urlscan.io logo urlscan.io
SecurityTrails logo

iir.ai Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/paste/?v=jwI
Effective URL: https://iir.ai/eQ4IB6t
Submission: On July 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 19 domains to perform 36 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is iir.ai. The Cisco Umbrella rank of the primary domain is 302297.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.
This is the only time iir.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:20::ac43:483c (United States)

ASN13335 (CLOUDFLARENET, US)
clk.sh
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
iir.ai
1    172.255.6.114 (Netherlands)

ASN7979 (SERVERS-COM, US)
ig.lurefuleuryon.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
9    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
forfrogadiertor.com
cdn.uponelectabuzzor.club
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2600:9000:206f:7600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)
bedrapiona.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
cdn.itskiddoan.club
1    2606:4700:3034::ac43:cdf0 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
1    2606:4700:10::6816:21ac (United States)

ASN13335 (CLOUDFLARENET, US)
offerimage.com
Apex Domain
Subdomains		 Transfer
8 forfrogadiertor.com
forfrogadiertor.com — Cisco Umbrella Rank: 379239
69 KB
6 iir.ai
iir.ai — Cisco Umbrella Rank: 302297
310 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2603
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
3 clk.sh
clk.sh
6 KB
2 itskiddoan.club
cdn.itskiddoan.club — Cisco Umbrella Rank: 30259
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
114 KB
1 offerimage.com
offerimage.com — Cisco Umbrella Rank: 16161
8 KB
1 cdnativepush.com
static.cdnativepush.com — Cisco Umbrella Rank: 24301
3 KB
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 19127
476 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 21401
18 KB
1 uponelectabuzzor.club
cdn.uponelectabuzzor.club — Cisco Umbrella Rank: 38613
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10511
537 B
1 bedrapiona.com
bedrapiona.com — Cisco Umbrella Rank: 42113
2 KB
1 gstatic.com
www.gstatic.com
145 KB
1 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2581
6 KB
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1938
995 B
1 iclickcdn.com
iclickcdn.com — Cisco Umbrella Rank: 90333
25 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 17
965 B
1 lurefuleuryon.com
ig.lurefuleuryon.com — Cisco Umbrella Rank: 444092
36 19
Domain Requested by
8 forfrogadiertor.com iir.ai
forfrogadiertor.com
6 iir.ai iir.ai
3 clk.sh 1 redirects clk.sh
2 cdn.itskiddoan.club forfrogadiertor.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com iir.ai
www.googletagmanager.com
1 offerimage.com
1 static.cdnativepush.com
1 fleraprt.com tzegilo.com
1 tzegilo.com forfrogadiertor.com
1 cdn.uponelectabuzzor.club forfrogadiertor.com
1 my.rtmark.net forfrogadiertor.com
1 region1.google-analytics.com www.googletagmanager.com
1 bedrapiona.com iclickcdn.com
1 www.gstatic.com www.google.com
1 quantcast.mgr.consensu.org iir.ai
1 www.recaptcha.net iir.ai
1 iclickcdn.com iir.ai
1 www.google.com iir.ai
1 ig.lurefuleuryon.com iir.ai
36 20

This site contains links to these domains. Also see Links.

Domain
taghaugh.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
ig.lurefuleuryon.com
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
forfrogadiertor.com
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
bedrapiona.com
R3		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
cdn.itskiddoan.club
Sectigo RSA Domain Validation Secure Server CA		 2021-10-04 -
2022-10-04		 a year crt.sh
uponelectabuzzor.club
R3		 2022-05-19 -
2022-08-17		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-01-14		 a year crt.sh
cdnativepush.com
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://iir.ai/eQ4IB6t
Frame ID: F74AB963452CD7735891D37EF5580EB2
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Health2Wealth

Page URL History Show full URLs

  1. https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/past... Page URL
  2. https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/past... HTTP 301
    https://iir.ai/eQ4IB6t Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

36
Requests

100 %
HTTPS

63 %
IPv6

19
Domains

20
Subdomains

19
IPs

4
Countries

731 kB
Transfer

2540 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/paste/?v=jwI Page URL
  2. https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/paste/?v=jwI HTTP 301
    https://iir.ai/eQ4IB6t Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
st
clk.sh/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/paste/?v=jwI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef1b414dd643e0120120dfc39cf3bcba9b3db154d5156c5f820ee5b261d0e48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72d8660f4b168397-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 02:52:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjfLUmlotxS7Ym3n29cDfQ50yjyNLw2GpugQJ6eTDxGnQ7OZTTc4KpW7fE21F7fepTILjwrWtt7qWMxmtkSLaTxNEAU1wqJyu7djQUgjbQttnlMNB10USxlKm92mxeaItHhJ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
rocket-loader.min.js
clk.sh/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clk.sh/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: clk.sh
URL: https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/paste/?v=jwI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/paste/?v=jwI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Jul 2022 15:34:34 GMT
server
cloudflare
etag
W/"62d1890a-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgVvpj2Jlkzf3HaDrAvAb0oO4U37nzymrRWmfT89OXuR62h64va%2Fe1oiP16N%2FE2Yg%2BLfPzkquPuVijLVmUACY64Oo8FTOJ%2FhJy3vvoP1X4z3Nu%2BxNb7fi%2FxUF5LQB70k3SRowQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72d86612bce58397-MXP
vary
Accept-Encoding
expires
Fri, 22 Jul 2022 02:52:04 GMT
Primary Request eQ4IB6t
iir.ai/
Redirect Chain
  • https://clk.sh/st?api=a2cc2249b831cf384b8463aaf346911f2cc62f02&url=http://animesgd.net/paste/?v=jwI
  • https://iir.ai/eQ4IB6t
799 KB
99 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdc927f8e7de3a8814c2a0622bb4b425f9e1ce8a8cc2394212e5e30baa1c2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://clk.sh
Referer
https://clk.sh/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72d866151d27babb-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 02:52:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw1icDIWM90mKPZTxX%2BWOypvxO4cEsZSMNLanH27CAgRhQzKCxkIn2A3FPLWMi6ox2tyuos638KMw88t4oRT%2BSsZJyHeoTxx6LEhGulwiULnOLDPJNSh4Hheto3zMZDDfyiONjk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72d866130d178397-MXP
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 02:52:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://iir.ai/eQ4IB6t
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1F494UVY5mNpwQVHI8zw1cauUO3kOUA1AeeGfBUQ57TBosTNtiUnDcneKOhFzNSbteeZfZ9uJVA11mCl34PIRYGAWXHI%2Bb6n0kgsnU3QZqb8BdkRpJFkHNWeNj7rpZki4Ec4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
styles.min.css
iir.ai/cloud_theme/build/css/ 		197 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.5.3
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/eQ4IB6t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2317977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Nov 2021 17:45:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F%2FLKw7eMBhEgISuizQdMU1EweUsDZl%2B3t9noIlww882zWcSgIXyUTijJ8wrwZ6KAiWfJxfb%2BLUtBJofkptw3OAQHqppPF9vfhxEUvfw%2Bf2qsefBsfV8oxUPhb3udUrDP9akEuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
72d866196f61babb-MXP
expires
Sat, 23 Jul 2022 06:59:07 GMT
logo.png
iir.ai/main/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iir.ai/main/logo.png
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4243aacfbc570a5f68224470cffa3d6c23c4d2cd889157ac87a5cd66fab18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/eQ4IB6t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2317977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12653
x-xss-protection
1; mode=block
last-modified
Tue, 12 Apr 2022 02:23:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK0cnlPgi9ErkPcr67JC50%2BcKw9b6LNso8N6ExQoxVvbEMWS2u2ivxS7S%2FKXAkLKF4TF0LRlqyXJc8STLywRtnb10X9pAca98GZ8%2F0nsV5czgB9GTnrERBfC1dXWYlida5EWy9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
72d866196f64babb-MXP
expires
Fri, 23 Jun 2023 06:59:07 GMT
14504
ig.lurefuleuryon.com/tuvLp9DYAtt/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ig.lurefuleuryon.com/tuvLp9DYAtt/14504
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.114 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
dwndbnr1.png
iir.ai/webroot/modern_theme/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iir.ai/webroot/modern_theme/img/dwndbnr1.png
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/eQ4IB6t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8554177
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47787
x-xss-protection
1; mode=block
last-modified
Fri, 15 Nov 2019 16:03:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53Nr%2BDAvJN2mSZQDOXKlm87vh47dGcurhTzdnXz2P4E7bOriRbHvhfJzV9vIBhZICy0%2F5d1lQfn6GXU7W9xRr0%2FBWjzylxgQAvNR0XiJHCyuSKYrYPWYVo9iIkZov3YQ%2BBVyasU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
72d866199bb03760-MXP
expires
Wed, 12 Apr 2023 02:42:27 GMT
tagdiv_theme.min.js
iir.ai/main/wp-content/themes/Newspaper/js/ 		204 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iir.ai/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/eQ4IB6t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
778574
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Nov 2020 05:39:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLqDdx9AdruOcnOZh%2FNgFo%2BPo%2FBw4W8wM6jONQAFDUmOQQ%2BkuopH53oUpi6TEuEAlIDNPhB2UUDJmdTqBLi51aOipPb8rZzPA1Viu7i9fdpvUgW5enBJuGF2OEM6D%2FomavS5lwE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
72d866198ba93760-MXP
expires
Wed, 10 Aug 2022 02:35:50 GMT
script.min.js
iir.ai/cloud_theme/build/js/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iir.ai/cloud_theme/build/js/script.min.js?ver=6.5.3
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f77a19278bb4839222a13521b55fde34d5633a73cc82260d33b65aab5ec822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/eQ4IB6t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
778566
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Nov 2021 17:45:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLGRXOYlQZkUnJkIJX264Oi7XmV9eMoT2bFvfgwO2uJLxNC%2BJ4W%2FtcXUDeoZpTK7u5KkPlopx8TGaHffCUMgwruh7ngTqGkw7LpR1wzW7qIP%2BKrFy8OpP3tjKrHebw4mnIFb67E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
72d866199bab3760-MXP
expires
Wed, 10 Aug 2022 02:35:58 GMT
api.js
www.google.com/recaptcha/ 		850 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Wed, 20 Jul 2022 02:52:06 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YRGVR4QJTX
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf5b7e7bba7cd32565dc2d26d4cc6201ca9198d159a1f79d22fe6f3c1f43081d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73916
x-xss-protection
0
expires
Wed, 20 Jul 2022 02:52:06 GMT
tag.min.js
iclickcdn.com/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
71390
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
f92f2190a0b443731dd4e2f90a9539d7
pragma
no-cache
last-modified
Fri, 08 Jul 2022 11:36:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1f6x2Xpp%2B4oyqsndZcCtzeX7J%2FDoIr6kHuYSA001fb8wYWZaevOzlRH%2B2og9Dg3tjAyzSVxuqxUWNqH9hDvDykSwONGdEpwrId%2Bo%2BcQ2JKp3NuKEb6DN9TwjDL65ZhmTUCoM%2B4OWz0a7eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
72d86619e998bb19-MXP
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Wed, 20 Jul 2022 07:02:16 GMT
3487732
forfrogadiertor.com/400/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/400/3487732
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
53da2688c6f874b4dde5d97a172a124143f350819ad89f277d5e36499ebbbbca
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
b76cf54b0e095bfa82156abe2e96329d
pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
5016962
forfrogadiertor.com/400/ 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/400/5016962
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6de3ceed9d4417fdcd783f0ca2ced86705c3cf5d5b18c1ea91eb4567162874c3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
df3a2bf3e446fb621a6b226a03df83f3
pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
api.js
www.recaptcha.net/recaptcha/ 		921 B
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: iir.ai
URL: https://iir.ai/cloud_theme/build/js/script.min.js?ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
651022474c16d796d15a0e13c3a2ea340168a555a76023bd2af85542869c550a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
582
x-xss-protection
1; mode=block
expires
Wed, 20 Jul 2022 02:52:06 GMT
cmp.js
quantcast.mgr.consensu.org/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: iir.ai
URL: https://iir.ai/eQ4IB6t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:45:15 GMT
content-encoding
br
etag
W/"51870ee6d5cb32ca5311356b296af21f"
last-modified
Tue, 09 Mar 2021 20:17:06 GMT
server
AmazonS3
age
482
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
owjH7X7zU55dgx_3FDovBZIp8vn6RBh6bTfzHB3ZhDlOr3p5RQu8Xg==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
Origin
https://iir.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 20:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 20:59:38 GMT
/
bedrapiona.com/5/3491150/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.401.0
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f78803128b6cb84e6e0671ee850067d4dd799c9e322e489e944e59ec52033633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
04653a21e3ef976b709930de7a06587c
pragma
no-cache, no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://iir.ai
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113561579-7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YRGVR4QJTX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a81d95d34c05b5d085dccf70afab52a59fcbdb68d72b1cbbaad5053ae92dcff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42133
x-xss-protection
0
expires
Wed, 20 Jul 2022 02:52:06 GMT
collect
region1.google-analytics.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YRGVR4QJTX&gtm=2oe7i0&_p=1300138879&_z=ccd.v9B&cid=1066541658.1658285526&ul=en-us&sr=1600x1200&_s=1&sid=1658285526&sct=1&seg=0&dl=https%3A%2F%2Fiir.ai%2FeQ4IB6t&dr=https%3A%2F%2Fclk.sh%2F&dt=Health2Wealth&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YRGVR4QJTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iir.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/5016962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b6726cc8c58083b0a5cd8ba750d7e2759e2c6fdf6696c0cd20611e701b174f68
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iir.ai
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6606
date
Wed, 20 Jul 2022 01:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Jul 2022 03:02:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1300138879&t=pageview&_s=1&dl=https%3A%2F%2Fiir.ai%2FeQ4IB6t&dr=https%3A%2F%2Fclk.sh%2F&ul=en-us&de=UTF-8&dt=Health2Wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1201674120&gjid=1315684039&cid=1066541658.1658285526&tid=UA-113561579-7&_gid=1622442883.1658285526&_r=1&gtm=2ou7i0&z=810804797
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iir.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iir.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
5016962
forfrogadiertor.com/401/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/401/5016962?oo=1&oaid=9c3ce4c80fed4794811efd6d9661ed2e
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/5016962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
11a2425a7c7474c17680867281e259c501e50e5ca12c2e4551124f5e29924b7f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
7baa291f33794109d887f7b2ef1c6067
pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://iir.ai
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
3487732
forfrogadiertor.com/400/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/400/3487732?oo=1&oaid=9c3ce4c80fed4794811efd6d9661ed2e
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d7f9eb6d1434016a81c97d17e42fa41e713146294d49c7f0e7f6ab554828beee
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
dfd1ef3732bbff99626f3172bb454054
pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://iir.ai
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
apu.php
cdn.itskiddoan.club/ 		968 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.itskiddoan.club/apu.php?zoneid=5225632
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9d5e692c973cb97a3b017a6aeb08fdcbba6e7a70ebfade6e76ab302e618ae2eb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
x-content-type-options
nosniff
access-control-max-age
86400
content-length
968
x-trace-id
a59198fc360e532a9f843e50de1f0c22
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
cdn.uponelectabuzzor.club/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.uponelectabuzzor.club/1?z=5251403
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
0c0807acac9997f2cabf9d9359988ab3
date
Wed, 20 Jul 2022 02:52:06 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
stattag.js
tzegilo.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cdf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jun 2022 09:20:35 GMT
server
cloudflare
etag
W/"62a1bb63-c24f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fU9%2BtyarochD8QpMkOLU3DPr16dD12jOP6mPge%2BnOFkYFGvFXlQShbvzWwmnIiCSy2roSLqZh%2FMlgDoq5FDedfQD%2BIHX1aV%2BKzWeOL8C03rfjazqM2pWGn9C47hO3nizfucqY8QJKgmuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
72d8661bac24d600-MXP
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
apu.php
cdn.itskiddoan.club/ 		968 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.itskiddoan.club/apu.php?zoneid=5033358
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/5016962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
67e5834cec4b7ef15ad8dadd1e1ad0f98815fd16c12854dd84a27208e152dab2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
x-content-type-options
nosniff
access-control-max-age
86400
content-length
968
x-trace-id
47e3fbe49edc22953a77492a5b2fdd22
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
3487732
forfrogadiertor.com/500/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/500/3487732?excludes=&oaid=9c3ce4c80fed4794811efd6d9661ed2e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fiir.ai%2FeQ4IB6t&drf=https%3A%2F%2Fclk.sh%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0100bbb15e0aac4ab6b659728da22c509c9353938274ee9bdc0adf904986f4fa
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://iir.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
6cddf8a11fbbfa7d204041dc7101b7a2
pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://iir.ai
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
3487732
forfrogadiertor.com/500/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/500/3487732?excludes=&oaid=9c3ce4c80fed4794811efd6d9661ed2e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fiir.ai%2FeQ4IB6t&drf=https%3A%2F%2Fclk.sh%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://iir.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://iir.ai
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Wed, 20 Jul 2022 02:52:06 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
5016962
forfrogadiertor.com/500/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/500/5016962?excludes=&oaid=9c3ce4c80fed4794811efd6d9661ed2e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fiir.ai%2FeQ4IB6t&drf=https%3A%2F%2Fclk.sh%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/5016962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
20785d1d49e591d11e14e6830b77067c92c1c4851ba9b4271aeb4697b192195b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://iir.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
78f1b0f8babbb7c7b7db9e163663af07
pragma
no-cache
date
Wed, 20 Jul 2022 02:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://iir.ai
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
5016962
forfrogadiertor.com/500/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/500/5016962?excludes=&oaid=9c3ce4c80fed4794811efd6d9661ed2e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fiir.ai%2FeQ4IB6t&drf=https%3A%2F%2Fclk.sh%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://iir.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://iir.ai
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Wed, 20 Jul 2022 02:52:06 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
add
fleraprt.com/log/ 		12 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer
https://iir.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 20 Jul 2022 02:52:39 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://iir.ai
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
last-modified
Thu, 01 Jul 2021 09:13:54 GMT
server
nginx
etag
"60dd8752-86d"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
2157
aa625cf660c651256cd3a26a1d0f0637.jpeg
offerimage.com/www/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/aa625cf660c651256cd3a26a1d0f0637.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fefc6f43618a2084965a7ee8d57e6b0f0d38aed0d07b86ca364fc8466672580a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 02:52:06 GMT
cf-cache-status
HIT
age
64370
cf-ray
72d8661dced30219-ZRH
cf-bgj
h2pri
content-length
8062
last-modified
Tue, 21 Jun 2022 13:04:42 GMT
server
cloudflare
etag
"62b1c1ea-1f7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 08:59:16 GMT

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| tdDetect undefined| tdViewport undefined| tdMenu undefined| tdUtil undefined| tdAffix function| td_smart_list_dropdown undefined| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life undefined| tdIsScrollingAnimation undefined| td_mouse_wheel_or_touch_moved undefined| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class undefined| tdLoadingBox undefined| tdAjaxSearch undefined| tdModalImageLastEl function| tdModalImage undefined| tdBlocks undefined| tdLogin undefined| tdLoginMob undefined| tdDemoMenu undefined| tdTrendingNow undefined| td_history undefined| tdSmartSidebar undefined| tdInfiniteLoader undefined| Froogaloop undefined| tdCustomEvents undefined| tdEvents undefined| tdAjaxCount undefined| tdYoutubePlayers undefined| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update undefined| tdPullDown undefined| td_fps undefined| tdAnimationScroll undefined| tdHomepageFull undefined| tdBackstr undefined| tdAnimationStack undefined| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item undefined| tdAjaxLoop undefined| tdWeather undefined| tdAnimationSprite function| td_date_i18n undefined| tdSocialSharing object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| onloadHCaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS object| elem object| scpt function| __cmp function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| zfgstorage object| m8o68zfcl object| zfgformats function| onClickTrigger boolean| zfgloadedpopup function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| webpushlogs object| syncCallbacks object| __core-js_shared__ object| core function| __uspapi string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaData boolean| __lwkemfd9q__ string| DEFAULT_FORMATS_PROPERTY object| currentScript object| windows object| __ds3dcV__ number| __qwe33wweq__

19 Cookies

Domain/Path Name / Value
clk.sh/ Name: AppSession
Value: 97cede8b4a7192c17e90ba84c76ebcdb
clk.sh/ Name: csrfToken
Value: a6b50609116126255407ad575217c78751eceb052463ff0297036f6995dc7e1403e22b4f3194db1e38ed8e0d678fc94f6187a367cd1eeb931d91271c5a654194
iir.ai/ Name: AppSession
Value: 6633173ced965ea1986c49e5ba577290
iir.ai/ Name: refeQ4IB6t
Value: MDhlOGE0OTc1YmEyZjUyZDQ1MTQxOTMzM2I0MjQyZGZkN2QyY2NmNDEwNjA2ZjVkNTIzODAxMWIyMmFjODU2MGih8dda72sugqcNVsMQVS2oFgrW%2FgMLz%2F5oFb%2FQI9bkA0%2FmUw9Iqt7nQXg26RZ3jw%3D%3D
iir.ai/ Name: csrfToken
Value: 5da387ea7c0e0687528463a9c1128bf0a8d463331a7bd80281764670ce82ddd72c00b51304a8f5405082b0d5f7f0b02e9eec81151f36a7e517b55d1d2ebc6b74
ig.lurefuleuryon.com/ Name: GL_UI4
Value: eJw9jVtOhDAYhYFycTJCPAkLcAkFnMA8GhfhI2npL1MH2kmpQ9y9jYk%2BnS%2FnkhNFUVJXiO85A%2FsSJzwPLe%2FOp05Kfh5kL2gQDW%2BHthfT0L10TY%2BD3kYv5EI%2BxeNMhpyexskqKvEUoj%2FnauxuUmTSCaNKZGtoLCUK6ey%2BkasZUiNWQv52cTZotopP68Aa3gXWJnDMkditZtUBxbs2KgyrI5KGV2Ue4XhbhP%2Bwbh21ymNksxOKEL%2FiYRKeZuu%2BUSjart7eALuo8b%2F%2F%2B8v2hiNXdNdTOLf%2BQu4H6opJ%2Fw%3D%3D
ig.lurefuleuryon.com/ Name: GL_GI10
Value: eJxljNGKwjAURGuqUVlRBvyA%2FoDFuoLs81r1Qb8hhHorQZobkijb%2Ffp1FUTwbTgzZ5IkEdMxhHEYFV%2Bf%2BWKVF8u8mCM9EUOsS4wqvtjoW2V1Q%2BhvyTfatpCeToYtxK7ExyOrio%2BE3rqcvbC71dtRCIRuZWILbLy25%2FriY6ab7KCNxfC%2FeOjTm%2F4%2BSE1wGBwWy1W2j0cMLUUVHNEtfrN37HUkjJ%2F0fiVTDExQzvNPKzuYRNPQL1tSXNeBohToXKX4A4BxTEs%3D
iir.ai/ Name: ab
Value: 2
.iir.ai/ Name: _ga_YRGVR4QJTX
Value: GS1.1.1658285526.1.0.1658285526.0
bedrapiona.com/ Name: OAID
Value: 07d0a6debd964915838e0a43142d0734
bedrapiona.com/ Name: oaidts
Value: 1658285526
my.rtmark.net/ Name: ID
Value: 9c3ce4c80fed4794811efd6d9661ed2e
.iir.ai/ Name: _ga
Value: GA1.2.1066541658.1658285526
.iir.ai/ Name: _gid
Value: GA1.2.1622442883.1658285526
.iir.ai/ Name: _gat_gtag_UA_113561579_7
Value: 1
forfrogadiertor.com/ Name: OAID
Value: 9c3ce4c80fed4794811efd6d9661ed2e
cdn.itskiddoan.club/ Name: oaidts
Value: 1658285526
cdn.itskiddoan.club/ Name: OAID
Value: bfcec3ff372642e689d6a4a1de770150
cdn.uponelectabuzzor.club/ Name: scm
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.uponelectabuzzor.club/1?z=5251403
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedrapiona.com
cdn.itskiddoan.club
cdn.uponelectabuzzor.club
clk.sh
fleraprt.com
forfrogadiertor.com
iclickcdn.com
ig.lurefuleuryon.com
iir.ai
my.rtmark.net
offerimage.com
quantcast.mgr.consensu.org
region1.google-analytics.com
static.cdnativepush.com
tzegilo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.234
139.45.197.236
139.45.197.239
172.255.6.114
2001:4860:4802:32::178
2001:4860:4802:32::36
2600:9000:206f:7600:9:46dc:4700:93a1
2606:4700:10::6816:21ac
2606:4700:20::ac43:483c
2606:4700:20::ac43:4b09
2606:4700:3034::ac43:cdf0
2a00:1450:4001:806::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a06:98c1:3121::3
0100bbb15e0aac4ab6b659728da22c509c9353938274ee9bdc0adf904986f4fa
11a2425a7c7474c17680867281e259c501e50e5ca12c2e4551124f5e29924b7f
1f4243aacfbc570a5f68224470cffa3d6c23c4d2cd889157ac87a5cd66fab18c
20785d1d49e591d11e14e6830b77067c92c1c4851ba9b4271aeb4697b192195b
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774
53da2688c6f874b4dde5d97a172a124143f350819ad89f277d5e36499ebbbbca
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
63f77a19278bb4839222a13521b55fde34d5633a73cc82260d33b65aab5ec822
651022474c16d796d15a0e13c3a2ea340168a555a76023bd2af85542869c550a
67e5834cec4b7ef15ad8dadd1e1ad0f98815fd16c12854dd84a27208e152dab2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdc927f8e7de3a8814c2a0622bb4b425f9e1ce8a8cc2394212e5e30baa1c2f6
6de3ceed9d4417fdcd783f0ca2ced86705c3cf5d5b18c1ea91eb4567162874c3
8ef1b414dd643e0120120dfc39cf3bcba9b3db154d5156c5f820ee5b261d0e48
9d5e692c973cb97a3b017a6aeb08fdcbba6e7a70ebfade6e76ab302e618ae2eb
9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a81d95d34c05b5d085dccf70afab52a59fcbdb68d72b1cbbaad5053ae92dcff1
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b6726cc8c58083b0a5cd8ba750d7e2759e2c6fdf6696c0cd20611e701b174f68
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf5b7e7bba7cd32565dc2d26d4cc6201ca9198d159a1f79d22fe6f3c1f43081d
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d7f9eb6d1434016a81c97d17e42fa41e713146294d49c7f0e7f6ab554828beee
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f78803128b6cb84e6e0671ee850067d4dd799c9e322e489e944e59ec52033633
fefc6f43618a2084965a7ee8d57e6b0f0d38aed0d07b86ca364fc8466672580a