iir.ai Open in urlscan Pro
2606:4700:3031::6815:136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://iir.ai/YwfJa
Submission: On October 02 via manual (October 2nd 2021, 4:07:50 pm UTC) from ES — Scanned from DE

Summary HTTP 44 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3031::6815:136, located in United States and belongs to CLOUDFLARENET, US. The main domain is iir.ai.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time iir.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3031::6815:136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:ef6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.109.82.83 23.109.82.83	7979 (SERVERS-COM) (SERVERS-COM)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	54.235.172.58 54.235.172.58	14618 (AMAZON-AES) (AMAZON-AES)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1	2600:9000:21f... 2600:9000:21f3:2600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
1	178.162.156.34 178.162.156.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
44	18

8 2606:4700:3031::6815:136 (United States)

ASN13335 (CLOUDFLARENET, US)

iir.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ef6 (United States)

ASN13335 (CLOUDFLARENET, US)

clk.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.83 (Netherlands)

ASN7979 (SERVERS-COM, US)

backjawtanoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.235.172.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-172-58.compute-1.amazonaws.com

greenrecru.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

forfrogadiertor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

oufauthy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.156.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

perf.cdnads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gstatic.com fonts.gstatic.com www.gstatic.com	543 KB
8	iir.ai iir.ai	213 KB
4	recaptcha.net www.recaptcha.net	24 KB
3	forfrogadiertor.com forfrogadiertor.com	31 KB
2	rtmark.net my.rtmark.net	1 KB
2	onmarshtompor.com onmarshtompor.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	oufauthy.net oufauthy.net	23 KB
2	greenrecru.biz greenrecru.biz	37 B
2	clk.sh clk.sh	73 KB
1	cdnads.com perf.cdnads.com	323 B
1	cdnativepush.com static.cdnativepush.com	3 KB
1	consensu.org quantcast.mgr.consensu.org	6 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	backjawtanoa.com backjawtanoa.com
1	googleapis.com fonts.googleapis.com	1 KB
0	ofyouope.club Failed ofyouope.club Failed
44	17

	Domain	Requested by
8	iir.ai	iir.ai
6	www.gstatic.com	www.recaptcha.net www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
4	www.recaptcha.net	iir.ai www.gstatic.com
3	forfrogadiertor.com	iir.ai forfrogadiertor.com
2	my.rtmark.net	onmarshtompor.com forfrogadiertor.com
2	onmarshtompor.com	oufauthy.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	oufauthy.net	iir.ai
2	greenrecru.biz	iir.ai
2	clk.sh	iir.ai
1	perf.cdnads.com
1	static.cdnativepush.com
1	quantcast.mgr.consensu.org	iir.ai
1	www.googletagmanager.com	iir.ai
1	backjawtanoa.com	iir.ai
1	fonts.googleapis.com	iir.ai
0	ofyouope.club Failed	iir.ai
44	18

This site contains links to these domains. Also see Links.

Domain
clk.sh
xdowl0adxd0wnloadx.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
backjawtanoa.com R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
greenrecru.biz R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
forfrogadiertor.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
oufauthy.net R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
onmarshtompor.com R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
cdnativepush.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.cdnads.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-07` - `2021-11-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://iir.ai/YwfJa
Frame ID: 00C638AE0272FBC94DE0198B0CD59972
Requests: 32 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=cd3176f94f594cdfac92cfde25950be8&oaidts=1633190865
Frame ID: 0499A762D4FC965594796FB1F2D42822
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=siomgmkziq84
Frame ID: 7488C79554161A01B5EE3BC38166171F
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57
Frame ID: DE637682C6B1501FA79C9FC44F3E5D9F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ClkSh

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

98 %
HTTPS

53 %
IPv6

17
Domains

18
Subdomains

18
IPs

4
Countries

979 kB
Transfer

2295 kB
Size

13
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.sh/

Search URL Search Domain Scan URL

URL: https://clk.sh/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://clk.sh/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://clk.sh/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/faq
Title: How it works

Search URL Search Domain Scan URL

URL: https://xdowl0adxd0wnloadx.com/qzr0Ic19e8107187388ee2a75b09ba45eb5fcbe7dcee6?q=File_2945_Download

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request YwfJa Show response
iir.ai/ 72 KB
24 KB 732ms
685ms Document
text/html 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194f525ffc921a9df15abc1edbc3ea1217a2884b9407b7d08d63c01778c252ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: iir.ai
:scheme: https
:path: /YwfJa
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=694776c473420b449b89276b9c9f8f96; path=/; HttpOnly; secure csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRx7o7n%2B2tnuvF4ej5NjTqWekWeb36NM240cXVc8mmqvVx45YcHjcTT4%2FCMMIfZm4Oje8LeaHUO23x5QnL%2BLEgjFDvHLp1r8ziu77JfQo8ZxYebP1C8%2B2BiTXrRZ6LYozfdG%2FGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697f2f76c9c9d618-MXP
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 60ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 15:20:35 GMT
server: ESF
date: Sat, 02 Oct 2021 16:07:45 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 16:07:45 GMT

GET
H2 200 styles.min.css
iir.ai/cloud_theme/build/css/ 189 KB
34 KB 35ms
35ms Stylesheet
text/css 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /cloud_theme/build/css/styles.min.css?ver=6.4.0
pragma: no-cache
cookie: AppSession=694776c473420b449b89276b9c9f8f96; csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: iir.ai
referer: https://iir.ai/YwfJa
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/YwfJa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PYIePmZFAzinngi%2B2Wg7W2IhHb8F7vk7jHEPKmhLTKIyk%2BBC3gbn4MPltNIi03ndUZbrBSebdX9QEgyXUqwvCCdhSnCKWhvIaT80Bx5ddBbvhOajPDa4RUTN9R9apk7TLQyOkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 697f2f7b28f7d618-MXP
expires: Wed, 06 Oct 2021 08:57:11 GMT

GET
H2 200 hmpglogo228x70.png
clk.sh/webroot/modern_theme/img/ 3 KB
4 KB 82ms
25ms Image
image/png 2606:4700:20::681a:ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clk.sh/webroot/modern_theme/img/hmpglogo228x70.png

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ef6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2929d6945e9a8e4dc441b7b2140a82aa75645c05501bb2336ec1aa1e9a17b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 653852
cf-polished: origSize=3621, status=vary_header_present
cf-bgj: imgq:100,h2pri
content-length: 2964
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 04:31:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCaMkTR3IAlgtn82SvZbvSz67VkgatKq22vSu%2BCEFb7YSWf3M1RDNZnXv%2BLTtPR2N6onCpdt8SSg60o985HU%2BkuINk%2Fl79zhIXyQLwSU0%2BSf%2Bpq68whKpKJf14XcPU%2BzAacLHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f2f7beb265a13-MXP
expires: Sun, 25 Sep 2022 02:30:10 GMT

GET
H/1.1 200
OK 14505 Show response
backjawtanoa.com/tAFBAmPD7sTvJLs3L/ 0
0 268ms
16ms Script
text/html 23.109.82.83
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://backjawtanoa.com/tAFBAmPD7sTvJLs3L/14505
Requested by: Host: iir.ai
URL: https://iir.ai/YwfJa
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 23.109.82.83 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://iir.ai
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 sw.js Show response
iir.ai/ 98 KB
38 KB 31ms
29ms Script
application/javascript 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/sw.js

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f074d153dbe3ebeea04820b7a320e2d799c239ce544959451ccb8861c379475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sw.js
pragma: no-cache
cookie: AppSession=694776c473420b449b89276b9c9f8f96; csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: iir.ai
referer: https://iir.ai/YwfJa
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/YwfJa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272253
cf-polished: origSize=102635
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Jun 2021 08:08:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1EMtKgW5aItivh%2BZxLyd6buPY%2B8%2FmnlU1gGCHXEERJ3v2HuDLza%2Fwa3IOLZUYOLu7OsYK%2BthhtUuoa9YKsWIRo3eoAb8aVxpAs4CFQ2C9EYe1iddwPxwdB8Gw4k9vF6RRwy4Os%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 697f2f7b8979d618-MXP
expires: Wed, 06 Oct 2021 08:56:51 GMT

GET
H2 200 dwndbnr1.png
iir.ai/webroot/modern_theme/img/ 47 KB
47 KB 41ms
40ms Image
image/png 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iir.ai/webroot/modern_theme/img/dwndbnr1.png

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /webroot/modern_theme/img/dwndbnr1.png
pragma: no-cache
cookie: AppSession=694776c473420b449b89276b9c9f8f96; csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: iir.ai
referer: https://iir.ai/YwfJa
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/YwfJa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10048715
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47787
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 04:33:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzg0%2BFR0Y1H6UVq6S%2FGx%2Blgopo3ey4NqfGt4liX9oLQkCF2zxjAmMfsAvekl6Gmz%2BKiqaiIfwAPgZNFwRdopDHJi8E1GVBoOXpgW7LM%2FAqsS7r5UC0LvOqE1fpz1J2hE5bNRmzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f2f7b8991d618-MXP
expires: Wed, 08 Jun 2022 08:49:09 GMT

GET
H2 200 email-decode.min.js Show response
iir.ai/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
27ms Script
application/javascript 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: AppSession=694776c473420b449b89276b9c9f8f96; csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: iir.ai
referer: https://iir.ai/YwfJa
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/YwfJa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 11:33:04 GMT
server: cloudflare
etag: W/"61544ef0-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNGi7pIojysUt38R%2FLvbtzn8sK8uNLxx0BGJ7qjwaONZJAk7CKVigdw3k8RCvAKRVp6NZN1BZw34YIxjNeWigS7uTGOCvS6zL2pQSJFpR5PcL1rYgIbizqtIsm0M62OY24ngOA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f2f7b897bd618-MXP
vary: Accept-Encoding
expires: Mon, 04 Oct 2021 16:07:45 GMT

GET
H2 200 ads.js Show response
iir.ai/js/ 190 B
469 B 38ms
36ms Script
application/javascript 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/js/ads.js

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: AppSession=694776c473420b449b89276b9c9f8f96; csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: iir.ai
referer: https://iir.ai/YwfJa
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/YwfJa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272253
cf-polished: origSize=192
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Dec 2019 16:40:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1eIB9zTGjAmc0dn0X7rLRZGbiOHLXL%2BNwjk0blM%2BFKor0mSt11%2BR2wyzUzN0GLnf9gVMUiUw5ExnGUK03VvNqPo5KnKhnQABghjS5q0QVJsRKEwaWHXNplECHwMWassshHYvmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 697f2f7b898dd618-MXP
expires: Wed, 06 Oct 2021 08:56:51 GMT

GET
H2 200 script.min.js Show response
iir.ai/cloud_theme/build/js/ 202 KB
61 KB 51ms
50ms Script
application/javascript 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /cloud_theme/build/js/script.min.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=694776c473420b449b89276b9c9f8f96; csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: iir.ai
referer: https://iir.ai/YwfJa
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/YwfJa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272253
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30R3rH7g%2BdBnn3wjx34eVU5Wzki9WV4fNvZ%2Fio5mKVTBDcshsr4TzAfzE%2B%2F6rr9rycwY4iZAYqfbeTEbRl5%2BAPGz87NF0pyGSgDlo%2F6FJmnJiPX7LVviHBVcXS6A3gyrI1DnyXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 697f2f7b898fd618-MXP
expires: Wed, 06 Oct 2021 08:56:51 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
1016 B 77ms
25ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d044221b8b51e3b5a3d9f271009088047a4d2ae210863b54536b1992f269ad0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Sat, 02 Oct 2021 16:07:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113561579-2

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcc4fb48a3b7d5a1d9515d1fd51bcb93ae417cf521db73fc542d1b1728e5c3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38922
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 16:07:45 GMT

GET
H2 200 Newbackground.jpg
clk.sh/webroot/img/ 69 KB
69 KB 86ms
31ms Image
image/jpeg 2606:4700:20::681a:ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clk.sh/webroot/img/Newbackground.jpg

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ef6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323df13ad92cf01957614193e5640209179eb0ec373ae4718fa0b92a4dd4aaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 653852
cf-polished: origSize=92083, status=vary_header_present
cf-bgj: imgq:100,h2pri
content-length: 70609
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jun 2018 10:09:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df8zwBR0%2BjPlnoeXxN5v%2FnxJhXaymkPuM4ZuP2PVr4JhCo2LL0ICRgdlLOVfdwfTVkMJ5VNO9UnUyb7k%2FA03kNwqKTIfLDWPtpK%2B2So6OTuuvxq0m%2BhBr3zZg%2BtdHYwEMMHqzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f2f7bfb2f5a13-MXP
expires: Sun, 25 Sep 2022 02:30:02 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 52ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://iir.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 08:57:05 GMT
x-content-type-options: nosniff
age: 285040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 08:57:05 GMT

GET
H2 502 eTdWdlMCFSUBDAxFOlRpW18iAiMKDXlZOhBFeBc6VkQhWDkKFXpUIBRRdExiVRUlGyVbDXRCfUkVelQnGFAJHzdbDXROY0wPbk5xVRUlAzEmXjJEcUMVMBUyGAVkRGpUA2dGYFQDZxRrVA5mQGVUDm4TZEsGZEdkHA40VC4
greenrecru.biz/ 0
0 310ms
102ms Script
text/plain 54.235.172.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://greenrecru.biz/eTdWdlMCFSUBDAxFOlRpW18iAiMKDXlZOhBFeBc6VkQhWDkKFXpUIBRRdExiVRUlGyVbDXRCfUkVelQnGFAJHzdbDXROY0wPbk5xVRUlAzEmXjJEcUMVMBUyGAVkRGpUA2dGYFQDZxRrVA5mQGVUDm4TZEsGZEdkHA40VC4
Requested by: Host: iir.ai
URL: https://iir.ai/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.235.172.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-172-58.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type
x-powered-by: Express
access-control-allow-methods: GET, POST

GET
H2 200 3487732 Show response
forfrogadiertor.com/400/ 84 KB
30 KB 57ms
21ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/400/3487732

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5797ed9f0371f5b565c6413d165f1fefdd27bfc7ce86ce34b679e3cce2e77325

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: 47ab488e786a1969de52f3ef19a01dcb
pragma: no-cache
date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 apu.php Show response
oufauthy.net/ 3 KB
2 KB 56ms
20ms XHR
application/json 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oufauthy.net/apu.php?zoneid=3491150&oo=1

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6d3c43fc80f6b0cf727c4fb4e0a79a6ad0016e953901b420660ef16face67bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: d8353f76d5891b0554f76b2c04c13506
pragma: no-cache
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://iir.ai
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
oufauthy.net/ 62 KB
21 KB 55ms
19ms Script
text/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oufauthy.net/tag.min.js

Requested by

Host: iir.ai
URL: https://iir.ai/YwfJa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 20625
x-trace-id: f4681616f996ff8632ce39195ada7b45
pragma: no-cache
last-modified: Sat, 02 Oct 2021 15:05:53 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 footer.jpg
iir.ai/cloud_theme/build/img/ 6 KB
6 KB 23ms
23ms Image
image/jpeg 2606:4700:3031::6815:136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iir.ai/cloud_theme/build/img/footer.jpg

Requested by

Host: iir.ai
URL: https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /cloud_theme/build/img/footer.jpg
pragma: no-cache
cookie: AppSession=694776c473420b449b89276b9c9f8f96; csrfToken=4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: iir.ai
referer: https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10048562
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6152
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqP61MwUdZjK1rvo4%2FqvPXGn4RoUMbH9PDa1OQJPmMzAGJuoOZfZinlRyQ%2Bm%2B04YtLtlCUx00Aw4qqjEcXMFUFWM86eoIy8OKid5yXY3%2FKpZF9Wwevi%2B4wS5cowoUxJSUfl%2FDJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f2f7d7c0fd618-MXP
expires: Wed, 08 Jun 2022 08:51:42 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://iir.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:34:56 GMT
x-content-type-options: nosniff
age: 462769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 07:34:56 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://iir.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 15:11:30 GMT
x-content-type-options: nosniff
age: 435375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 15:11:30 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 16 KB
6 KB 40ms
8ms Script
application/javascript 2600:9000:21f3:2600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: iir.ai
URL: https://iir.ai/YwfJa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:05:31 GMT
content-encoding: gzip
etag: W/"51870ee6d5cb32ca5311356b296af21f"
last-modified: Tue, 09 Mar 2021 20:17:06 GMT
server: AmazonS3
age: 477
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: iu7FSxkHsp4mKPbJWv7GHrgAlssFYKbCDYymS91eVCSON0dys6qkwQ==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ 346 KB
136 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
Origin: https://iir.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138353
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 02 Oct 2022 16:03:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4848
date: Sat, 02 Oct 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 16:46:57 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 0499 203 B
833 B 48ms
13ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=cd3176f94f594cdfac92cfde25950be8&oaidts=1633190865

Requested by

Host: oufauthy.net
URL: https://oufauthy.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

26347895f87491f1efdf0570635bf36fdfeb67ba6548d2d2a7f91b0c3a746213

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=cd3176f94f594cdfac92cfde25950be8&oaidts=1633190865
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/

Response headers

server: nginx
date: Sat, 02 Oct 2021 16:07:45 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: fb605918bad3ec8d5a7d9a5f460fed1d
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=cd3176f94f594cdfac92cfde25950be8; expires=Sun, 02 Oct 2022 16:07:45 GMT; path=/; secure; SameSite=None oaidts=1633190865; expires=Sun, 02 Oct 2022 16:07:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 7488 40 KB
21 KB 36ms
36ms Document
text/html 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=siomgmkziq84

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97317c28f29cd39a2370192ad6d4915d8fbd45938d039082078b962f0f728baf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XHLV5lbuGfQUY348kUs8FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=siomgmkziq84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Oct 2021 16:07:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-XHLV5lbuGfQUY348kUs8FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21152
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
199 B 15ms
14ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=237641089&t=pageview&_s=1&dl=https%3A%2F%2Fiir.ai%2FYwfJa&ul=en-us&de=UTF-8&dt=ClkSh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1134944836&gjid=410232492&cid=733356213.1633190866&tid=UA-113561579-2&_gid=1696714998.1633190866&_r=1&gtm=2ou9r0&z=1082279875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:07:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iir.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 0499 43 B
491 B 55ms
13ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=cd3176f94f594cdfac92cfde25950be8

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=cd3176f94f594cdfac92cfde25950be8&oaidts=1633190865

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 7488 52 KB
26 KB 49ms
14ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=siomgmkziq84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 15:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 01 Oct 2022 15:33:29 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 7488 346 KB
135 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138353
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 02 Oct 2022 16:03:46 GMT

GET
H2 200 / Show response
onmarshtompor.com/ 2 KB
2 KB 48ms
48ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=ugXWnX92fQSlp7kho-VPazCpEM7_F4sj4_YxjZj45Q7peTAsBbgDShKeXeYPBq_60Urk2cZWOealUzeHBND5TZn_V6dr0y3IiQKirvyxW0VM8EBnATkrC5Y2SEGbULsMBh9Q2WXcpYeCjMgC3F0lmuSUhIb6qfd1_ltHllCKtpS1ujcPXzB7ktj7J6hGw1aX732lg1j0QsSIPxcOeuPve4DZQ99Z3JlRtAGvzPm7gjDjxApf2MgqYJ33U5VfnuRsHhPJlWYNkaSlC0iX&zoneid=3491150&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fiir.ai%2FYwfJa&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=e40a9f20-6bf0-4583-981d-e806a14d914b&m=link

Requested by

Host: oufauthy.net
URL: https://oufauthy.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9aed42f1bb0276604bc6f54a6b1b0903261a7e4a21ead4a0794e15f8fe8a3b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://iir.ai
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET utx
ofyouope.club/ 0
0

POST
H2 200 / Show response
greenrecru.biz/ 0
37 B 297ms
99ms XHR
text/plain 54.235.172.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://greenrecru.biz/
Requested by: Host: iir.ai
URL: https://iir.ai/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.235.172.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-172-58.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
DATA 200
OK truncated
/ Frame 7488 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7488 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7488 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
age: 96572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Fri, 08 Oct 2021 13:18:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7488 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 418172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:58:13 GMT

GET
H2 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 7488 102 B
181 B 23ms
22ms Other
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=siomgmkziq84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 02 Oct 2021 16:07:45 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
536 B 13ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b15ffb6f0899f1e4117964c4639d306f1be22142db4f0557fe24e5600992447c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:07:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://iir.ai
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 3487732 Show response
forfrogadiertor.com/500/ 1 KB
1 KB 115ms
115ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/500/3487732?excludes=&oaid=cd3176f94f594cdfac92cfde25950be8&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fiir.ai%2FYwfJa&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bab029cdb79c7bdb0a3a9ec9125859f2faa8fdb0a7f596bbcfbda7035420351e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d8019c38c87432d5fc07fd27b3a211e5
pragma: no-cache
date: Sat, 02 Oct 2021 16:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://iir.ai
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3487732
forfrogadiertor.com/500/ Frame 0
0 46ms
17ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://iir.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 02 Oct 2021 16:07:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://iir.ai
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame DE63 7 KB
1 KB 24ms
23ms Document
text/html 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58ac826f798a93b944445c77a3b2932cdbb2a36d7d61252b7e503b78bfa9bd65

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LIVgV6pa7Mcs/ccc2S4Bng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Oct 2021 16:07:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-LIVgV6pa7Mcs/ccc2S4Bng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1109
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame DE63 52 KB
25 KB 13ms
13ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 15:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 01 Oct 2022 15:33:29 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame DE63 346 KB
135 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LcILDccAAAAAL4FxvBcTQ8pblQWf9JwF1bp_k57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138353
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 02 Oct 2022 16:03:46 GMT

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 60ms
13ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:07:46 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

GET
H/1.1 200
OK perf.gif
perf.cdnads.com/ 43 B
323 B 52ms
13ms Image
image/gif 178.162.156.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://perf.cdnads.com/perf.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.156.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:07:46 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 03 Oct 2021 16:07:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ofyouope.club
URL: https://ofyouope.club/utx?tid=805888&top=iir.ai&cb=3IkM9k2DMcws

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
iir.ai/	1969-12-31 23:59:59	Name: AppSession Value: 694776c473420b449b89276b9c9f8f96
iir.ai/	1969-12-31 23:59:59	Name: csrfToken Value: 4cc5fa1f5aa2118b1c9bb9ced90b686e46870f56e5c930a05401a65eedeb8b9fc16422c648760841083f765023a0d58939782e9beef9bf17dacc2b21663adf16
backjawtanoa.com/	1970-01-19 21:41:17	Name: GL_UI4 Value: eJw9jUtOwzAYhPMOVUnESDkAR4hJi9sl4hAsI8f%2Bk5omduWYRtweCwlW82kemiiKkqZGfC9SpF%2FiiGfJiTP%2BIjk%2FsaHtDufXjsYj46eRHfhZKez02nsxzOQzPE5kyGnZS6uowlOI%2FpyrsZvJkA9OGFUhX0JjrlAOzm4ruSZFZsRCKN4vzgbNF%2FFpHZJzF1CbgHGLxK5NWu9Qfmijwq7eI2FtXRUR9rdZ%2BNG6pdeqiJFPTihC%2FIYHKTxN1n2jVLRevb0Bdlb9f%2F%2F3Nt1Yi0LRXcvwbf2F3A%2Fx6Uoh
backjawtanoa.com/	1970-01-19 21:41:17	Name: GL_GI10 Value: eJxNy11qwkAYheE4qaMhVjngAtxAg9HQn1s1eGPXMITkUwaa%2BYbJVIyrbzRFvDvnhScIAjGfQmiL1%2FQrS9bvSbr8TFZLhCdiiF2OScm%2FxrtWmaImjPbk6sK0kI5Omg3EJkfcb1VyRRju8rendlfxoTDVYkPuRxu8lNp3%2Fv9Ft9fL6Cb7GurGYvy9yj4WB18hMuRVY4m6uWVn2RWeMH3Uu5chxrpR1vGllQPMvK7pyoYUH48NeSkwOEvxB639RpU%3D
iir.ai/	1969-12-31 23:59:59	Name: ab Value: 2
.iir.ai/	1970-01-20 15:11:02	Name: _ga Value: GA1.2.733356213.1633190866
.iir.ai/	1970-01-19 21:41:17	Name: _gid Value: GA1.2.1696714998.1633190866
.iir.ai/	1970-01-19 21:39:50	Name: _gat_gtag_UA_113561579_2 Value: 1
onmarshtompor.com/	1970-01-20 06:25:26	Name: OAID Value: cd3176f94f594cdfac92cfde25950be8
onmarshtompor.com/	1970-01-20 06:25:26	Name: oaidts Value: 1633190865
my.rtmark.net/	1970-01-20 06:25:26	Name: ID Value: cd3176f94f594cdfac92cfde25950be8
iir.ai/	1970-01-19 21:39:50	Name: prefetchAd_3491150 Value: true
forfrogadiertor.com/	1970-01-20 06:25:26	Name: OAID Value: cd3176f94f594cdfac92cfde25950be8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://greenrecru.biz/eTdWdlMCFSUBDAxFOlRpW18iAiMKDXlZOhBFeBc6VkQhWDkKFXpUIBRRdExiVRUlGyVbDXRCfUkVelQnGFAJHzdbDXROY0wPbk5xVRUlAzEmXjJEcUMVMBUyGAVkRGpUA2dGYFQDZxRrVA5mQGVUDm4TZEsGZEdkHA40VC4 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ofyouope.club/utx?tid=805888&top=iir.ai&cb=3IkM9k2DMcws Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backjawtanoa.com
clk.sh
fonts.googleapis.com
fonts.gstatic.com
forfrogadiertor.com
greenrecru.biz
iir.ai
my.rtmark.net
ofyouope.club
onmarshtompor.com
oufauthy.net
perf.cdnads.com
quantcast.mgr.consensu.org
static.cdnativepush.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
ofyouope.club
139.45.195.8
139.45.197.188
139.45.197.236
139.45.197.239
139.45.197.243
178.162.156.34
23.109.82.83
2600:9000:21f3:2600:9:46dc:4700:93a1
2606:4700:20::681a:ef6
2606:4700:3031::6815:136
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:830::200a
54.235.172.58
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
194f525ffc921a9df15abc1edbc3ea1217a2884b9407b7d08d63c01778c252ac
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26347895f87491f1efdf0570635bf36fdfeb67ba6548d2d2a7f91b0c3a746213
28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
323df13ad92cf01957614193e5640209179eb0ec373ae4718fa0b92a4dd4aaf6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4d044221b8b51e3b5a3d9f271009088047a4d2ae210863b54536b1992f269ad0
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5797ed9f0371f5b565c6413d165f1fefdd27bfc7ce86ce34b679e3cce2e77325
58ac826f798a93b944445c77a3b2932cdbb2a36d7d61252b7e503b78bfa9bd65
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3c43fc80f6b0cf727c4fb4e0a79a6ad0016e953901b420660ef16face67bb5
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
97317c28f29cd39a2370192ad6d4915d8fbd45938d039082078b962f0f728baf
9aed42f1bb0276604bc6f54a6b1b0903261a7e4a21ead4a0794e15f8fe8a3b3c
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b15ffb6f0899f1e4117964c4639d306f1be22142db4f0557fe24e5600992447c
b2929d6945e9a8e4dc441b7b2140a82aa75645c05501bb2336ec1aa1e9a17b30
bab029cdb79c7bdb0a3a9ec9125859f2faa8fdb0a7f596bbcfbda7035420351e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f074d153dbe3ebeea04820b7a320e2d799c239ce544959451ccb8861c379475f
fcc4fb48a3b7d5a1d9515d1fd51bcb93ae417cf521db73fc542d1b1728e5c3a8
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

iir.ai Open in urlscan Pro 2606:4700:3031::6815:136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

53 %IPv6

17 Domains

18 Subdomains

18 IPs

4 Countries

979 kBTransfer

2295 kBSize

13 Cookies

10 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

iir.ai Open in urlscan Pro
2606:4700:3031::6815:136 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

53 %
IPv6

17
Domains

18
Subdomains

18
IPs

4
Countries

979 kB
Transfer

2295 kB
Size

13
Cookies

44 HTTP transactions
2 data transactions