women.ncr-iran.org - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:4700:10::6816:38aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is women.ncr-iran.org.
TLS certificate: Issued by GTS CA 1P5 on March 3rd 2024. Valid for: 3 months.

This is the only time women.ncr-iran.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:10:... 2606:4700:10::6816:38aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

5 2606:4700:10::6816:38aa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

women.ncr-iran.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ncr-iran.org 1 redirects women.ncr-iran.org	179 KB
2	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 4344	13 KB
7	2

	Domain	Requested by
5	women.ncr-iran.org	1 redirects women.ncr-iran.org
2	challenges.cloudflare.com	women.ncr-iran.org challenges.cloudflare.com
7	2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
ncr-iran.org GTS CA 1P5	`2024-03-03` - `2024-06-01`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://women.ncr-iran.org/2024/03/13/negar-karimian/
Frame ID: 8699B69B7D46908D04E4AB5A068F09E2
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y9gfl/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 6C1300BB2AFABE1D5EDDECFE44D53E74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

7
Requests

71 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

191 kB
Transfer

592 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://women.ncr-iran.org/favicon.ico HTTP 302
https://women.ncr-iran.org/wp-content/uploads/2019/10/NCRI-Women-Committee-Logo-75x75.png

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 Primary Request / Show response
women.ncr-iran.org/2024/03/13/negar-karimian/ 16 KB
8 KB 71ms
26ms Document
text/html 2606:4700:10::6816:38aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://women.ncr-iran.org/2024/03/13/negar-karimian/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:38aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01eaa2f3c932fba01877f4a7a08436c33f42c195af50c48531cc5c9864f953e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: QIifSRchlx5Az0/dWWQkdTjmPJCMSRCR883n6s29O2F9Jo3jVfOpb/k34Rq8v0mfvyULWOyUL0VoYBGi1VUiKDRqvAGRJQ+rGOKvac3zGoU=$SUG+WEegsLsiX59KJjm9iA==
cf-mitigated: challenge
cf-ray: 864555ddba1e9a23-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 14 Mar 2024 15:35:45 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
women.ncr-iran.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 509 KB
144 KB 451ms
451ms Script
application/javascript 2606:4700:10::6816:38aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://women.ncr-iran.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=864555ddba1e9a23
Requested by: Host: women.ncr-iran.org
URL: https://women.ncr-iran.org/2024/03/13/negar-karimian/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c126d77e2da5dce7ab302097dc31daa4e61b2ba35829e4b3c1c9fc3a9da93f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://women.ncr-iran.org/2024/03/13/negar-karimian/?__cf_chl_rt_tk=OF3wP25.dFOLUiHUTDmVXK2siyDxuIfq7cfxH_hUd8g-1710430545-0.0.1.1-1557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:35:46 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
server: cloudflare
cf-ray: 864555df3c469a23-FRA
content-type: application/javascript; charset=UTF-8

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/5b600c458061/ 38 KB
13 KB 150ms
32ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/5b600c458061/api.js?onload=RGXRys7&render=explicit
Requested by: Host: women.ncr-iran.org
URL: https://women.ncr-iran.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=864555ddba1e9a23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede9837e84ce18059b6acfa8760cf6cc198db239182a76cfb2b9ebe3f4cd8cb0

Request headers

Referer
Origin: https://women.ncr-iran.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:35:46 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 864555e39a361cc5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

403

NCRI-Women-Committee-Logo-75x75.png
women.ncr-iran.org/wp-content/uploads/2019/10/
Redirect Chain

https://women.ncr-iran.org/favicon.ico
https://women.ncr-iran.org/wp-content/uploads/2019/10/NCRI-Women-Committee-Logo-75x75.png

15 KB
15 KB

18ms
18ms

Image
text/html

2606:4700:10::6816:38aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://women.ncr-iran.org/wp-content/uploads/2019/10/NCRI-Women-Committee-Logo-75x75.png

Requested by

Host: women.ncr-iran.org
URL: https://women.ncr-iran.org/2024/03/13/negar-karimian/

Protocol

H2

Server

2606:4700:10::6816:38aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d289eb7e59515a33dbaaaabb9afd05b7b8c677f16783b48ebbc6903dc50f879

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://women.ncr-iran.org/2024/03/13/negar-karimian/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:35:46 GMT
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
cf-chl-out: I1MJ04T/91WLCsjW+sVdmPI3jra8n3w3hBTanPcnUOteCpJlDfojjerEgEt7vGf3SGkZi9d2oXpU2cSDx8apyE8SVLPfjzq8LWSaSeIfIk8=$tHwynwq0fjftuzRJJ+YWsA==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 864555e3097a9a23-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

date: Thu, 14 Mar 2024 15:35:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 825
x-redirect-by: WordPress
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://women.ncr-iran.org/wp-content/uploads/2019/10/NCRI-Women-Committee-Logo-75x75.png
cache-control: max-age=3600
cf-ray: 864555e2d9459a23-FRA
link: <https://women.ncr-iran.org/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1; mode=block
expires: Thu, 14 Mar 2024 16:22:00 GMT

GET
BLOB 200
OK 09c0fecb-a0cc-4088-811c-9a696781cebf
https://women.ncr-iran.org/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://women.ncr-iran.org/09c0fecb-a0cc-4088-811c-9a696781cebf
Requested by: Host: women.ncr-iran.org
URL: https://women.ncr-iran.org/2024/03/13/negar-karimian/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://women.ncr-iran.org/2024/03/13/negar-karimian/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H2 200 0bfc5fb0f241100 Show response
women.ncr-iran.org/cdn-cgi/challenge-platform/h/g/flow/ov1/1995385214:1710426172:F3vwapx7XV6i5M0ShDD-492Y53jF1VBHrTNR9J0BQtA/864555ddba1e9a23/ 14 KB
10 KB 39ms
39ms XHR
text/plain 2606:4700:10::6816:38aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://women.ncr-iran.org/cdn-cgi/challenge-platform/h/g/flow/ov1/1995385214:1710426172:F3vwapx7XV6i5M0ShDD-492Y53jF1VBHrTNR9J0BQtA/864555ddba1e9a23/0bfc5fb0f241100
Requested by: Host: women.ncr-iran.org
URL: https://women.ncr-iran.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=864555ddba1e9a23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2200f27ce71e1c466982c3160603b87ea33a9d61f1a24b67740edf7ad7f01458

Request headers

Referer: https://women.ncr-iran.org/2024/03/13/negar-karimian/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
CF-Challenge: 0bfc5fb0f241100
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: jvxPeb5p2ZB33QdcuY9D/YPVinfkG6l62kXWZURcNHd52C7w7Ns7+rsNlITWJFUx$DcWt/gbUJDsRDuiyeuwPbQ==
date: Thu, 14 Mar 2024 15:35:46 GMT
content-encoding: br
server: cloudflare
cf-ray: 864555e389f49a23-FRA
content-type: text/plain; charset=UTF-8

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y9gfl/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 6C13 0
0 31ms
22ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y9gfl/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/5b600c458061/api.js?onload=RGXRys7&render=explicit

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 864555e3edc18c40-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 15:35:46 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			women.ncr-iran.org/	1970-01-20 19:07:14	Name: cf_chl_3 Value: 0bfc5fb0f241100

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://women.ncr-iran.org/2024/03/13/negar-karimian/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://women.ncr-iran.org/wp-content/uploads/2019/10/NCRI-Women-Committee-Logo-75x75.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
women.ncr-iran.org
2606:4700:10::6816:38aa
2606:4700::6811:2b8
01eaa2f3c932fba01877f4a7a08436c33f42c195af50c48531cc5c9864f953e9
2200f27ce71e1c466982c3160603b87ea33a9d61f1a24b67740edf7ad7f01458
78c126d77e2da5dce7ab302097dc31daa4e61b2ba35829e4b3c1c9fc3a9da93f
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
9d289eb7e59515a33dbaaaabb9afd05b7b8c677f16783b48ebbc6903dc50f879
ede9837e84ce18059b6acfa8760cf6cc198db239182a76cfb2b9ebe3f4cd8cb0

women.ncr-iran.org Open in urlscan Pro 2606:4700:10::6816:38aa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

191 kBTransfer

592 kBSize

1 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

women.ncr-iran.org Open in urlscan Pro
2606:4700:10::6816:38aa Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

191 kB
Transfer

592 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions