URL: https://user-de2.balloon-pc.ir/
Submission: On June 19 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3034::ac43:bc7d, located in United States and belongs to CLOUDFLARENET, US. The main domain is user-de2.balloon-pc.ir.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.
This is the only time user-de2.balloon-pc.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:303... 13335 (CLOUDFLAR...)
21 1
Apex Domain
Subdomains
Transfer
21 balloon-pc.ir
user-de2.balloon-pc.ir
145 KB
21 1
Domain Requested by
21 user-de2.balloon-pc.ir user-de2.balloon-pc.ir
21 1
Subject Issuer Validity Valid
balloon-pc.ir
WE1
2024-06-12 -
2024-09-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://user-de2.balloon-pc.ir/
Frame ID: 2485183600B11F4E54EE7ED9CF759AA2
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Start - riseup.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

145 kB
Transfer

285 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
user-de2.balloon-pc.ir/
15 KB
5 KB
Document
General
Full URL
https://user-de2.balloon-pc.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8752352b023f04131f8106ec78b1d7ecc357dc029cf93e02de87c4640e080f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
896479c3ab841976-FRA
content-encoding
br
content-language
de
content-location
index.de.html
content-type
text/html
date
Wed, 19 Jun 2024 15:15:39 GMT
last-modified
Mon, 06 May 2024 13:55:10 GMT
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/index.de.html
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
tcn
choice
vary
negotiate,accept-language,Accept-Encoding
x-cache-status
MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
bootstrap.min.css
user-de2.balloon-pc.ir/assets/
77 KB
13 KB
Stylesheet
General
Full URL
https://user-de2.balloon-pc.ir/assets/bootstrap.min.css
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac6cb3bddd96749e147a925f1539abf0ed87b4add4d89b59feb1066734487a39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
cf-cache-status
MISS
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
content-length
12605
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"13223-617c964aa1f40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/bootstrap.min.css
content-type
text/css
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479c95c7d1976-FRA
font-awesome.min.css
user-de2.balloon-pc.ir/assets/font-awesome-4.6.3/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://user-de2.balloon-pc.ir/assets/font-awesome-4.6.3/css/font-awesome.min.css
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6666
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"7187-617c964aa1f40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/font-awesome-4.6.3/css/font-awesome.min.css
content-type
text/css
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479c95c7f1976-FRA
style.css
user-de2.balloon-pc.ir/assets/
8 KB
2 KB
Stylesheet
General
Full URL
https://user-de2.balloon-pc.ir/assets/style.css
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbb512825425b358f2de0f526a4150d707b45ca959745a5f07734ca8d838780
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
cf-cache-status
MISS
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
content-length
2033
last-modified
Mon, 06 May 2024 13:56:06 GMT
server
cloudflare
etag
"1f27-617c96e42c980-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/style.css
content-type
text/css
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479c95c801976-FRA
nav-home.svg
user-de2.balloon-pc.ir/assets/images/riseup/
4 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-home.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b595df3ddfdd0135954566c9e223938a03bf7d3c4ae4e8acd2f873559bc369d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"e7d-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-home.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e151976-FRA
nav-donate.svg
user-de2.balloon-pc.ir/assets/images/riseup/
11 KB
5 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-donate.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f140b61d39ca9dc166b33df89419bf950d4ec83e02d30cd6346a4d942ee14a66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"2dbf-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-donate.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e181976-FRA
nav-account.svg
user-de2.balloon-pc.ir/assets/images/riseup/
4 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-account.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60dba8614697cf0a8191692f6be57050177d6c44921f64442dc496b682dc20cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"1047-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-account.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e191976-FRA
nav-support.svg
user-de2.balloon-pc.ir/assets/images/riseup/
3 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-support.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23e4dea9e28fe465e0bf6542221cf4be39ce71a659ee60a04325c75940177f54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"df8-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-support.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e1c1976-FRA
nav-email.svg
user-de2.balloon-pc.ir/assets/images/riseup/
4 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-email.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee887b674a6268bc0f5de24dd5db6b1f40009b408da37925c8cbfd11b2f09991
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"f22-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-email.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e1d1976-FRA
nav-vpn.svg
user-de2.balloon-pc.ir/assets/images/riseup/
3 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-vpn.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9ce5a261a50aef20c0b257af8f668aebccbd21e268574bb6083a2cf1aa77fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"c52-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-vpn.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e1e1976-FRA
nav-lists.svg
user-de2.balloon-pc.ir/assets/images/riseup/
4 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-lists.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60545086221b26c85d226df07d8359f146d1860a9ec21a9cefb8379555db7c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"10ad-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-lists.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e201976-FRA
nav-pad.svg
user-de2.balloon-pc.ir/assets/images/riseup/
3 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-pad.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17242b44e89a729340773c844bd0df57933edc6d2adb0b7910e61480fc99975d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"dd1-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-pad.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e211976-FRA
nav-share.svg
user-de2.balloon-pc.ir/assets/images/riseup/
3 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-share.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6b2170f9855518c17fc7acc2fba7379e365d6c1c6ec8ca5ca47e4b976f0199
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"b99-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-share.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e241976-FRA
nav-groups.svg
user-de2.balloon-pc.ir/assets/images/riseup/
5 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/nav-groups.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7f92abe6d15fe0569c7badbc0914bec947a4a20ea6e35953f297427bb9124e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"12bb-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/nav-groups.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e261976-FRA
murder-of-crows-with-text.svg
user-de2.balloon-pc.ir/assets/images/riseup/
31 KB
12 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup/murder-of-crows-with-text.svg
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2898f5662f27a6f38701333f973b37ce583e8d7ab68a017f0f56ff583bcb3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
content-encoding
br
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
W/"7d37-617c964aa1f40"
vary
Accept-Encoding
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup/murder-of-crows-with-text.svg
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
cf-ray
896479cf9e281976-FRA
riseup-rainbow.png
user-de2.balloon-pc.ir/assets/images/
7 KB
7 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup-rainbow.png
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc6ec08f0c0dadf64e6292f5deb84fb2580428e8e03cf517997987ba3ddfa41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6988
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"1b4c-617c964aa1f40"
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup-rainbow.png
content-type
image/png
vary
Accept-Encoding
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479cf9e291976-FRA
riseup-red.png
user-de2.balloon-pc.ir/assets/images/
1 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup-red.png
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71de75fc64b5a07fd44df35256c3bcae80d3a52b860f42eacee6178db9ff1b30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
1042
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"412-617c964aa1f40"
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup-red.png
content-type
image/png
vary
Accept-Encoding
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479cf9e2a1976-FRA
riseup-black.png
user-de2.balloon-pc.ir/assets/images/
1 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup-black.png
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e741aefa60eb2bec0dc4ae2c5f03b3afe27f96533a41fba0de5eab08bdcfc02e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
1185
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"4a1-617c964aa1f40"
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup-black.png
content-type
image/png
vary
Accept-Encoding
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479cf9e2b1976-FRA
riseup-green.png
user-de2.balloon-pc.ir/assets/images/
1 KB
2 KB
Image
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/riseup-green.png
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f3312f2b355963d877ca3cc3da1335bb5bc989a6f9852b351fff74cfc472d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
1208
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"4b8-617c964aa1f40"
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/riseup-green.png
content-type
image/png
vary
Accept-Encoding
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479cf9e2c1976-FRA
fontawesome-webfont.woff2
user-de2.balloon-pc.ir/assets/font-awesome-4.6.3/fonts/
70 KB
71 KB
Font
General
Full URL
https://user-de2.balloon-pc.ir/assets/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: user-de2.balloon-pc.ir
URL: https://user-de2.balloon-pc.ir/assets/font-awesome-4.6.3/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/assets/font-awesome-4.6.3/css/font-awesome.min.css
Origin
https://user-de2.balloon-pc.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
71896
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"118d8-617c964aa1f40"
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2
content-type
font/woff2
vary
Accept-Encoding
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479cfbe421976-FRA
favicon.png
user-de2.balloon-pc.ir/assets/images/
416 B
923 B
Other
General
Full URL
https://user-de2.balloon-pc.ir/assets/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bc7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc4d82d1ee94e87f2714115e0b24f79e8c6e339acdba1db8f6fd659fb0d1e01c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://user-de2.balloon-pc.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:15:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to": "default", "max_age": 86400, "failure_fraction": 0.1, "success_fraction": 0.0}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
416
last-modified
Mon, 06 May 2024 13:53:25 GMT
server
cloudflare
etag
"1a0-617c964aa1f40"
x-frame-options
SAMEORIGIN
onion-location
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/assets/images/favicon.png
content-type
image/png
vary
Accept-Encoding
report-to
{"group": "default", "max_age": 86400, "endpoints": [{"url": "https://live-reports.float.hexacab.org/ingest/v1"}]}
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
896479cfce501976-FRA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

user-de2.balloon-pc.ir
2606:4700:3034::ac43:bc7d
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0b2898f5662f27a6f38701333f973b37ce583e8d7ab68a017f0f56ff583bcb3c
17242b44e89a729340773c844bd0df57933edc6d2adb0b7910e61480fc99975d
19f3312f2b355963d877ca3cc3da1335bb5bc989a6f9852b351fff74cfc472d6
23e4dea9e28fe465e0bf6542221cf4be39ce71a659ee60a04325c75940177f54
60dba8614697cf0a8191692f6be57050177d6c44921f64442dc496b682dc20cb
71de75fc64b5a07fd44df35256c3bcae80d3a52b860f42eacee6178db9ff1b30
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
9e6b2170f9855518c17fc7acc2fba7379e365d6c1c6ec8ca5ca47e4b976f0199
9e9ce5a261a50aef20c0b257af8f668aebccbd21e268574bb6083a2cf1aa77fe
a60545086221b26c85d226df07d8359f146d1860a9ec21a9cefb8379555db7c8
a8752352b023f04131f8106ec78b1d7ecc357dc029cf93e02de87c4640e080f6
ac6cb3bddd96749e147a925f1539abf0ed87b4add4d89b59feb1066734487a39
ad7f92abe6d15fe0569c7badbc0914bec947a4a20ea6e35953f297427bb9124e
b595df3ddfdd0135954566c9e223938a03bf7d3c4ae4e8acd2f873559bc369d0
cc4d82d1ee94e87f2714115e0b24f79e8c6e339acdba1db8f6fd659fb0d1e01c
cfbb512825425b358f2de0f526a4150d707b45ca959745a5f07734ca8d838780
e741aefa60eb2bec0dc4ae2c5f03b3afe27f96533a41fba0de5eab08bdcfc02e
ee887b674a6268bc0f5de24dd5db6b1f40009b408da37925c8cbfd11b2f09991
f140b61d39ca9dc166b33df89419bf950d4ec83e02d30cd6346a4d942ee14a66
ffc6ec08f0c0dadf64e6292f5deb84fb2580428e8e03cf517997987ba3ddfa41