV9qepLo%2B96Q8OBnayiYEhKuPtc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7b9f5e748a9e3a96-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/7lbss/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 2025
22 KB
7 KB
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/7lbss/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fd8581c1604c6c9c3e826bbd1b227254a54ebc56cbf077a1b7563a120e814c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7b9f5e74ea35383e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 18 Apr 2023 19:38:35 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
truncated
/
187 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 2025
154 KB
55 KB
Script
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b9f5e74ea35383e
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/7lbss/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d866b1457b1e78ccc541b458ba2553e344446dce894ad560a62f4b7c73f15d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/7lbss/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:38:35 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7b9f5e757b14383e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
ab2688d1dfe0625
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1911518347:1681844905:MDyAWtTJIUgcU8FU_XbDNO6OwjG3H1ME3pZp1b8ylk8/7b9f5e74ea35383e/ Frame 2025
63 KB
40 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1911518347:1681844905:MDyAWtTJIUgcU8FU_XbDNO6OwjG3H1ME3pZp1b8ylk8/7b9f5e74ea35383e/ab2688d1dfe0625
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b9f5e74ea35383e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f31eee1238539fcf2a7f35ad925d88f770f17205fa3679184fba1c46de0c05d

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/7lbss/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
ab2688d1dfe0625
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Apr 2023 19:38:35 GMT
content-encoding
br
cf_chl_gen
KE5e9DeSYdANGWR9MRc5lzxuuE2TU7Q166ZsAopaG8/aodrpz3WF+smhp2SjQY9sOAjfusjZoU0ckGcP2GzKA56dMOJ2g4kA8MStW9BBJt1ZNl6iBjqQi3x7zjwhTCEYM80ukE9OHQO1SpJWQ9hVkvcGzFHh1XYcaqmiiPMyUjp1FiNsJ1T3gophn9bs6CtVGxNoLv/eokFsOJZEhoJzjMa1ICHZNEuUkjuD6YO21B3x8QdRtAHQ6+bOwalBQS4lOLhLWEIOLgMbF7OriIQJ/82WXEdGdgf+d5FpFj0gh6XRiOVnvFjwnbPW5tIGhhCo5g2baWwR/WXNrs2CMO9xNJY8CodMkRDuPJi3jeoD1aMLXiosoGnsh6JNAr1w1ZIRP2SD1a6D/rRG0Hyt8XJ/N743aTWu9yiF8WjW+HP6r3g=$k7uc6fGH7JcOsIN7ALNJKg==
server
cloudflare
cf-ray
7b9f5e766c64383e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
Primary Request /
www.ortas.online/
6 KB
5 KB
Document
General
Full URL
http://www.ortas.online/
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e62bd329bd0
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5013af8ddfa32811b6074e3b4dfbb058419df9ad692beed67a7b17846074a912
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.ortas.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-RAY
7b9f5e7dce8f3a96-FRA
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Cross-Origin-Embedder-Policy
require-corp
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Tue, 18 Apr 2023 19:38:37 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Permissions-Policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy
same-origin
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I4dp6FCI22kPbSRluZXWgzKaN8CsU8afbobSMH3fCCwq%2FGoNvxXUy20ie1X34%2FdfcswpTcmZI96%2BTUnrAfH2vbK8iC%2FdqpKSyKIRV%2F8kAaeXYaqGuz%2Fsa3Sb8foAgTSMK0PhBnQtFqu8duKpbA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
challenges.css
www.ortas.online/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
http://www.ortas.online/cdn-cgi/styles/challenges.css
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:48:21 GMT
Server
cloudflare
ETag
W/"642ee9c5-19c8"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
7b9f5e7df9439b7d-FRA
Expires
Tue, 18 Apr 2023 21:38:37 GMT
v1
www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/
145 KB
52 KB
Script
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e7dce8f3a96
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2b3d8a0d2dd6cedea2265d24d873f8870517e147f88f99f3df51321e83be16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=nLW9Q5y5jatYQ7djPwGDmD4xsX.bl41M51m4bgMKFR0-1681846717-0-gaNycGzNBqU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:37 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTw2ku0r3Kgs1iZuoOg1WGW1gDGF0O%2Bko03vu2p9Jedb6DvxBNBUoTq1DrnrP7mHWUXPDA16m%2BPdsRz1sVyodDcCQQ2NGJggk4xxWCqFCB6KwpvBfffgyvEKyAGhtcSmDuYQIaq0n%2FdV9RsQV0U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
Connection
keep-alive
CF-RAY
7b9f5e7e19789b7d-FRA
transparent.gif
www.ortas.online/cdn-cgi/images/trace/managed/js/
42 B
477 B
Image
General
Full URL
http://www.ortas.online/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7b9f5e7dce8f3a96
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/?__cf_chl_rt_tk=nLW9Q5y5jatYQ7djPwGDmD4xsX.bl41M51m4bgMKFR0-1681846717-0-gaNycGzNBqU
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/?__cf_chl_rt_tk=nLW9Q5y5jatYQ7djPwGDmD4xsX.bl41M51m4bgMKFR0-1681846717-0-gaNycGzNBqU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:48:21 GMT
Server
cloudflare
ETag
"642ee9c5-2a"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7b9f5e7e2afc37d1-FRA
Content-Length
42
Expires
Tue, 18 Apr 2023 21:38:37 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit
15 KB
5 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
H3
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b086fd8b5f60107d01e2d7815964d3c903c9e4976bc9acd8c054de7dc513294

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:38:37 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7b9f5e7e7a4903ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 18 Apr 2023 19:38:37 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/74cb9f3f/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age=300, public
cf-ray
7b9f5e7e5a1f03ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
favicon.ico
www.ortas.online/
6 KB
6 KB
Image
General
Full URL
http://www.ortas.online/favicon.ico
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
813ae4fac1a86c74adf95217836ea72d6ff65070716989af19eacee81561df3e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:37 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
same-origin
Connection
close
Referrer-Policy
same-origin
Server
cloudflare
Cross-Origin-Opener-Policy
same-origin
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUnylvkXRvY8a2a91atwAb56gwYAuGa5maAbxHUPfa%2FwEB45PNWRIvh2zf7JEOzqCFovJWvS61X8U46wqVn7r4lucoY5cEX1cYe%2BzM90wVitec%2BXf3A7ZxGDdMAwIXHQLQDuO5wvEGuQrqYNGdU%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Permissions-Policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
CF-RAY
7b9f5e7e59dc9b7d-FRA
Expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
69cbb583a98a87c
www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/696835384:1681844764:kGTPWubPIHHXoeKv3mS2PYm9M7--ZFW82PpPhVb5SUs/7b9f5e7dce8f3a96/
95 KB
55 KB
XHR
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/696835384:1681844764:kGTPWubPIHHXoeKv3mS2PYm9M7--ZFW82PpPhVb5SUs/7b9f5e7dce8f3a96/69cbb583a98a87c
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e7dce8f3a96
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c29c109d5be8b48381dccc798351f274dbc629dc7e6d2a47127bb77de6e9fd

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
69cbb583a98a87c
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 18 Apr 2023 19:38:37 GMT
Content-Encoding
gzip
cf_chl_gen
I0YXHMHM5AdTF95NdAYIao7JfDxkBY9Ff004KuxKxa14JkvukucbyhfVpTK2F4xgNV2BNDns+U/9Z1aTxfWgdnkj7mm0hF2lDQvmv1GlnCCVBFqcdyt+gqx4yyNsNCDD+eqkICzTErcI69IfkxVMDqYIq+ephXrrM23vZLpIG8F5M8uxQhWMYEL5jBeZPRk/k0viPDkXKr58YQVpbm/VjxDC4j6aXvDWdYYmN3RXkKdsjk39twFTwRZ7RFf51eGDIaA0rDII0o49wxubEu7Gd+9aEcHI9cRaQI7Iyyyu7Baw/TJpDFH32f114mBPl7Q7NHoVr4i3nNbMrfyqUde17jDYKx2fH34eqjJ367g5M2HzbvwacEuz1fOV09Li0nefcrBCcHzf1OcZ9buUC/qnsH6VQCoBytuVvdqFFD4AhdTZp8odLrOxX8pK2UKOHAwuHvXgERyTCA5+nDabeCLhnbH9bmnmbukQNgrttYmt5R0=$PNnM0vxvxlA3ML90yZE7iA==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJ2KaKUwq%2BS5x93Rr%2BAkgwfNDs1BmghQ9O3%2FQPeekXVcUMVWT6HuzARFsTJ24PYX9E2KWifdWCIf3IZch6UaKPehJ4mrilOyxhF8jBbJ5bDMIrvDH8yngWAUoAXztknammHeLzsoHsM0RGcKY88%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7b9f5e7f0c3337d1-FRA
LNz4N6mrUsq1k-f
www.ortas.online/cdn-cgi/challenge-platform/h/b/img/7b9f5e7dce8f3a96/1681846717303/
61 B
598 B
Image
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/img/7b9f5e7dce8f3a96/1681846717303/LNz4N6mrUsq1k-f
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086bd59d3b0373ff7a6177ba09774b56744246abaf611478d38f1083f9371f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 19:38:38 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FhyX7WvLT4IvrgN9S0idwa%2By0Fl8lMl1JCUabvcypiOluFYPChiVnmL5xcetqWQHWogKA1wNM6WkaCr0rDSPvyh3jgIqnQ6EoUfQ8yibcnRkpM6Y8YKzEy2ajzhEHg0JJsi5%2Fh%2F8RQRzr6UGCg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Connection
keep-alive
CF-RAY
7b9f5e88ba4e37d1-FRA
69cbb583a98a87c
www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/696835384:1681844764:kGTPWubPIHHXoeKv3mS2PYm9M7--ZFW82PpPhVb5SUs/7b9f5e7dce8f3a96/
5 KB
5 KB
XHR
General
Full URL
http://www.ortas.online/cdn-cgi/challenge-platform/h/b/flow/ov1/696835384:1681844764:kGTPWubPIHHXoeKv3mS2PYm9M7--ZFW82PpPhVb5SUs/7b9f5e7dce8f3a96/69cbb583a98a87c
Requested by
Host: www.ortas.online
URL: http://www.ortas.online/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b9f5e7dce8f3a96
Protocol
HTTP/1.1
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af17944b1405fdf0f29b05a57c38f9702e75848f0062041d94bc16d6680c6ab

Request headers

Referer
http://www.ortas.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
69cbb583a98a87c
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 18 Apr 2023 19:38:38 GMT
Content-Encoding
gzip
cf_chl_gen
o9gAtLNA88yGSomhqaOisHHZZywmRc7bw2aDoBLG5E0PXeDSFJVOD/laT2ZxIk+D$R8f49a5rrXlZfjCIO26X2g==
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftpji%2BBwMFAMo38%2F4UH9jXULrPlas2uzkpcaXinD8FPuI6OUKB9Q2LV4%2FgMOSGIoW6i9xZ7WGsNqiXQsRklpWbjOMLFKzXcbEWBPI4KQTSPguckFNTWYMuRHN3PaNDNZnraxsBizAiq3mhyvQZ4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7b9f5e892afc37d1-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame DB4E
22 KB
7 KB
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f89f7d826ab5707424a94ca8b8cc54a5a4a4aa33d3e2a06ebaf6dfd42da84df2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7b9f5e89892a383e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 18 Apr 2023 19:38:38 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
truncated
/
187 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ortas.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame DB4E
153 KB
55 KB
Script
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b9f5e89892a383e
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adeba2be60658608852f8435c13a19525d1d25b5d968059685b9cf445a99df84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:38:39 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7b9f5e89f9d0383e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
c5257bebee24215
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2043646577:1681845778:x8PpGCbOR5oZ6F8xejtdXECKnYS-zZ5YpgBdlrJkVWs/7b9f5e89892a383e/ Frame DB4E
107 KB
53 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2043646577:1681845778:x8PpGCbOR5oZ6F8xejtdXECKnYS-zZ5YpgBdlrJkVWs/7b9f5e89892a383e/c5257bebee24215
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b9f5e89892a383e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb634db4ab8a9b793ac29ae9fce5517c26077cbccef87b1e1e208460ac26906b

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
c5257bebee24215
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Apr 2023 19:38:39 GMT
content-encoding
br
cf_chl_gen
0kpZWN7WBQNyhLKCRHTtqrdvSQRQbkRKEy7LCqpGDh5h+Vm1ccY4TkiLaCgZFJCxL360f6amnDLXfFKJaHo52/3c+KT/6Vz0wWwxIARBhMIExWYn47PF4i9tlsb/0vI/Rtc1141QKTNptE97FrVto1uYpzHYabtt97e1qgzEFwwuQIhH0hlmXssm+ezHEmum071+6b2OebwpxTXcMFmBK6Q4CFoLqQG/EUMH2RenaNBP+zDG+U59WUjaLc89D+x068BmmRUa9lPZNfY017+fE1P+qAVY/ky9zGWX2Vjyv3f4Nyn99R5rZbKMPpuXMwcGGNmm4XZwzuOFfmJMgYrYiUmWMA3wURYouPTjVT7+A/rq8Jr9++j2KtlT/8t7TgtxlfjrSv2+yNFnBWubSbDYAFHrHciXl+aFlnHX/Wc6YLcE9os9xAww21sd8fsqGf19$n8RuHzNTonULrU0fcgQ+jg==
server
cloudflare
cf-ray
7b9f5e8aeb3c383e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
_qqY9WHWJR6lYr0
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b9f5e89892a383e/1681846719202/ Frame DB4E
61 B
166 B
Image
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b9f5e89892a383e/1681846719202/_qqY9WHWJR6lYr0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
271f43cc8eb8df021eff7e9bf4998c1c6c79ba702bb7dbbeffba52de1a99cee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:38:40 GMT
server
cloudflare
cf-ray
7b9f5e922e75383e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
c5257bebee24215
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2043646577:1681845778:x8PpGCbOR5oZ6F8xejtdXECKnYS-zZ5YpgBdlrJkVWs/7b9f5e89892a383e/ Frame DB4E
10 KB
8 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2043646577:1681845778:x8PpGCbOR5oZ6F8xejtdXECKnYS-zZ5YpgBdlrJkVWs/7b9f5e89892a383e/c5257bebee24215
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b9f5e89892a383e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0258f4a67355e9e469149be64524f960561e2af597c41a535f472fd25b1580

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/aj0ex/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
c5257bebee24215
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Apr 2023 19:38:40 GMT
content-encoding
br
cf_chl_gen
VM+N1+j3Jxkqu+XbqvNQ/N05eTItIWNrZcC343+Py5CLDJ0ZVkWUT3kykctbmUv1$i5fxya3oJNpBtrz3AKXDZg==
server
cloudflare
cf-ray
7b9f5e93b883383e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| sendRequest object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded

1 Cookies

Domain/Path Name / Value
www.ortas.online/ Name: cf_chl_rc_m
Value: 1

10 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: http://www.ortas.online/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other error URL: http://www.ortas.online/
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: http://www.ortas.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: http://www.ortas.online/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other error URL: http://www.ortas.online/
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: http://www.ortas.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
ns1.rtv.gov.sy
www.ortas.online
www.rtv.gov.sy
2606:4700:20::681a:910
2606:4700::6812:7b9
82.137.248.19
82.137.248.4
086bd59d3b0373ff7a6177ba09774b56744246abaf611478d38f1083f9371f77
14dd5f8ea9543f8aaf1a5f786cfe0bb7a420236dc8545d359c03d2f9a72b42fa
271f43cc8eb8df021eff7e9bf4998c1c6c79ba702bb7dbbeffba52de1a99cee8
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
5013af8ddfa32811b6074e3b4dfbb058419df9ad692beed67a7b17846074a912
5af17944b1405fdf0f29b05a57c38f9702e75848f0062041d94bc16d6680c6ab
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
7343bd434b35dd9887274952354ee7977a28e14608edd0d7e400f22e2ef192d9
813ae4fac1a86c74adf95217836ea72d6ff65070716989af19eacee81561df3e
82c29c109d5be8b48381dccc798351f274dbc629dc7e6d2a47127bb77de6e9fd
8b7427be6eebeafed4b1349bc0be7ef4d79234a9074110e380895b275395963a
923ac12f058e8e7b6431ee9fe60175c7310ab8d7154a298761717624c5359eb7
9b086fd8b5f60107d01e2d7815964d3c903c9e4976bc9acd8c054de7dc513294
9f31eee1238539fcf2a7f35ad925d88f770f17205fa3679184fba1c46de0c05d
a39cb3c68407f3fc9244cc2bd1ec956e6a6bd63c362f3431d5c878df0ffcb030
a8fd8581c1604c6c9c3e826bbd1b227254a54ebc56cbf077a1b7563a120e814c
adeba2be60658608852f8435c13a19525d1d25b5d968059685b9cf445a99df84
d0530c09fff84a378726e4aec0385eb6511aea999d360bac1b7357b7045a6a75
d866b1457b1e78ccc541b458ba2553e344446dce894ad560a62f4b7c73f15d11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e939deae2de9e3c9fadf806b0457e18391e0f8d436e57a93ce77d48ca7fa83de
ee2b3d8a0d2dd6cedea2265d24d873f8870517e147f88f99f3df51321e83be16
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f89f7d826ab5707424a94ca8b8cc54a5a4a4aa33d3e2a06ebaf6dfd42da84df2
fb634db4ab8a9b793ac29ae9fce5517c26077cbccef87b1e1e208460ac26906b
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
fd0258f4a67355e9e469149be64524f960561e2af597c41a535f472fd25b1580