user.iraniangsm.site Open in urlscan Pro
116.202.19.33 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.iraniangsm.site/
Submission: On May 12 via automatic, source certstream-suspicious (May 12th 2023, 4:18:10 pm UTC) — Scanned from DE

Summary HTTP 91 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 42 domains to perform 91 HTTP transactions. The main IP is 116.202.19.33, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is user.iraniangsm.site.
TLS certificate: Issued by R3 on May 12th 2023. Valid for: 3 months.

This is the only time user.iraniangsm.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	116.202.19.33 116.202.19.33	24940 (HETZNER-AS) (HETZNER-AS)
1	104.64.112.151 104.64.112.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.173.226.44 18.173.226.44	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:88e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.30.135.33 184.30.135.33	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
7	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
4	2606:4700:20:... 2606:4700:20::681a:997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	108.157.4.121 108.157.4.121	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:5000:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:5400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4 6	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
4 4	13.32.27.113 13.32.27.113	16509 (AMAZON-02) (AMAZON-02)
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.16.253.114 52.16.253.114	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.210.10.159 3.210.10.159	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4280:d169:7838:8d4:d3a9	14618 (AMAZON-AES) (AMAZON-AES)
1	52.210.233.44 52.210.233.44	16509 (AMAZON-02) (AMAZON-02)
1	52.213.11.190 52.213.11.190	16509 (AMAZON-02) (AMAZON-02)
1	3.77.10.228 3.77.10.228	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	54.211.30.99 54.211.30.99	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
91	44

16 116.202.19.33 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.33.19.202.116.clients.your-server.de

user.iraniangsm.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.112.151 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-112-151.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.226.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-226-44.dus51.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.135.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-135-33.deploy.static.akamaitechnologies.com

a3747760300.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:997 (United States)

ASN13335 (CLOUDFLARENET, US)

blog.ucsusa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.myngp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.121 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

8188095.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:5000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.0.160.131 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20802620p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.27.113 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.253.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-253-114.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.10.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-10-159.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:d169:7838:8d4:d3a9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.233.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-233-44.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.11.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-11-190.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.10.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-10-228.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.30.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-30-99.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	iraniangsm.site user.iraniangsm.site	2 MB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
7	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 449	23 KB
6	rfihub.com 4 redirects 20802620p.rfihub.com — Cisco Umbrella Rank: 939032 p.rfihub.com — Cisco Umbrella Rank: 806 a.rfihub.com — Cisco Umbrella Rank: 3125	9 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 8188095.fls.doubleclick.net — Cisco Umbrella Rank: 995211 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	4 KB
4	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1775	3 KB
4	everyaction.com actions.everyaction.com — Cisco Umbrella Rank: 157744	3 KB
4	ucsusa.org blog.ucsusa.org — Cisco Umbrella Rank: 584669	85 KB
3	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 416	149 B
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 734 a3747760300.cdn.optimizely.com — Cisco Umbrella Rank: 905007 logx.optimizely.com — Cisco Umbrella Rank: 1316	86 KB
3	cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	263 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 682	616 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 760	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 220	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	856 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 535	7 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1129 pixel.quantserve.com — Cisco Umbrella Rank: 945	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	114 KB
2	myngp.com api.myngp.com — Cisco Umbrella Rank: 818474	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	160 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 266	397 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 324	146 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 612	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 511	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1172	175 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1394	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1691	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 635	632 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1074	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 472	273 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 958	423 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1166	633 B
1	google.de www.google.de — Cisco Umbrella Rank: 5171	455 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1077	2 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5325	6 KB
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 41996	44 KB
1	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 69942	570 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1018	7 KB
1	typography.com cloud.typography.com — Cisco Umbrella Rank: 7019
91	42

	Domain	Requested by
16	user.iraniangsm.site	user.iraniangsm.site static.cloudflareinsights.com
7	js-agent.newrelic.com	user.iraniangsm.site
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	p.rfihub.com	3 redirects
4	live.rezync.com	4 redirects
4	actions.everyaction.com	d1aqhv4sn5kxtx.cloudfront.net
4	blog.ucsusa.org	user.iraniangsm.site
3	idsync.rlcdn.com
3	d1aqhv4sn5kxtx.cloudfront.net	user.iraniangsm.site d1aqhv4sn5kxtx.cloudfront.net
2	sync-tm.everesttech.net	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	ib.adnxs.com	1 redirects
2	www.facebook.com
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	s.yimg.com	user.iraniangsm.site s.yimg.com
2	connect.facebook.net	user.iraniangsm.site connect.facebook.net
2	8188095.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	api.myngp.com	d1aqhv4sn5kxtx.cloudfront.net
2	www.googletagmanager.com	user.iraniangsm.site www.googletagmanager.com
1	bam.nr-data.net	js-agent.newrelic.com
1	logx.optimizely.com	cdn.optimizely.com
1	x.bidswitch.net
1	beacon.krxd.net
1	aa.agkn.com
1	partners.tremorhub.com
1	x.dlx.addthis.com
1	bpi.rtactivate.com
1	contextual.media.net
1	ps.eyeota.net
1	us-u.openx.net
1	image2.pubmatic.com
1	a.rfihub.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sp.analytics.yahoo.com
1	adservice.google.com	8188095.fls.doubleclick.net
1	pixel.quantserve.com
1	20802620p.rfihub.com	c1.rfihub.net
1	www.google.de
1	www.google.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	user.iraniangsm.site
1	c1.rfihub.net	user.iraniangsm.site
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.verygoodvault.com	d1aqhv4sn5kxtx.cloudfront.net
1	profile.ngpvan.com	d1aqhv4sn5kxtx.cloudfront.net
1	a3747760300.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	user.iraniangsm.site
1	static.cloudflareinsights.com	user.iraniangsm.site
1	cloud.typography.com	user.iraniangsm.site
91	52

This site contains links to these domains. Also see Links.

Domain
es.ucsusa.org
secure.ucsusa.org
www.ucsusa.org
blog.ucsusa.org
forms.ucsusa.org
store.ucsusa.org
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
partners.ucsusa.org
legacy.ucsusa.org

Subject Issuer	Validity	Valid
user.iraniangsm.site R3	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.typography.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-03-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
blog.ucsusa.org Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-09` - `2023-12-08`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-02-28` - `2024-02-16`	a year	crt.sh
*.everyaction.com RapidSSL TLS ECC CA G1	`2023-03-17` - `2024-04-10`	a year	crt.sh
*.myngp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-20` - `2024-01-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-19` - `2023-05-20`	3 months	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-02-27` - `2023-08-22`	6 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://user.iraniangsm.site/
Frame ID: CB8407B9DF355C4F23524E980AD22454
Requests: 69 HTTP requests in this frame

Frame: https://a3747760300.cdn.optimizely.com/client_storage/a3747760300.html
Frame ID: ACF101216C9F5F130293E7EB0218B8D1
Requests: 1 HTTP requests in this frame

Frame: https://8188095.fls.doubleclick.net/activityi;dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F
Frame ID: 8FC96FB52E5856AAAF4F55B2A8DC6CB2
Requests: 2 HTTP requests in this frame

Frame: https://20802620p.rfihub.com/ca.html?ver=9&rb=35937&ca=20802620&_o=35937&_t=20802620&pe=https%3A%2F%2Fuser.iraniangsm.site%2F&pf=&ra=8790317587484544
Frame ID: 1C72ADEBB0F245A18586C0A12C7D08C7
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Union of Concerned Scientists

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

91
Requests

91 %
HTTPS

38 %
IPv6

42
Domains

52
Subdomains

44
IPs

8
Countries

2387 kB
Transfer

4452 kB
Size

38
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://es.ucsusa.org/
Title: en español

Search URL Search Domain Scan URL

URL: http://secure.ucsusa.org/onlineactions/dR5QqmX2uUCLCFD1KkVEzg2?MS=topnav
Title: Donate

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/X4d_KofrBEWDRO3-p9U8-g2?MS=topnav
Title: Renew

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/UTzgs8R_NUmst2iZobkSmg2?MS=topnav
Title: Become a member

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/monthlygiving?MS=topnav
Title: Give monthly

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/LA5-XXhFGUKJjpKyRFvQcw2?MS=topnav
Title: Gift memberships

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/6TtUU7KYKkKm07SkWzm_Yw2?MS=topnav
Title: Gifts in honor & memory

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-google-youtube-stop-profiting-climate-disinfo
Title: Tell Google & YouTube: Stop profiting off climate disinformation.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2021-04-tell-congress-invest-clean-energy-future
Title: Demand Congress invest in a clean energy future.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-epa-stronger-vehicle-standards
Title: Tell the EPA: Stronger vehicle pollution standards will save lives.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/support-agriculture-resilience-act
Title: Urge Congress to support climate resilient food & farms.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-support-house-res-77
Title: Prevent nuclear war: Urge Congress to reform US nuclear weapons policy.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-agency-scientific-integirity
Title: Help strengthen scientific integrity at federal agencies.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/partners?MS=topnav
Title: Give monthly

Search URL Search Domain Scan URL

URL: https://www.ucsusa.org/about/ways-give
Title: More ways to give

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/science-blogger/roundup-a-new-scientific-integrity-framework-and-overstretched-epa-staff/

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/science-blogger/i-dont-make-the-rules-i-comment-on-them/

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/karen-perry-stillerman/illinois-dust-storm-disaster-is-a-warning-for-agriculture/

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/
Title: Read more

Search URL Search Domain Scan URL

URL: https://forms.ucsusa.org/contact/
Title: UCS

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/jacob-carter/new-white-house-guidance-protects-federal-scientists-and-their-work/
Title: Read blog

Search URL Search Domain Scan URL

URL: https://forms.ucsusa.org/contact
Title: UCS

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/vjfJ0O5BC0KMyD3Emh_gwQ2?ms=footer
Title: sign up online

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/dR5QqmX2uUCLCFD1KkVEzg2?MS=footer
Title: Donate

Search URL Search Domain Scan URL

URL: https://store.ucsusa.org/
Title: Visit the store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/unionofconcernedscientists
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/UCSUSA
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ConcernedScientists
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/unionofconcernedscientists
Title: Instagram

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/05-2023-may-web?MS=HPFloat
Title: Renew your support today

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/dR5QqmX2uUCLCFD1KkVEzg2?MS=takeover
Title: Donate

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/X4d_KofrBEWDRO3-p9U8-g2?MS=takeover
Title: Renew

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/6TtUU7KYKkKm07SkWzm_Yw2?MS=takeover
Title: Honor & memory

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/UTzgs8R_NUmst2iZobkSmg2?MS=takeover
Title: Become a member

Search URL Search Domain Scan URL

URL: https://partners.ucsusa.org/donation.php
Title: Give monthly

Search URL Search Domain Scan URL

URL: https://legacy.ucsusa.org/
Title: Make a planned gift

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/LA5-XXhFGUKJjpKyRFvQcw2?MS=takeover
Title: Gift memberships

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://8188095.fls.doubleclick.net/activityi;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F HTTP 302
https://8188095.fls.doubleclick.net/activityi;dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F

Request Chain 55

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer=https%3A%2F%2Fuser.iraniangsm.site%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=b26eb8cb-a029-44b6-a958-1c49194e216d%3A1683908284.681153&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db26eb8cb-a029-44b6-a958-1c49194e216d%253A1683908284.681153%26_%3D1683908284.682647&cb=1683908284.6826725 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db26eb8cb-a029-44b6-a958-1c49194e216d%253A1683908284.681153%26_%3D1683908284.682647 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=b26eb8cb-a029-44b6-a958-1c49194e216d%3A1683908284.681153&_=1683908284.682647

Request Chain 56

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNzcyNDE5MzIyOA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN3TotX8neJeDFHgTdSTGo8&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=da0d6dbf-39f2-44cb-bb45-a11361c11085%3A1683908284.7805588&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dda0d6dbf-39f2-44cb-bb45-a11361c11085%253A1683908284.7805588%26_%3D1683908284.7819934&cb=1683908284.7820172 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dda0d6dbf-39f2-44cb-bb45-a11361c11085%253A1683908284.7805588%26_%3D1683908284.7819934 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=da0d6dbf-39f2-44cb-bb45-a11361c11085%3A1683908284.7805588&_=1683908284.7819934

Request Chain 57

https://ib.adnxs.com/setuid?entity=18&code=5108559727724193228 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559727724193228

Request Chain 58

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559727724193228&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559727724193228&redir=

Request Chain 61

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559727724193228&bid=omt9pi0

Request Chain 64

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559727724193228&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559727724193228&forward=&C=1

Request Chain 67

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559727724193228&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559727724193228&img=1&__user_check__=1&sync_id=92fbef06-f0e0-11ed-bce7-1f057aaa0306

Request Chain 72

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZF5mvQAJlUCHTgBa HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZF5mvQAJlUCHTgBa&_test=ZF5mvQAJlUCHTgBa

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.iraniangsm.site/ 188 KB
46 KB 340ms
293ms Document
text/html 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

c6182251b1fcc9be2102d6eaf77a91d9db4a3851056679735f52ddbd0aa917df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=60, public
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 7c63f9a7cfa55c85-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 16:18:01 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 11 May 2023 22:56:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BTSdg7XHIvDN85DSHH8XMyJJprrNHViVvaFgLrMtjI37RIhIYyRHnnX1YvA4qxHFpPZ6IcUMvy7hdPvBkO6P9XndpZTjDCxHymiOPWSY%2Bygx8jYm2iANyF1Va9xpbK%2F"}],"group":"cf-nel","max_age":604800}
server: nginx/1.24.0
strict-transport-security: max-age=0
traceresponse: 00-175e71a910ea65969394cca1d6246ed8-029fed0f5a3328cf-00
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-platform-cache: MISS
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
x-platform-router: ktx3icsa4jcar7ju7owewc754y
x-ua-compatible: IE=edge

GET
H2 200 css_R3-jz4M_WMiDo66AlxxoYk3Z7FSbOudK6LyCu2STLbc.css
user.iraniangsm.site/sites/default/files/css/ 7 KB
3 KB 69ms
68ms Stylesheet
text/css 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.iraniangsm.site/sites/default/files/css/css_R3-jz4M_WMiDo66AlxxoYk3Z7FSbOudK6LyCu2STLbc.css

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

1e7722dbc7435fdad6ba27255cecfd77c51287783577c1d50916fb0680ba667c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111596
traceresponse: 00-175e0c2a2a89aaaf3d55071fb632cdb0-a3c0d4260d3fc71f-00
cf-polished: origSize=7280
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: MISS
cf-bgj: minify
server: nginx/1.24.0
last-modified: Mon, 10 Apr 2023 20:58:03 GMT
etag: W/"6434785b-7e5"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMWVIvlByjeuqWLd9cOcyOCKwWsAhtv%2FYCgwoBz4Bz74cGOm6VjRHt2RXer%2B7RWAvgz%2B7hQDeKmF8mXDq5hzG%2BTsItXsZk05g1s%2BSJW1Di5J9JP0QpGekHp%2FS3KHWulN"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c63f9a9a9589b5e-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Thu, 25 May 2023 09:18:05 GMT

GET
H2 200 css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css
user.iraniangsm.site/sites/default/files/css/ 129 KB
20 KB 73ms
73ms Stylesheet
text/css 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.iraniangsm.site/sites/default/files/css/css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

906ac16902dac08f4d80678a6ddb9df9fed619cea0862bc09be37b19cd10c209

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 960602
traceresponse: 00-1756bb84554d0daba17ffce7e036ae57-86d55c6c530012de-00
cf-polished: origSize=134732
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: MISS
cf-bgj: minify
server: nginx/1.24.0
last-modified: Mon, 10 Apr 2023 20:58:03 GMT
etag: W/"6434785b-488a"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czJKRrePrjsW%2F1on60jRosxBbt8dx2KTfv%2B3Yc9u6k59VqL6%2Bp9AC%2FqTohUeWFlumA64%2FcP1gwuBOoyLL5ESzCzGAEbY%2FsBLcNpryuwNNENEmIxbOXleRb0BieklggTO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c63f9a9af8d9211-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Mon, 15 May 2023 13:27:59 GMT

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/6045052/6787212/css/ 0
0 1600ms
1570ms Stylesheet
text/html 104.64.112.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/6045052/6787212/css/fonts.css
Requested by: Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.112.151 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-112-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 store-promo-small.png
user.iraniangsm.site/sites/default/files/2019-10/ 16 KB
17 KB 155ms
155ms Image
image/webp 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/2019-10/store-promo-small.png

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

3fa1252fe6a6fa6cb1f641f705da70b4fa944f884989d18bd5a0d9844ed6e9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:02 GMT
strict-transport-security: max-age=0
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-174ef059205f080e446adbac0c05f9dc-3ba5f3d8ac87f902-00
cf-polished: origFmt=png, origSize=19711
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="store-promo-small.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16244
x-platform-cache: HIT
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 07 Oct 2019 19:59:11 GMT
etag: "5d9b990f-4cff"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKVdvkflwX5xuBCOYuTatQwE2DGRm1NQ%2F90k1FlasXqLOR2lHdqBSPLupxjofO1GFLDFIIpJYuLHZo8gMp7jhBvIucU5121zzN0hltKZf0sPkkkqXUd93d6Q%2BIW7XC%2BMxFPi5SPuDDskygB%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9aab8ad1da6-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 16:23:02 GMT

GET
H2 200 rocket-loader.min.js Show response
user.iraniangsm.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 45ms
44ms Script
application/javascript 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.iraniangsm.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 May 2023 14:15:08 GMT
server: nginx/1.24.0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"645ba6ec-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1ui13JhXmM%2Bgxnc7xN9KwLDmzbyrf49hJBz0lED0ukVwPTSaGJ8GfrfgO0qUm%2FA6%2BnUja8z4mf9JNa6j%2Ftqjej6nFLTHdWG90N2L3TdBcNeSMbVbN5cq6V0ZQvTbvZuED%2Fyb8rfN55QgsyP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c63f9aab9ba9150-FRA
expires: Sun, 14 May 2023 16:18:02 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 88ms
60ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://user.iraniangsm.site/
Origin: https://user.iraniangsm.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:02 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c63f9aabe729028-FRA

GET
H/1.1 200
OK at.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 840 KB
236 KB 64ms
15ms Script
application/javascript 18.173.226.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by: Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.226.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-226-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c876b41724ca2da58574931734337ba35ea3931ae9bb53110f5dddce4a34ce9f

Request headers

Referer: https://user.iraniangsm.site/
Origin: https://user.iraniangsm.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 14:38:54 GMT
Content-Encoding: gzip
Via: 1.1 b0fa8632832c868a30d3acd573712a74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P3
Age: 5996
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 241052
Last-Modified: Tue, 09 May 2023 14:37:49 GMT
Server: AmazonS3
ETag: "ba80fd75379ad51330b231bfa39bf277"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: iKp9NFFqw0kMIklPuRkszXe-SS8VUzVPBnYshshKd_g-OTKyJtOSLQ==

GET
H2 200 theme.js Show response
user.iraniangsm.site/themes/custom/ucstheme/js/ 8 KB
3 KB 342ms
342ms Script
application/javascript 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.iraniangsm.site/themes/custom/ucstheme/js/theme.js?v=1.x

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

c7af6e514da816317655fb9d54ecb3ae1c7202aa033ff4c762b213aecf72a3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-17575524d6f85ac2fc5cd3ade68630f6-379353d909834236-00
cf-polished: origSize=12870
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: HIT
cf-bgj: minify
server: nginx/1.24.0
last-modified: Mon, 17 Apr 2023 17:22:28 GMT
etag: W/"643d8054-3246"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raHGJHXqzcF9NZWrM1QO28zKKFHAGTnvO5HlV%2BGkFwMPjym2KsUSwYydL5ggRyFKbAdvSC3VkA5eiEwUIQzysZJv4HemMGOqz3yc5WNB7%2FEp4JN30r5gzaXVYITFMHJ5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c63f9b3a93a18dd-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 16:23:03 GMT

GET
H2 200 js_A_PxGf3EV6hVEdQpj0xw-cTsSsFJyKhlHKANlKZNsWo.js Show response
user.iraniangsm.site/sites/default/files/js/ 88 KB
32 KB 59ms
58ms Script
application/javascript 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.iraniangsm.site/sites/default/files/js/js_A_PxGf3EV6hVEdQpj0xw-cTsSsFJyKhlHKANlKZNsWo.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

bd7eaf806759e1cd5b0b6ef70c2bfd9c7f290a60c5b5101f36e8071fa2f6bc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 946729
traceresponse: 00-175b149df0112db9b8b2ca629ecc7902-c9867547eaf4f945-00
cf-polished: origSize=89949
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: MISS
cf-bgj: minify
server: nginx/1.24.0
last-modified: Wed, 19 Apr 2023 11:46:30 GMT
etag: W/"643fd496-791c"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20eVUnLirkCkFBed5tRmf0aV63RX57J0efbg6gMLUjh5UW39G9OTqaM2f%2FeTVyM7qV1x3%2BmiKCajYUq9ClWcwvFh0%2FlHxr3eESgXb0qB14Pk7MVM%2B5irA36kPBCU%2FGGS"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c63f9b3ad139159-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Mon, 15 May 2023 17:19:14 GMT

GET
H2 200 3747760300.js Show response
cdn.optimizely.com/js/ 270 KB
84 KB 182ms
134ms Script
text/javascript 2a02:26f0:3500:88e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/3747760300.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

236dd3140b132b83d4da08115b1e661e7b13502e48713b9d27dcb56b5c3dc168

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: VuPXcBR9FUZV8hORwJaHbX.WL1UwPxZB
content-encoding: gzip
date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: EBKRX5N3J938SSBS
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1179
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=13, origin; dur=107, cdn;desc="AkamaiION";dur=0,rtt;desc="9";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467752_388276626_872230525_11937_1332_9_0";dur=1
content-length: 84824
x-amz-id-2: YEjvueIJlY9ILlk3NYqgUDbMHc6nRgD9m3rwN49GRKjBM02nP7AVHyCMp7D0W6RF26MDzDw03jU=
last-modified: Thu, 23 Feb 2023 01:12:15 GMT
server: AmazonS3
etag: "6443f76514d5878ce248e3bdf8309c0e"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 strike-crowd.jpg
user.iraniangsm.site/sites/default/files/2022-05/ 85 KB
86 KB 349ms
349ms Image
image/webp 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/2022-05/strike-crowd.jpg

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

e608ef74bfd1678cc56ede8cab68ff9996291d8fb44c743c2f0ebfd336d86eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-175d7b05fd2dd07274bc0f5d4b6351c7-64f7419202faabfa-00
cf-polished: qual=85, origFmt=jpeg, origSize=123333
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="strike-crowd.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87492
x-platform-cache: REVALIDATED
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 16 May 2022 19:45:11 GMT
etag: "6282a9c7-1e1c5"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Fd2Su0z9NCnwi6g8aRxB05rkT9YhJ8zUyo3cjCu0Rjb6%2Bm%2FG%2FcASZi%2F7FgTVCEmCRaL4Kmz%2BjT%2BmSQzQODDuVpGf7dFqm0gMSn4wF75wXcgEXLU8JP7XUaMeMUwmxlCL1l7579S2sCuVVhV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9b3dc709bbf-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 16:23:03 GMT

GET
H2 200 donut-chart.svg
user.iraniangsm.site/themes/custom/ucstheme/assets/ 738 B
1 KB 66ms
66ms Image
image/svg+xml 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/themes/custom/ucstheme/assets/donut-chart.svg

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/sites/default/files/css/css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

abd1a0192e37997bb26aad952d9c36e83f10eded1eb5cdc1b4edccf97779f68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/sites/default/files/css/css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57
traceresponse: 00-175755c5dac448e5780487386029a6a6-e8fb246081eb5aca-00
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: MISS
last-modified: Mon, 17 Apr 2023 17:22:28 GMT
server: nginx/1.24.0
etag: W/"643d8054-2e2"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0n5MdmMTnQ1SQrO%2Fr%2BtRxizF48jFRtQSAlFL7xRg1NsdlFk7C3hZUjPfatRUr1RJT9WY37opZcRrrr2JESXbMz%2FCIsdkXxPNr5ni6Wc%2FUsQxItCEMHDTqki0ddbxOAtqjCi%2FJChwlP0DCss2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c63f9b3db503674-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 15:40:38 GMT

GET
H2 200 ucsusa_51421561_Full.jpg
user.iraniangsm.site/sites/default/files/styles/original/public/2019-10/ 1005 KB
1007 KB 102ms
100ms Image
image/webp 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/styles/original/public/2019-10/ucsusa_51421561_Full.jpg?itok=ZZO-VPC6

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

cfc31abb2830798245f222a9714314360301c224276f4cfe4901ff7ee95d7e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21560
traceresponse: 00-175cccc003bad1128e4a33472e90f3f3-7b250aa4c0f74475-00
cf-polished: qual=85, origFmt=jpeg, origSize=1213399
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="ucsusa_51421561_Full.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1028988
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 07 Oct 2019 20:40:06 GMT
etag: "5d9ba2a6-1283d7"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p6q%2BVCWX56LQzvArOsBPHlT5Y3%2BaTEhL6iBsN1MMzIGXwqB9g76NuOG7KopsUbXPUjE8FgmM8QGJGj%2BIzDoRV7EYjRm8pwQVfgRuMTnP8GBj0LzS%2FG4fujmb9Fhfbu4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9b43f99bbb6-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 10:23:43 GMT

GET
H2 200 1500x900%20%281%29.jpg
user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2023-05/ 21 KB
22 KB 78ms
76ms Image
image/webp 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2023-05/1500x900%20%281%29.jpg?itok=6WwjUlbx

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

ff2bedc78e062fb0474713bb222e6ae59110dabab3d2996ed5f42fc6f237de22

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23850
traceresponse: 00-175e5bf85dcc600854022b67ed5feccd-f0f15fff4a1af327-00
cf-polished: qual=85, origFmt=jpeg, origSize=25147
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="1500x900%20%281%29.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22008
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Tue, 09 May 2023 13:10:33 GMT
etag: "645a4649-623b"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcwtEYcVNRfEiUPwQJW97ibOdqxTPsq4Ys0TXt2ObCQE3zmyzbXtoeCnDuGPfzm091hleWfOj2Y8mSy7p05zeBV98kQ%2B3kKMXd1veYaGW3hI03RwlDqGSS11eMw5sdf1"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9b43b322bf2-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 09:45:32 GMT

GET
H2 200 EtO-storymap-full-us-screenshot-with-popup-window.PNG
user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2023-02/ 120 KB
121 KB 90ms
89ms Image
image/webp 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2023-02/EtO-storymap-full-us-screenshot-with-popup-window.PNG?itok=gvLaWs04

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

5d83dd74da6680c0cdc0a27448da67ff57bfd050fe45acbf19c37997104d6fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32019
traceresponse: 00-1755bb4ec3d639bd86f5a35d9a13ccb7-78fab786553088c3-00
cf-polished: origFmt=png, origSize=190743
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="EtO-storymap-full-us-screenshot-with-popup-window.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122378
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Fri, 03 Feb 2023 20:30:34 GMT
etag: "63dd6eea-2e917"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEIqnD%2Brkxb0zwg83P1z0iKCKxLFbUjJC0eHhbX3g6f53rHTB7oc4xGQWPPOvi%2FDHRqou5Z6ISHf7mP1wT557xzG7i3XLoFVuNyJhU0ybsEgXfUoaRRpzdDa8cNkxfqM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9b43b6c3a8b-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 07:29:24 GMT

GET
H2 200 social-image.png
user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2022-11/ 10 KB
11 KB 99ms
98ms Image
image/webp 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2022-11/social-image.png?itok=5NbAA_9i

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

376f385f0c96c85305f4d4af2afe0de3624baadd258fcefbbd7bc0a474ac5580

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25475
traceresponse: 00-1755bca683d5e45852a24eeca7c47593-8186177c2c725ec0-00
cf-polished: origFmt=png, origSize=21519
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="social-image.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10128
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 14 Nov 2022 19:08:10 GMT
etag: "6372921a-540f"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iiy7APUgnK3F6kPjri6FGp3pGt1g8HrDLbg2EC5oUvwzub63ImU2kd8IsDP5QNuHyp6WTdqX1xdhk649YA4fRjmqlxO95XMYpzeYS3BkzvbI6ArrYuqefo80rb4BpAih"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9b43f9c1db3-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 09:18:28 GMT

GET
H2 200 couple-in-front-of-open-liftgate.jpg
user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2023-02/ 26 KB
27 KB 83ms
82ms Image
image/jpeg 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/styles/thumbnail/public/2023-02/couple-in-front-of-open-liftgate.jpg?itok=__Rfdnbs

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

6c0a467fc6e404e3db2ed8a5db873e39629a4b03b929e1ab2c38b0e63dff0f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22365
traceresponse: 00-175aa834979bbba3c0570d4594375ed5-2d0767fe7d21d472-00
cf-polished: origSize=27718, status=webp_bigger
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26431
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Tue, 28 Feb 2023 19:39:02 GMT
etag: "63fe5856-6c46"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcLxA7KxuR0Wr%2FY268qjOkrk9w32sPrrQU6gYYq4%2F%2FGBDssp1e%2BbypWmcMJe9jSsOasRfMdo8M0xcUj%2BxE9%2FHvkRvZIqPdNmbJdN0KUCiohxcPf5PEDQtRvlOvNJe0ZnGmzTR6IffEsBkO39"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9b439ab90fa-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 10:10:18 GMT

GET
H2 200 1500-900-usda-scientist.jpg
user.iraniangsm.site/sites/default/files/styles/large/public/2023-02/ 136 KB
137 KB 98ms
97ms Image
image/webp 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.iraniangsm.site/sites/default/files/styles/large/public/2023-02/1500-900-usda-scientist.jpg?itok=ZDFcoGp6

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

62c83cedb7102c62f5eb050931ed8655805fbae9df69b9e06dd027d86423b281

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22365
traceresponse: 00-175e5d523fd9bd0055c50d3c1a156c68-9cf0f6766fe5dc7c-00
cf-polished: qual=85, origFmt=jpeg, origSize=150918
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="1500-900-usda-scientist.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139202
x-platform-cache: REVALIDATED
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Thu, 02 Feb 2023 18:27:58 GMT
etag: "63dc00ae-24d86"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFERyCgCmdnC10%2BeEruCzYsjTRkl2%2BDl6qDt30O2acbE3WhCgqjmf7iJAF8T2HNWhEf8XgSuZGtwo0wi2s%2BBc67cRuO64T24SUo3HaJuuw1VWEbhiiu7ZxAdvvRqwbgV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c63f9b43e6537e0-FRA
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Fri, 12 May 2023 09:18:16 GMT

GET
H2 200 a3747760300.html Show response
a3747760300.cdn.optimizely.com/client_storage/ Frame ACF1 2 KB
1 KB 544ms
495ms Document
text/html 184.30.135.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a3747760300.cdn.optimizely.com/client_storage/a3747760300.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/3747760300.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.135.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-135-33.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

db6e7498fc02ff3dc7d9a7252033bdde67826f0f2ac6bfa55258a60b4c1f11f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://user.iraniangsm.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 793
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 16:18:04 GMT
etag: "b9afd7b9f0ee3757aa388ec4b9d3ccae"
last-modified: Thu, 23 Feb 2023 01:12:06 GMT
server: AmazonS3
server-timing: cdn-cache; desc=REVALIDATE edge; dur=70 origin; dur=409 cdn;desc="AkamaiION";dur=0,rtt;desc="9";dur=0,cdnip;desc="184.30.135.33";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="467752_1551596222_510616763_47925_1338_9_0";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: K+8J5JAx7sK2WCgVSvt4mFuZTn3/4VBU97yZqTmyY2dzQ0c/SjZrQveXO4UfOCYFhddppGIRti8=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: PZXET5PT9W41WVJR
x-amz-server-side-encryption: AES256
x-amz-version-id: UZpBPJnftxJS08DvIqwmbj39DB3sPfBs

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 257 KB
82 KB 73ms
43ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ec719075188565263abeea19810e9d228076125ef0241e4df891258845348ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83509
x-xss-protection: 0
last-modified: Fri, 12 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 May 2023 16:18:04 GMT

GET
H2 200 async-api.ad3273bd-1.232.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 643ms
210ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 16:18:04 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC727PHS5629DWXE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1353
x-amz-id-2: vsRMHCcRx2yS7Pe98/WtjfrPVnuFLSAD4461olwRiyEbuY81q2wIvPHIk5IwhBmuPDAnkWcBLf0=
x-served-by: cache-gig2250074-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683908285.595508,VS0,VE0
etag: "d7011e3a3501d54c9be8929572a18598"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10183

GET
H2 200 session-manager.2a8d47d1-1.232.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 643ms
211ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 16:18:04 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7C75BKG4ZDC460
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5781
x-amz-id-2: gwMnkCI7emGzOFjhEyJ7yV+wQ+OaFOlvL+2Qye8OgDA/l+AxzLZSyWbxxb4x1SDC0j0bdByRvLY=
x-served-by: cache-gig2250074-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683908285.595653,VS0,VE0
etag: "e42e9b9282d7865427c32ad60eea44b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10162

GET
H2 200 / Show response
blog.ucsusa.org/wp-json/wp/v2/posts/ 73 KB
21 KB 520ms
364ms XHR
application/json 2606:4700:20::681a:997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.ucsusa.org/wp-json/wp/v2/posts/?per_page=3&_embed

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/sites/default/files/js/js_A_PxGf3EV6hVEdQpj0xw-cTsSsFJyKhlHKANlKZNsWo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:997 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

0cc879e5adfe530cf1434c1c9db9c0e2705ba815aeb7fa9aa21e24b301c557bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Fri, 12 May 2023 16:18:04 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cacheable: SHORT
content-encoding: br
x-powered-by: WP Engine
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 12 May 2023 16:18:04 GMT
server: cloudflare
x-wp-totalpages: 2044
allow: GET
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://user.iraniangsm.site
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=86400, must-revalidate
access-control-allow-credentials: true
x-wp-total: 6131
cf-apo-via: origin,nohtml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZcSEUByjPNC%2Fi%2BRuXxNBPvD%2BoRLKDHfsR9icObrM0qhJvVKodxwNblIFByylY2Uv%2BgFb%2FacNAVmxFgi1UhOyQVGMY1MTyxygN6jj7HJ49n0l93294pIFi%2FUUXQO3IJOYy1IJbG6%2FymbUEfimA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7c63f9b85e5092b7-FRA
link: <https://blog.ucsusa.org/wp-json/wp/v2/posts?per_page=3&_embed&page=2>; rel="next"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-robots-tag: noindex

POST
H2 204 rum Show response
user.iraniangsm.site/cdn-cgi/ 0
248 B 44ms
43ms XHR
text/plain 116.202.19.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.iraniangsm.site/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.202.19.33 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.33.19.202.116.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
x-content-type-options: nosniff
server: nginx/1.24.0
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://user.iraniangsm.site
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c63f9b78b3218c5-FRA

GET
H/1.1 200
OK at.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 59 KB
12 KB 42ms
17ms Stylesheet
text/css 18.173.226.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.226.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-226-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6123821edd114d0da2cf92f0f85d22295529b9272b46ff0c887befa92a341d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 14:38:55 GMT
Content-Encoding: gzip
Via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P3
Age: 5975
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11533
Last-Modified: Tue, 09 May 2023 14:37:49 GMT
Server: AmazonS3
ETag: "3e5d2a0214d418d0f49203d9659972a3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: gfc9_DWUe5Hq73Q1aykzRR1c2I5GRTHQ9TixNvY4VmEKuSkHgSt7vA==

GET
H/1.1 200
OK extra.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 78 KB
15 KB 42ms
17ms Stylesheet
text/css 18.173.226.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.226.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-226-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60ce5e3b6ff529e30a27f253136f4d4fb47a4f19cc7b3372bcfbd0e2e998c104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 14:38:57 GMT
Content-Encoding: gzip
Via: 1.1 0baf1ead12437b81a88e40a9597ce61a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P3
Age: 5948
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14207
Last-Modified: Tue, 09 May 2023 14:37:49 GMT
Server: AmazonS3
ETag: "5106047f098a46f45c78984d1aff5bd6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: KT0s-EfTpLRVMkWoJOR8w1XLt3gij5phyHED73rxzvG7TRUyct-qrg==

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
570 B 511ms
456ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express, ASP.NET
x-iinfo: 12-53179372-53179376 NNNN CT(86 226 0) RT(1683908283236 15) q(0 0 3 1) r(4 4) U24
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/ 134 KB
44 KB 127ms
22ms Script
application/javascript 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Content-Encoding: gzip
Via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
Date: Fri, 12 May 2023 16:18:04 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 7
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:52 GMT
Server: AmazonS3
ETag: W/"2eb620d1b4f90db03c929f89d188cf80"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: -1LwcHT3AAN0Zq31zITCtA39o40CNE2wq9cQI9POLn7AHoUv19_O-Q==

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2 Show response
actions.everyaction.com/v1/Forms/ 2 KB
2 KB 489ms
436ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/v1/Forms/riz_81HSRkGMC2loQcyxiQ2

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a3f17cb5a5796f079c6bb5fdce04ebfc89886a57ac3d08c780e96224ebb69a75

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 12-53179378-53179389 NNNN CT(85 202 0) RT(1683908283257 23) q(0 0 3 1) r(4 4) U18
content-length: 961
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://user.iraniangsm.site
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2 Show response
actions.everyaction.com/v1/Forms/ 2 KB
1 KB 532ms
485ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/v1/Forms/riz_81HSRkGMC2loQcyxiQ2

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a3f17cb5a5796f079c6bb5fdce04ebfc89886a57ac3d08c780e96224ebb69a75

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 12-53179378-53179389 PNNN RT(1683908283257 27) q(0 0 3 2) r(5 5) U18
content-length: 961
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://user.iraniangsm.site
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H/1.1 401
Unauthorized / Show response
api.myngp.com/v2/Forms/ 111 B
958 B 475ms
419ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myngp.com/v2/Forms/
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 65d05832adec69246f2c3524fd8e42d800406f7a13fb85ac842586ab4e817d90

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 May 2023 16:18:04 GMT
Content-Encoding: gzip
WWW-Authenticate: Basic
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-CDN: Imperva
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://user.iraniangsm.site
X-Iinfo: 12-53179385-53179392 NNYN CT(91 200 0) RT(1683908283268 13) q(0 0 3 2) r(4 4) U11
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 36ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 May 2023 14:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6145
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 12 May 2023 16:35:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979118/ 3 KB
2 KB 78ms
51ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979118/?random=1683908284168&cv=11&fst=1683908284168&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuser.iraniangsm.site%2F&hn=www.googleadservices.com&frm=0&tiba=Union%20of%20Concerned%20Scientists&auid=253803845.1683908284&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cb402c314ceaa030592e11922afe41659d7e49155be34273cb923d05ab22536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F Show response
8188095.fls.doubleclick.net/ Frame 8FC9
Redirect Chain

https://8188095.fls.doubleclick.net/activityi;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F?
https://8188095.fls.doubleclick.net/activityi;dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2...

402 B
572 B

55ms
55ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8188095.fls.doubleclick.net/activityi;dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ff2793d0bbe4255e9993c99ff8b0463b2c17f9501189e1a432b6176716c4996a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user.iraniangsm.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 16:18:04 GMT
expires: Fri, 12 May 2023 16:18:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 16:18:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8188095.fls.doubleclick.net/activityi;dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 31ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 May 2023 16:18:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /4X00ZIyYbChLiybv2/oYNms+U1mE9ErvAeLs22D4++FNcxh13AXvjtZGkqyym7FU64loab1IWYYBUew9bCrtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 91ms
9ms Script
application/x-javascript 2600:9000:214f:5000:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:41:18 GMT
content-encoding: gzip
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 15:41:08 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1
age: 2206
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: Eh7sBrdw3EXY-5mmUHqYfR44vjU70vNjic5wa1A26wFCvxgaRDq-Mw==
expires: Fri, 12 May 2023 16:41:18 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 60ms
11ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 16:18:04 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 44ms
13ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:17:46 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AQNDYQ1A34QV4CXY
age: 19
x-amz-server-side-encryption: AES256
x-amz-id-2: 7b6cbLgCx3U4sH3LQHlSMLIku6TgwfqfmQUbjCTR05UJEvj+APVXWc4eiTaWuuA8QoFlXHIMtQo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e680f994aa228eed71993d7c9e091aca390e7a38ed2fe873b4a98d2cf91255c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 16:18:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
150 B 17ms
16ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=9599992&t=pageview&_s=1&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=937947767&gjid=1081709294&cid=1613901012.1683908284&tid=UA-6648639-1&_gid=481120447.1683908284&_r=1&_slc=1&gtm=45He35a0n71NB5C4Q&cd2=&cd3=&cd12=Climate%20Impacts%20Science%20Disinformation%20Climate%2BSolutions%20Energy%20Renewables%20Fossil%2BFuels%20Nuclear%2BPower%20Energy%2BSolutions%20Food%20Health%20Justice%20Sustainable%2BAgriculture%20Food%2BSolutions%20Nuclear%2BWeapons%20US%2BWeapons%20Global%2BIssues%20Missile%2BDefense%20Nuclear%2BSolutions%20Transportation%20Technology%2B%26%2BInnovation%20Oil%20Transportation%2BSolutions%20Science%2B%26%2BDemocracy%20Scientific%2BIntegrity%20Evidence-based%2BPolicy%20Democracy%2B%26%2BJustice&z=996184981

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.iraniangsm.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 17ms
16ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=9599992&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=25%25&_u=YEDAAEABAAAAACAAI~&jid=1049605628&gjid=1397548735&cid=1613901012.1683908284&tid=UA-6648639-1&_gid=481120447.1683908284&_r=1&gtm=45He35a0n71NB5C4Q&z=1071658300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.iraniangsm.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 9ms
9ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=9599992&t=event&ni=0&_s=1&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Form%20Visible&ea=undefined&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1613901012.1683908284&tid=UA-6648639-1&_gid=481120447.1683908284&gtm=45He35a0n71NB5C4Q&z=2119036742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 19:15:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 625465517575530 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 13ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/625465517575530?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97bc986a15c01e352eab35983e6c9b96e5688ac3e74eaf86eb921e73c8ab4154

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 May 2023 16:18:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87900
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: y/zccoQhYS1Ky/g3qi1lm8eDjNHqy/4IKGjRtWoJcWkbJ4fhGoJ/r9TVdm3Q/uFIiqRytvcvV4FW5B7flvT5Hw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), idle-detection=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10095888.json Show response
s.yimg.com/wi/config/ 2 B
487 B 125ms
106ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095888.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 4EJP0TPZH32GD6AD
age: 0
content-length: 22
x-amz-id-2: 0dQWNgRdE48H/p4+SoBwCv63stZT3bzQVIazxelvhU1u+6IkK4rD8+MPtDOFXmN/0MON4r4dEAI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 68ms
21ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-6648639-1&cid=1613901012.1683908284&jid=937947767&gjid=1081709294&_gid=481120447.1683908284&_u=YEBAAEAAAAAAACAAI~&z=1925271818

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 May 2023 16:18:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.iraniangsm.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-6648639-1&cid=1613901012.1683908284&jid=1049605628&gjid=1397548735&_gid=481120447.1683908284&_u=YEDAAEABAAAAACAAI~&z=1526474094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 May 2023 16:18:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.iraniangsm.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-8w7tSVuzV_3NU.js Show response
rules.quantcount.com/ 5 KB
2 KB 44ms
15ms Script
application/javascript 2600:9000:223c:5400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8w7tSVuzV_3NU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba28457aec8e96bda721a20af6fd36d57940c7607597f0caadd72e6c08615f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:13:51 GMT
content-encoding: gzip
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Nov 2019 20:00:46 GMT
server: AmazonS3
etag: W/"610bb3b00c066431338a8002bf88acfa"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: Av4cE6RWPI13mURNihdnqz5e16pNeqFfRwHPL4nvXsoM84Ecv2vZwQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 44ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VB9DKE4V36&gtm=45je35a0&_p=9599992&cid=1613901012.1683908284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683908284&sct=1&seg=0&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&dt=Union%20of%20Concerned%20Scientists&en=page_view&_fv=1&_ss=1&ep.BlogTopic=Climate%20Impacts%20Science%20Disinformation%20Climate%2BSolutions%20Energy%20Renewables%20Fossil%2BFuels%20Nuclear%2BPower%20Energy%2BSolutions%20Food%20Health%20Justice%20Sustainable%2BAgriculture%20Food%2BSolutions%20Nuclear%2BWeapons%20US%2BWeapons%20Global%2BIssues%20Missile%2BDefense%20Nuclear%2BSolutions%20Transportation%20Technology%2B%26%2BInnovation%20Oil%20Transportation%2BSolutions%20Science%2B%26%2BDemocracy%20Scientific%2BIntegrity%20Evidence-based%2BPolicy%20Democracy%2B%26%2BJustice&ep.PageType=page&ep.Campaigns=&ep.Programs=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.iraniangsm.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071979118/ 42 B
455 B 53ms
22ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071979118/?random=1683908284168&cv=11&fst=1683907200000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuser.iraniangsm.site%2F&frm=0&tiba=Union%20of%20Concerned%20Scientists&fmt=3&is_vtc=1&random=2064373100&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071979118/ 42 B
455 B 47ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071979118/?random=1683908284168&cv=11&fst=1683907200000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuser.iraniangsm.site%2F&frm=0&tiba=Union%20of%20Concerned%20Scientists&fmt=3&is_vtc=1&random=2064373100&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ca.html Show response
20802620p.rfihub.com/ Frame 1C72 3 KB
3 KB 258ms
19ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20802620p.rfihub.com/ca.html?ver=9&rb=35937&ca=20802620&_o=35937&_t=20802620&pe=https%3A%2F%2Fuser.iraniangsm.site%2F&pf=&ra=8790317587484544
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 6ce71bbf38bb9cd8d5d54d6e20b49a4c09edf3133d2c39e70998a214fd3487dc

Request headers

Referer: https://user.iraniangsm.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2673
Content-Type: text/html;charset=utf-8
Date: Fri, 12 May 2023 16:18:04 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
10ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625465517575530&ev=PageView&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&rl=&if=false&ts=1683908284313&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683908284312.891850984&it=1683908284241&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 May 2023 16:18:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pixel;r=1140395150;labels=_fp.event.Homepage;rf=0;a=p-8w7tSVuzV_3NU;url=https%3A%2F%2Fuser.iraniangsm.site%2F;uht=2;fpan=1;fpa=P0-1461161845-1683908284261;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-202305091...
pixel.quantserve.com/ 35 B
371 B 12ms
11ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1140395150;labels=_fp.event.Homepage;rf=0;a=p-8w7tSVuzV_3NU;url=https%3A%2F%2Fuser.iraniangsm.site%2F;uht=2;fpan=1;fpa=P0-1461161845-1683908284261;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=iraniangsm.site;dst=0;et=1683908284316;tzo=0;ogl=site_name.The%20Union%20of%20Concerned%20Scientists%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eucsusa%252Eorg%2Fnode%2F1%2Ctitle.Union%20of%20Concerned%20Scientists%2Cdescription.The%20Union%20of%20Concerned%20Scientists%20puts%20rigorous%252C%20independent%20science%20to%20work%20to%20%2Cimage.https%3A%2F%2Fwww%252Eucsusa%252Eorg%2Fthemes%2Fcustom%2Fucstheme%2Fassets%2Fsocial-logo%252Epng%2Cimage%3Aalt.The%20Union%20of%20Concerned%20Scientists;ses=62f13149-2d63-4808-a42a-05fbda82a32f;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=*;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F
adservice.google.com/ddm/fls/z/ Frame 8FC9 42 B
401 B 80ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=*;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F

Requested by

Host: 8188095.fls.doubleclick.net
URL: https://8188095.fls.doubleclick.net/activityi;dc_pre=CPXg-JiX8P4CFcvGsgodQ9EKiA;src=8188095;type=site;cat=ucs-g0;ord=442604383261;gtm=45He35a0;auiddc=253803845.1683908284;u1=%2F;~oref=https%3A%2F%2Fuser.iraniangsm.site%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8188095.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 109ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2012%20May%202023%2016%3A18%3A04%20GMT&n=0&b=Union%20of%20Concerned%20Scientists&.yp=10095888&f=https%3A%2F%2Fuser.iraniangsm.site%2F&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 16:18:04 GMT

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame 1C72
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer=https%3A%2F%2Fuser.iraniangsm.site%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=b26eb8cb-a029-44b6-a958-1c49194e216d%3A1683908284.681153&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db26eb8cb-a029-44b6-a958-1c49194e...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db26eb8cb-a029-44b6-a9...
https://idsync.rlcdn.com/501709.gif?partner_uid=b26eb8cb-a029-44b6-a958-1c49194e216d%3A1683908284.681153&_=1683908284.682647

0
42 B

22ms
22ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b26eb8cb-a029-44b6-a958-1c49194e216d%3A1683908284.681153&_=1683908284.682647
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 12 May 2023 16:18:04 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=b26eb8cb-a029-44b6-a958-1c49194e216d%3A1683908284.681153&_=1683908284.682647
content-length: 443
x-amz-cf-id: 6ji6cZHzFnHIohMlgMAz6yP8L4kgRPgMjKSI4VOIVGJ7jZcZCIVWgQ==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 1C72
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNzcyNDE5MzIyOA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN3TotX8neJeDFHgTdSTGo8&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=da0d6dbf-39f2-44cb-bb45-a11361c11085%3A1683908284.7805588&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dda0d6dbf-39f2-44cb-bb45-a11361c...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559727724193228&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dda0d6dbf-39f2-44cb-bb...
https://idsync.rlcdn.com/501709.gif?partner_uid=da0d6dbf-39f2-44cb-bb45-a11361c11085%3A1683908284.7805588&_=1683908284.7819934

0
9 B

20ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=da0d6dbf-39f2-44cb-bb45-a11361c11085%3A1683908284.7805588&_=1683908284.7819934
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 12 May 2023 16:18:04 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=da0d6dbf-39f2-44cb-bb45-a11361c11085%3A1683908284.7805588&_=1683908284.7819934
content-length: 447
x-amz-cf-id: W4HBi0vYWKcOOinSAawMLKR3taFBit_Ub92WkhIasKBDED1b8BzASA==

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1C72
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5108559727724193228
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559727724193228

43 B
1 KB

39ms
38ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559727724193228

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 May 2023 16:18:04 GMT
AN-X-Request-Uuid: e9566098-cf74-4a19-bab3-e2c32506ece0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 May 2023 16:18:04 GMT
AN-X-Request-Uuid: 6c408f0a-a247-428e-9692-69483e692844
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559727724193228
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1C72
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559727724193228&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559727724193228&redir=

42 B
942 B

34ms
34ms

Image
image/gif

52.16.253.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559727724193228&redir=

Protocol

HTTP/1.1

Server

52.16.253.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-253-114.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EMXQylv9Sxc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-034cd99df.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4gM2zxtURqc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559727724193228&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 1C72 42 B
423 B 97ms
20ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5108559727724193228&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 12 May 2023 16:18:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 1C72 43 B
273 B 97ms
25ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5108559727724193228&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 1C72
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559727724193228&bid=omt9pi0

0
344 B

77ms
33ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559727724193228&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 16:18:04 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559727724193228&bid=omt9pi0
Date: Fri, 12 May 2023 16:18:04 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 1C72 61 B
632 B 186ms
145ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559727724193228

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 16:18:04 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Fri, 12 May 2023 16:18:04 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 1C72 43 B
109 B 432ms
127ms Image
image/gif 3.210.10.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559727724193228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.10.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-10-159.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1C72
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559727724193228&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559727724193228&forward=&C=1

43 B
766 B

13ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559727724193228&forward=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 May 2023 16:18:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 12 May 2023 16:18:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5108559727724193228&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 1C72 0
98 B 52ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559727724193228
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 1C72 43 B
191 B 221ms
157ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559727724193228

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Fri, 12 May 2023 16:18:04 GMT
pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 1C72
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559727724193228&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559727724193228&img=1&__user_check__=1&sync_id=92fbef06-f0e0-11ed-bce7-1f057aaa0306

43 B
548 B

25ms
24ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559727724193228&img=1&__user_check__=1&sync_id=92fbef06-f0e0-11ed-bce7-1f057aaa0306
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 16:18:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 98
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 12 May 2023 16:18:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5108559727724193228&img=1&__user_check__=1&sync_id=92fbef06-f0e0-11ed-bce7-1f057aaa0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 1C72 43 B
175 B 515ms
194ms Image
image/gif 2600:1f18:612b:4280:d169:7838:8d4:d3a9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5108559727724193228&r=rju_qRyg4ZaF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:d169:7838:8d4:d3a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 12 May 2023 16:18:05 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 1C72 43 B
377 B 131ms
33ms Image
image/gif 52.210.233.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559727724193228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.233.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-233-44.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1C72 0
338 B 133ms
35ms Image
text/plain 52.213.11.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559727724193228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.11.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-11-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Fri, 12 May 2023 16:18:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1683908284
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 1C72 43 B
146 B 55ms
21ms Image
image/gif 3.77.10.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559727724193228&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.77.10.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-10-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 1C72
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZF5mvQAJlUCHTgBa
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZF5mvQAJlUCHTgBa&_test=ZF5mvQAJlUCHTgBa

42 B
1 KB

17ms
17ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZF5mvQAJlUCHTgBa&_test=ZF5mvQAJlUCHTgBa
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 12 May 2023 16:18:05 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-gig2250063-GIG
pragma: no-cache
date: Fri, 12 May 2023 16:18:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1683908286.710234,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZF5mvQAJlUCHTgBa&_test=ZF5mvQAJlUCHTgBa
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 401
Unauthorized / Show response
api.myngp.com/v2/Forms/ 111 B
945 B 114ms
114ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myngp.com/v2/Forms/
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 06e708b62b6f3a86a89e997b1f672858da51304c49874c9499e2659692b657ee

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 May 2023 16:18:04 GMT
Content-Encoding: gzip
WWW-Authenticate: Basic
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-CDN: Imperva
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://user.iraniangsm.site
X-Iinfo: 12-53179385-53179392 SNYN RT(1683908283268 442) q(0 0 0 3) r(1 1) U11
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Expires: -1

GET
H3 200 Copy-of-Blog-Lead-Image-Template64-500x300.jpg
blog.ucsusa.org/wp-content/uploads/2023/05/ 22 KB
23 KB 637ms
617ms Image
image/jpeg 2606:4700:20::681a:997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ucsusa.org/wp-content/uploads/2023/05/Copy-of-Blog-Lead-Image-Template64-500x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ad0306201cd5e527f407a0a9b5bfd72b5b57441ad8e44ca0b61b0ce90214cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:05 GMT
cf-cache-status: MISS
last-modified: Fri, 12 May 2023 16:00:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645e629c-5943"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjwhebLzthCerX0G0B16DAm4qrSVvwuZB8J6hYDcoTzxFjrQk5EuG6VcRKTB5m0Bio95zSL3i01BNYxEAR3R%2BKIY1dILWlBW46m1gNF%2FwUAcU1mcl%2BzSyUN95wU0nPscEiwlZ1hvJ%2F%2BcA8WduA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c63f9bac9a3913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22851

GET
H3 200 Copy-of-Blog-Lead-Image-Template63-500x300.jpg
blog.ucsusa.org/wp-content/uploads/2023/05/ 19 KB
20 KB 633ms
614ms Image
image/jpeg 2606:4700:20::681a:997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ucsusa.org/wp-content/uploads/2023/05/Copy-of-Blog-Lead-Image-Template63-500x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea410dbd096adf564209301cebb41f5d4e7b82ec5e232caf38a20d779292335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:05 GMT
cf-cache-status: MISS
last-modified: Fri, 12 May 2023 15:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645e586f-4ccb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH98o5vyX5A66xQTs%2Bv%2BFQmMXcI2AcD6C7%2Bm6JFt6V%2FssNDL5IfBK%2FAtpjAvSvuaQCaJTG1NzwnVkpubTVz%2FHRhqlMqHuNs3Ru4HVoRnP1vyRzydPTqwveRTkQP844cPhV5VFiUF3vRVnZMgSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c63f9bac9a5913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19659

GET
H3 200 dust-storm-scaled-e1683810782841-500x300.jpg
blog.ucsusa.org/wp-content/uploads/2023/05/ 21 KB
22 KB 44ms
25ms Image
image/jpeg 2606:4700:20::681a:997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ucsusa.org/wp-content/uploads/2023/05/dust-storm-scaled-e1683810782841-500x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2719487f15d71e4e96f8bb54523be96419a6536eb836dfc99338dc214fe379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73146
cf-polished: origSize=26455, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21509
cf-bgj: imgq:100,h2pri
last-modified: Thu, 11 May 2023 13:13:03 GMT
server: cloudflare
etag: "645ce9df-6757"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHpShBqkWtDa%2B4GBbsB2d7RbhlAA99NEfq8Jf6msOpQrgSsG9tfrwMjKrQkoFEgatIyW5QLuGe%2BBUA83KceCn1pcYELafpoNAech3Z%2FdyZJ1t5piY%2Fwo%2FLhDphrHHBq4IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c63f9bac9a6913d-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=9599992&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Form%20Loaded&ea=SignupForm&el=Union%20of%20Concerned%20Scientists&_u=aEHAAEABAAAAACAAI~&jid=&gjid=&cid=1613901012.1683908284&tid=UA-6648639-1&_gid=481120447.1683908284&gtm=45He35a0n71NB5C4Q&z=1725528703

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 19:08:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76198
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2
actions.everyaction.com/v1/Track/ 0
166 B 151ms
150ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/riz_81HSRkGMC2loQcyxiQ2?formSessionId=b131a3a5-d176-4651-9efa-f460e1030345&bName=chrome&dType=desktop&formVersion=9/25/2019%201:56:22%20PM|11/30/2020%209:51:59%20PM&fUrl=aHR0cHM6Ly91c2VyLmlyYW5pYW5nc20uc2l0ZS8%3D&fRef=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 12-53179378-53179389 PNNN RT(1683908283257 489) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 19:08:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76198
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2
actions.everyaction.com/v1/Track/ 0
119 B 126ms
124ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/riz_81HSRkGMC2loQcyxiQ2?formSessionId=cf36e14e-1adf-4952-905f-2c4e65d190e0&bName=chrome&dType=desktop&formVersion=9/25/2019%201:56:22%20PM|11/30/2020%209:51:59%20PM&fUrl=aHR0cHM6Ly91c2VyLmlyYW5pYW5nc20uc2l0ZS8%3D&fRef=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Fri, 12 May 2023 16:18:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 12-53179378-53179389 PNNN RT(1683908283257 524) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 lazy-loader.c8cd494b-1.232.0.min.js Show response
js-agent.newrelic.com/ 921 B
620 B 212ms
212ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 16:18:04 GMT
strict-transport-security: max-age=300
x-amz-request-id: SG9C8DYFK4AHP6FC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 410
x-amz-id-2: JN/tAW4p82knoIZyf+bg7F9AAkeiB8svFWmCfXUAF2uD9VGJT4oZJi/Z3cCkMk+8BvGzJGy5uXM=
x-served-by: cache-gig2250074-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683908285.817396,VS0,VE0
etag: "43b458adcc5ab7566291590de5438262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 14307

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 11ms
11ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625465517575530&ev=Microdata&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&rl=&if=false&ts=1683908284816&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Union%20of%20Concerned%20Scientists%22%2C%22meta%3Adescription%22%3A%22The%20Union%20of%20Concerned%20Scientists%20puts%20rigorous%2C%20independent%20science%20to%20work%20to%20solve%20our%20planet%27s%20most%20pressing%20problems.%20Joining%20with%20people%20across%20the%20country%2C%20we%20combine%20technical%20analysis%20and%20effective%20advocacy%20to%20create%20innovative%2C%20practical%20solutions%20for%20a%20healthy%2C%20safe%2C%20and%20sustainable%20future.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Union%20of%20Concerned%20Scientists%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ucsusa.org%2Fnode%2F1%22%2C%22og%3Atitle%22%3A%22Union%20of%20Concerned%20Scientists%22%2C%22og%3Adescription%22%3A%22The%20Union%20of%20Concerned%20Scientists%20puts%20rigorous%2C%20independent%20science%20to%20work%20to%20solve%20our%20planet%27s%20most%20pressing%20problems.%20Joining%20with%20people%20across%20the%20country%2C%20we%20combine%20technical%20analysis%20and%20effective%20advocacy%20to%20create%20innovative%2C%20practical%20solut%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.ucsusa.org%2Fthemes%2Fcustom%2Fucstheme%2Fassets%2Fsocial-logo.png%22%2C%22og%3Aimage%3Aalt%22%3A%22The%20Union%20of%20Concerned%20Scientists%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683908284312.891850984&it=1683908284241&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 May 2023 16:18:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 875.2c240adb-1.232.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 216ms
215ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 16:18:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7C68Q43FPBG6RZ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3692
x-amz-id-2: gDGXPQfO4OcGnZK53re6qsan9CCvvdKhbbfQWhhPKfsvLGH+LygEymjKPjyZ8JilPq7gpz3xi6I=
x-served-by: cache-gig2250074-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683908285.033676,VS0,VE0
etag: "12b760183a18786621f95a5599ea91d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9936

GET
H2 200 page_view_event-aggregate.5a238c1f-1.232.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 239ms
239ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 16:18:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7EV3S88CY49SRP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4123
x-amz-id-2: +uvgDEvSzUmKH2zAUj1M2acRTFpunkOTcmm7n7LPAEc/jB6CLJ6l2ISG7cIJzJrA6OQeQnTWYj8=
x-served-by: cache-gig2250074-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683908285.035732,VS0,VE0
etag: "397497131773c37606e11fcb4222917f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9916

GET
H2 200 page_view_timing-aggregate.ddd91465-1.232.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 226ms
225ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 16:18:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7DPYS63H92Q86P
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4571
x-amz-id-2: P6dmU/0DuDAlMEGUidzZcIEJ/CJDeehtL+8KS/Wu00ZyOh45Vq++gLAhZYZOdljLLl/XEE2pWck=
x-served-by: cache-gig2250074-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683908285.035719,VS0,VE0
etag: "38f4d68378bfe3989db669dc9385b7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6983

GET
H2 200 metrics-aggregate.c2ad263a-1.232.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 239ms
238ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js

Requested by

Host: user.iraniangsm.site
URL: https://user.iraniangsm.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 16:18:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: T41XBED3QCDQ23HS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1663
x-amz-id-2: q5mSJXT/kYEyCYebrkUbYUgpfAyNr1+JBw9+qL2yG6Ao2PaA3rVgAHMtSo1QYHuQmBLaNl+XkjM=
x-served-by: cache-gig2250074-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683908285.035739,VS0,VE0
etag: "581d99ebc34c05e0a160a0c4a848cae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9941

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
365 B 445ms
119ms XHR
text/plain 54.211.30.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/3747760300.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.30.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-30-99.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user.iraniangsm.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 12 May 2023 16:18:05 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://user.iraniangsm.site
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: ade6fb9c-d429-42cf-97cd-537b9c97e3c2

GET
H/1.1 200
OK 7559782580 Show response
bam.nr-data.net/1/ 49 B
397 B 586ms
549ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7559782580?a=293798185&v=1.232.0&to=MVMAZEIAX0sEWhVZWAgZI1NECF5WSkkAV1I5VQNTWAQ%3D&rst=3702&ck=0&s=0&ref=https://user.iraniangsm.site/&ap=24&be=341&fe=2152&dc=1627&perf=%7B%22timing%22:%7B%22of%22:1683908281475,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:13,%22c%22:13,%22s%22:28,%22ce%22:48,%22rq%22:48,%22rp%22:341,%22rpe%22:528,%22di%22:535,%22ds%22:1968,%22de%22:1968,%22dc%22:2485,%22l%22:2485,%22le%22:2492%7D,%22navigation%22:%7B%7D%7D&fp=2045&fcp=2045&at=HRQDEgoaTEU%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 16:18:05 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230045-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 18ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VB9DKE4V36&gtm=45je35a0&_p=9599992&cid=1613901012.1683908284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1683908284&sct=1&seg=0&dl=https%3A%2F%2Fuser.iraniangsm.site%2F&dt=Union%20of%20Concerned%20Scientists&en=scroll&ep.BlogTopic=Climate%20Impacts%20Science%20Disinformation%20Climate%2BSolutions%20Energy%20Renewables%20Fossil%2BFuels%20Nuclear%2BPower%20Energy%2BSolutions%20Food%20Health%20Justice%20Sustainable%2BAgriculture%20Food%2BSolutions%20Nuclear%2BWeapons%20US%2BWeapons%20Global%2BIssues%20Missile%2BDefense%20Nuclear%2BSolutions%20Transportation%20Technology%2B%26%2BInnovation%20Oil%20Transportation%2BSolutions%20Science%2B%26%2BDemocracy%20Scientific%2BIntegrity%20Evidence-based%2BPolicy%20Democracy%2B%26%2BJustice&ep.PageType=page&ep.Campaigns=&ep.Programs=&epn.percent_scrolled=25&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.iraniangsm.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 16:18:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.iraniangsm.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iraniangsm.site/	1970-01-20 16:04:20	Name: optimizelyEndUserId Value: oeu1683908284008r0.557804277151932
.iraniangsm.site/	1970-01-20 13:54:44	Name: _gcl_au Value: 1.1.253803845.1683908284
.iraniangsm.site/	1970-01-20 11:46:34	Name: _gid Value: GA1.2.481120447.1683908284
.iraniangsm.site/	1970-01-20 11:45:08	Name: _gat Value: 1
.iraniangsm.site/	1970-01-20 11:45:08	Name: _gat_UA-6648639-1 Value: 1
.user.iraniangsm.site/	1970-01-20 21:21:08	Name: _ga Value: GA1.3.1613901012.1683908284
.user.iraniangsm.site/	1970-01-20 11:46:34	Name: _gid Value: GA1.3.481120447.1683908284
.iraniangsm.site/	1970-01-20 21:21:08	Name: _ga Value: GA1.1.1613901012.1683908284
.iraniangsm.site/	1970-01-20 21:21:08	Name: _ga_VB9DKE4V36 Value: GS1.1.1683908284.1.0.1683908284.0.0.0
.iraniangsm.site/	1970-01-20 13:54:44	Name: _fbp Value: fb.1.1683908284312.891850984
.quantserve.com/	1970-01-20 21:15:22	Name: mc Value: 645e66bc-4e275-dfa95-e9e1f
.iraniangsm.site/	1970-01-20 21:09:37	Name: __qca Value: P0-1461161845-1683908284261
.doubleclick.net/	1970-01-20 21:06:44	Name: IDE Value: AHWqTUnCxdv44sAv9AHiUR32UYuuwegJOsgeikMc5OPcvYZSU7U4XRW555XuDxTVI-4
.yahoo.com/	1970-01-20 20:31:05	Name: A3 Value: d=AQABBLxmXmQCEN27XF_NGtZ1IXE0x98rRFwFEgEBAQG4X2RoZOAYyiMA_eMAAA&S=AQAAAnoazf-qqhqfmtbvO74c5Rg
.rfihub.com/	1970-01-20 21:06:44	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mjc3MjG0NDYyshDiM9TVNUmpLAzKK81ITSoHAI-6FEMlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mjc3MjG0NDYyshDiM9TVNUmpLAzKK81ITSoHAI-6FEMlAAAA
.everyaction.com/	1970-01-20 20:30:19	Name: visid_incap_823975 Value: gIwlvJtpQqGh3VSUO/LDT7tmXmQAAAAAQUIPAAAAAADGabVReFtR9okyfb6w5KpF
.adnxs.com/	1970-01-20 13:54:44	Name: uuid2 Value: 7228530387637806968
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: TLQFAoQqQhcgEzZMxwoUeQAAAABiWIpZSJZ9VIXgwAA8wbu6
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_8219_823975 Value: RhX4agrrv1o0KfXiKcIPcrtmXmQAAAAA6/GAfJtGx8LR+I3QrXrx6A==
.casalemedia.com/	1970-01-20 20:30:44	Name: CMID Value: ZF5mvAeTrHfAEu4ccnR8-gAA
.casalemedia.com/	1970-01-20 13:54:44	Name: CMPS Value: 5249
.casalemedia.com/	1970-01-20 13:54:44	Name: CMPRO Value: 5249
.adnxs.com/	1970-01-20 13:54:44	Name: anj Value: dTM7k!M4/YErk#WF']wIg2Il`k(wjo!]tbPl1MNu::wpAk`W=edYV+elwW>.fQhLVk_?0$D-iQzQvF=q!_6-zQEVk`!-OP@T8pVd
.pubmatic.com/	1970-01-20 13:54:44	Name: KRTBCOOKIE_18 Value: 22947-5108559727724193228
.pubmatic.com/	1970-01-20 12:28:20	Name: PugT Value: 1683908284
.demdex.net/	1970-01-20 16:04:20	Name: demdex Value: 44095993330979488691396102358983116272
.dpm.demdex.net/	1970-01-20 16:04:20	Name: dpm Value: 44095993330979488691396102358983116272
.media.net/	1970-01-20 20:30:44	Name: visitor-id Value: 3269098849172130000V10
.media.net/	1970-01-20 20:29:17	Name: data-rk Value: 5108559727724193228~~3
.spotxchange.com/	1970-01-20 12:25:27	Name: audience Value: 92fbeec5-f0e0-11ed-bce7-1f057aaa0306
.eyeota.net/	1970-01-20 11:45:08	Name: SERVERID Value: 20225~DM
.krxd.net/	1970-01-20 16:04:20	Name: _kuid_ Value: PjN7CbFU
.rezync.com/	1970-01-20 16:04:20	Name: zync-uuid Value: da0d6dbf-39f2-44cb-bb45-a11361c11085:1683908284.7805588
live.rezync.com/	1970-01-20 16:04:20	Name: sd-session-id Value: .eJwVzE0OwiAQQOG7zLoYBhgYuEzDXxOiRVPqxsa7i8uXvHwXrK967LHXfkI4j3ddID_arAHhgtE-e71DAELJRN4p55RBr5Vi-C4w6hjt2ddW5lOiLLakTWi_KWFMTiIlQyIiaosZ_0RAy9pLVmxujiURT-cHxbMlzA.ZF5mvA.j9fssN-D2T9dDHmX11x9gieeeEw
.everesttech.net/	1970-01-20 20:30:44	Name: everest_g_v2 Value: g_surferid~ZF5mvQAJlUCHTgBa
.rfihub.com/	1970-01-20 21:06:44	Name: eud Value: H4sIAAAAAAAA_5vFyGtoZmFsaWBhZGFiamKyCY2_C41_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYy39zIcBGrQJSbaW5ZoKNXTqizR0i6U-IqVoQSUwtDi02saFZwo3lB2Dwl0SDFLCUpTdfYMs1I18QkOUk3KcnEVDfR0NDYzDDZ0NDAwtQKoUnP3MLA1NTCYpYwkkkWFgaLUPmGj4RRbQIAUnxLh40BAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129TMOyS-JsMhL9Up1cfNID0kJDnHPt1jFKBDlZppbFujolRPq7BGS7pTYxGKekmiQYpaSlKZrbJlmpGtikpykm5RkYqqbaGhobGaYbGhoYGFqZWhmYWxpYGFkYaJnbmFgamphAQBdPI2JawAAAA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloud.typography.com/6045052/6787212/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://api.myngp.com/v2/Forms/ Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://api.myngp.com/v2/Forms/ Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559727724193228 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b26eb8cb-a029-44b6-a958-1c49194e216d%3A1683908284.681153&_=1683908284.682647 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=da0d6dbf-39f2-44cb-bb45-a11361c11085%3A1683908284.7805588&_=1683908284.7819934 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20802620p.rfihub.com
8188095.fls.doubleclick.net
a.rfihub.com
a3747760300.cdn.optimizely.com
aa.agkn.com
actions.everyaction.com
adservice.google.com
api.myngp.com
bam.nr-data.net
beacon.krxd.net
blog.ucsusa.org
bpi.rtactivate.com
c1.rfihub.net
cdn.optimizely.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
d1aqhv4sn5kxtx.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
js.verygoodvault.com
live.rezync.com
logx.optimizely.com
p.rfihub.com
partners.tremorhub.com
pixel.quantserve.com
profile.ngpvan.com
ps.eyeota.net
region1.google-analytics.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
sp.analytics.yahoo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
user.iraniangsm.site
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.64.112.151
108.157.4.121
116.202.19.33
13.32.27.113
142.250.185.194
142.250.186.38
151.101.2.49
151.101.66.137
162.247.243.29
18.173.226.44
184.30.135.33
185.64.190.80
185.80.39.216
185.94.180.126
193.0.160.131
2001:4860:4802:32::36
212.82.100.181
2600:1f18:612b:4280:d169:7838:8d4:d3a9
2600:9000:214f:5000:1:76cf:fe80:93a1
2600:9000:223c:5400:6:44e3:f8c0:93a1
2606:4700:20::681a:997
2606:4700::6810:3865
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1288:80:807::1
2a00:1450:4001:806::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:88e::13b8
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.120.214.218
3.210.10.159
3.77.10.228
34.98.64.218
35.244.174.68
37.252.171.22
45.60.33.183
52.16.253.114
52.210.233.44
52.213.11.190
54.211.30.99
69.192.160.219
95.101.148.20
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
06e708b62b6f3a86a89e997b1f672858da51304c49874c9499e2659692b657ee
0cc879e5adfe530cf1434c1c9db9c0e2705ba815aeb7fa9aa21e24b301c557bd
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e680f994aa228eed71993d7c9e091aca390e7a38ed2fe873b4a98d2cf91255c
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
1e7722dbc7435fdad6ba27255cecfd77c51287783577c1d50916fb0680ba667c
236dd3140b132b83d4da08115b1e661e7b13502e48713b9d27dcb56b5c3dc168
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
376f385f0c96c85305f4d4af2afe0de3624baadd258fcefbbd7bc0a474ac5580
3c2719487f15d71e4e96f8bb54523be96419a6536eb836dfc99338dc214fe379
3fa1252fe6a6fa6cb1f641f705da70b4fa944f884989d18bd5a0d9844ed6e9d3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
5d83dd74da6680c0cdc0a27448da67ff57bfd050fe45acbf19c37997104d6fab
60ce5e3b6ff529e30a27f253136f4d4fb47a4f19cc7b3372bcfbd0e2e998c104
6123821edd114d0da2cf92f0f85d22295529b9272b46ff0c887befa92a341d2c
62c83cedb7102c62f5eb050931ed8655805fbae9df69b9e06dd027d86423b281
65d05832adec69246f2c3524fd8e42d800406f7a13fb85ac842586ab4e817d90
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0a467fc6e404e3db2ed8a5db873e39629a4b03b929e1ab2c38b0e63dff0f71
6ce71bbf38bb9cd8d5d54d6e20b49a4c09edf3133d2c39e70998a214fd3487dc
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
906ac16902dac08f4d80678a6ddb9df9fed619cea0862bc09be37b19cd10c209
97bc986a15c01e352eab35983e6c9b96e5688ac3e74eaf86eb921e73c8ab4154
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9cb402c314ceaa030592e11922afe41659d7e49155be34273cb923d05ab22536
9ec719075188565263abeea19810e9d228076125ef0241e4df891258845348ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3f17cb5a5796f079c6bb5fdce04ebfc89886a57ac3d08c780e96224ebb69a75
abd1a0192e37997bb26aad952d9c36e83f10eded1eb5cdc1b4edccf97779f68e
aea410dbd096adf564209301cebb41f5d4e7b82ec5e232caf38a20d779292335
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba28457aec8e96bda721a20af6fd36d57940c7607597f0caadd72e6c08615f88
bd7eaf806759e1cd5b0b6ef70c2bfd9c7f290a60c5b5101f36e8071fa2f6bc0a
c6182251b1fcc9be2102d6eaf77a91d9db4a3851056679735f52ddbd0aa917df
c7af6e514da816317655fb9d54ecb3ae1c7202aa033ff4c762b213aecf72a3da
c876b41724ca2da58574931734337ba35ea3931ae9bb53110f5dddce4a34ce9f
cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfc31abb2830798245f222a9714314360301c224276f4cfe4901ff7ee95d7e2d
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d5ad0306201cd5e527f407a0a9b5bfd72b5b57441ad8e44ca0b61b0ce90214cb
db6e7498fc02ff3dc7d9a7252033bdde67826f0f2ac6bfa55258a60b4c1f11f4
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e608ef74bfd1678cc56ede8cab68ff9996291d8fb44c743c2f0ebfd336d86eb5
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff2793d0bbe4255e9993c99ff8b0463b2c17f9501189e1a432b6176716c4996a
ff2bedc78e062fb0474713bb222e6ae59110dabab3d2996ed5f42fc6f237de22

user.iraniangsm.site Open in urlscan Pro 116.202.19.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

91 %HTTPS

38 %IPv6

42 Domains

52 Subdomains

44 IPs

8 Countries

2387 kBTransfer

4452 kBSize

38 Cookies

37 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user.iraniangsm.site Open in urlscan Pro
116.202.19.33 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

91 %
HTTPS

38 %
IPv6

42
Domains

52
Subdomains

44
IPs

8
Countries

2387 kB
Transfer

4452 kB
Size

38
Cookies

91 HTTP transactions
0 data transactions