urlscan.io logo urlscan.io
SecurityTrails logo

sarmaye.org Open in urlscan Pro
194.33.107.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href=https%3A%2F%2Fcance...
Effective URL: https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxk...
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 9 HTTP transactions. The main IP is 194.33.107.240, located in Iran, Islamic Republic Of and belongs to TANA-AS, IR. The main domain is sarmaye.org.
TLS certificate: Issued by R10 on July 10th 2024. Valid for: 3 months.
This is the only time sarmaye.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 40.68.210.104 8075 (MICROSOFT...)
2 172.233.64.160 63949 (AKAMAI-LI...)
2 4 194.33.107.240 47843 (TANA-AS)
1 104.18.10.207 13335 (CLOUDFLAR...)
3 216.58.206.36 15169 (GOOGLE)
1 142.250.185.131 15169 (GOOGLE)
9 6
1    40.68.210.104 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
my.effairs.at
2    172.233.64.160 (Osaka, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: osproxy-1.osa1.jp.prod.linode.com
cancel-request.jp-osa-1.linodeobjects.com
4    194.33.107.240 (Iran, Islamic Republic Of)

ASN47843 (TANA-AS, IR)
PTR: nsa.avps.ir
sarmaye.org
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
3    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net
www.google.com
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
4 sarmaye.org
sarmaye.org
18 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
965 B
2 linodeobjects.com
cancel-request.jp-osa-1.linodeobjects.com
2 KB
1 gstatic.com
www.gstatic.com
213 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
27 KB
1 effairs.at
my.effairs.at
839 B
9 6
Domain Requested by
4 sarmaye.org 2 redirects cancel-request.jp-osa-1.linodeobjects.com
3 www.google.com sarmaye.org
www.gstatic.com
2 cancel-request.jp-osa-1.linodeobjects.com
1 www.gstatic.com www.google.com
1 stackpath.bootstrapcdn.com sarmaye.org
1 my.effairs.at 1 redirects
9 6

This site contains no links.

Subject Issuer Validity Valid
jp-osa-1.linodeobjects.com
R11		 2024-07-31 -
2024-10-29		 3 months crt.sh
sarmaye.org
R10		 2024-07-10 -
2024-10-08		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA
Frame ID: 30EB4401BF83589FBE0B99A2C0CB9F9A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-7d0pAAAAAL82TidJYklI_F0t4A4LqkqAIlD2&co=aHR0cHM6Ly9zYXJtYXllLm9yZzo0NDM.&hl=de-AT&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=normal&cb=28bjyfnpt2tm
Frame ID: C8079C547254E70DC453F5BD1995BF0E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-AT&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6Ld-7d0pAAAAAL82TidJYklI_F0t4A4LqkqAIlD2
Frame ID: 859D645C0DE48E178D0F502E87C2B3D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

reCaptcha

Page URL History Show full URLs

  1. http://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href... HTTP 307
    https://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href... HTTP 302
    https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ== Page URL
  2. https://sarmaye.org/wp-includes/css/jsp/a/img0//?email=laurence.paquet@sealease.com HTTP 302
    https://sarmaye.org/wp-includes/css/jsp/a/img0/index.php?csrftoken=MTcyMjUxMDA5NzEzNDQxMjk5Nzc2M... HTTP 302
    https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

260 kB
Transfer

715 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href=https%3A%2F%2Fcancel-request.jp-osa-1.linodeobjects.com%2Findex.html%3Femail%3DbGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ%3D%3D&umid=470BC5C0-1E8D-6C06-94CC-3F9CD2CAFD89&auth=dd31930d61064e673c596300b96ee73f52f67596-96908ffbc75d11c4642ffbb712479a0b0b16699e HTTP 307
    https://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href=https%3A%2F%2Fcancel-request.jp-osa-1.linodeobjects.com%2Findex.html%3Femail%3DbGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ%3D%3D&umid=470BC5C0-1E8D-6C06-94CC-3F9CD2CAFD89&auth=dd31930d61064e673c596300b96ee73f52f67596-96908ffbc75d11c4642ffbb712479a0b0b16699e HTTP 302
    https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ== Page URL
  2. https://sarmaye.org/wp-includes/css/jsp/a/img0//?email=laurence.paquet@sealease.com HTTP 302
    https://sarmaye.org/wp-includes/css/jsp/a/img0/index.php?csrftoken=MTcyMjUxMDA5NzEzNDQxMjk5Nzc2MTk5MjFjNWVlMDUwZjQ5YjRiODUwMWE2NmRjYjI0ZTVhZDYxNjI4MzNlOGMyM2MzOTM0ZDJkY2YyZjdiZQ== HTTP 302
    https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href=https%3A%2F%2Fcancel-request.jp-osa-1.linodeobjects.com%2Findex.html%3Femail%3DbGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ%3D%3D&umid=470BC5C0-1E8D-6C06-94CC-3F9CD2CAFD89&auth=dd31930d61064e673c596300b96ee73f52f67596-96908ffbc75d11c4642ffbb712479a0b0b16699e HTTP 307
  • https://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href=https%3A%2F%2Fcancel-request.jp-osa-1.linodeobjects.com%2Findex.html%3Femail%3DbGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ%3D%3D&umid=470BC5C0-1E8D-6C06-94CC-3F9CD2CAFD89&auth=dd31930d61064e673c596300b96ee73f52f67596-96908ffbc75d11c4642ffbb712479a0b0b16699e HTTP 302
  • https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ==

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
cancel-request.jp-osa-1.linodeobjects.com/
Redirect Chain
  • http://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href=https%3A%2F%2Fcancel-request.jp-osa-1.linodeobjects.com%2Findex.html%3Femail%3DbGF1cmVuY2UucGFxdWV0...
  • https://my.effairs.at/austriatech/link/t?i=2744057445445&v=0&c=laurence.paquet%40sealease.com&href=https%3A%2F%2Fcancel-request.jp-osa-1.linodeobjects.com%2Findex.html%3Femail%3DbGF1cmVuY2UucGFxdWV...
  • https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ==
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.233.64.160 Osaka, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
osproxy-1.osa1.jp.prod.linode.com
Software
/
Resource Hash
a1465cf3ecce73dd219286c79ce09df7aafafc5a624a96ef4941b848d6c03712

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
1122
Content-Type
text/html
Date
Thu, 01 Aug 2024 11:01:36 GMT
ETag
"a79c630f5feed8754a00539c047ea9d3"
Last-Modified
Wed, 31 Jul 2024 12:13:55 GMT
x-amz-request-id
tx00000bc91067c38406419-0066ab6b10-3d2b0266-default
x-rgw-object-type
Normal

Redirect headers

Cache-Control
private
Content-Length
224
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Aug 2024 11:01:35 GMT
Location
https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ==
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
favicon.ico
cancel-request.jp-osa-1.linodeobjects.com/ 		232 B
464 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cancel-request.jp-osa-1.linodeobjects.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.233.64.160 Osaka, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
osproxy-1.osa1.jp.prod.linode.com
Software
/
Resource Hash
d6dd083b05349ac89ac19e6cb2f30c581a7ad1f76c256215251ed08fb01120b6

Request headers

Referer
https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 11:01:36 GMT
Connection
keep-alive
x-amz-request-id
tx00000af62e544cdeb5609-0066ab6b10-3db94e09-default
Accept-Ranges
bytes
Content-Length
232
Content-Type
application/xml
Primary Request check.php
sarmaye.org/wp-includes/css/jsp/a/img0/
Redirect Chain
  • https://sarmaye.org/wp-includes/css/jsp/a/img0//?email=laurence.paquet@sealease.com
  • https://sarmaye.org/wp-includes/css/jsp/a/img0/index.php?csrftoken=MTcyMjUxMDA5NzEzNDQxMjk5Nzc2MTk5MjFjNWVlMDUwZjQ5YjRiODUwMWE2NmRjYjI0ZTVhZDYxNjI4MzNlOGMyM2MzOTM0ZDJkY2YyZjdiZQ==
  • https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA
12 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA
Requested by
Host: cancel-request.jp-osa-1.linodeobjects.com
URL: https://cancel-request.jp-osa-1.linodeobjects.com/index.html?email=bGF1cmVuY2UucGFxdWV0QHNlYWxlYXNlLmNvbQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.33.107.240 , Iran, Islamic Republic Of, ASN47843 (TANA-AS, IR),
Reverse DNS
nsa.avps.ir
Software
Apache /
Resource Hash
4a0d7082a8df2a42316a8f7c71eaae1f768d776ae7bdbd72ee983c02ecc0ca0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cancel-request.jp-osa-1.linodeobjects.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
9017
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Aug 2024 11:01:38 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=1, max=28
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Aug 2024 11:01:37 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=1, max=29
Location
check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA
Pragma
no-cache
Server
Apache
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: sarmaye.org
URL: https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sarmaye.org/
Origin
https://sarmaye.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 11:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1055
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5162
cdn-cachedat
03/18/2024 12:46:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9930ba288974828ae04bdb2141a7da9d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8ac554d49d205b9d-VIE
cdn-requestpullsuccess
True
api.js
www.google.com/recaptcha/ 		1 KB
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: sarmaye.org
URL: https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
GSE /
Resource Hash
cebfed84fd46ea8b4b54d9188d7d6127c567cc9692355c80fd5be9a06e39ff93
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sarmaye.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 11:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 01 Aug 2024 11:01:38 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
recaptcha__de_at.js
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 		533 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de_at.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
5a4fd8f1e37f3c66dce97ea6323172babd6b2ba68fde0ac47ebd60fe2debf5b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sarmaye.org/
Origin
https://sarmaye.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 13:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216992
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Jul 2025 13:15:08 GMT
anchor
www.google.com/recaptcha/api2/ Frame C807 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-7d0pAAAAAL82TidJYklI_F0t4A4LqkqAIlD2&co=aHR0cHM6Ly9zYXJtYXllLm9yZzo0NDM.&hl=de-AT&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=normal&cb=28bjyfnpt2tm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de_at.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mO2CyDkraLEfa-jnsNY76g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sarmaye.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mO2CyDkraLEfa-jnsNY76g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 11:01:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
sarmaye.org/wp-includes/css/jsp/a/img0/auth/resources/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sarmaye.org/wp-includes/css/jsp/a/img0/auth/resources/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.33.107.240 , Iran, Islamic Republic Of, ASN47843 (TANA-AS, IR),
Reverse DNS
nsa.avps.ir
Software
Apache /
Resource Hash
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sarmaye.org/wp-includes/css/jsp/a/img0/check.php?tap=VMj0pL1FiROI7iSXQ8cTPblruyeyCprqfbR8Xzh2ngR393pcewxTtxkMPWNq1V1B2NmrXOXazWWMyvSP9wSsX1eALazwKQcALME4QvbZrZy346KMldWBwHxVzmdxutZA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 11:01:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Jul 2024 18:47:52 GMT
Server
Apache
Content-Type
image/x-icon
Cache-Control
max-age=3600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=27
Content-Length
7886
X-XSS-Protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame 859D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de-AT&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6Ld-7d0pAAAAAL82TidJYklI_F0t4A4LqkqAIlD2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de_at.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oWQ7jJa1w99IAkVivoHj4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sarmaye.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oWQ7jJa1w99IAkVivoHj4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 11:01:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| recaptchaCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_549027

5 Cookies

Domain/Path Name / Value
my.effairs.at/ Name: Abp.Localization.CultureName
Value: de
my.effairs.at/ Name: ASP.NET_SessionId
Value: njdgocdy3usbezgs0iwynv42
.my.effairs.at/ Name: ARRAffinity
Value: 51d5c5f8496586ba1e8a4b26be9fb63e3ef5f70baf7da31ee2c1c6721dac5ec8
.my.effairs.at/ Name: ARRAffinitySameSite
Value: 51d5c5f8496586ba1e8a4b26be9fb63e3ef5f70baf7da31ee2c1c6721dac5ec8
sarmaye.org/ Name: PHPSESSID
Value: a03db54207613fa9324feba15edbdfef

1 Console Messages

Source Level URL
Text
network error URL: https://cancel-request.jp-osa-1.linodeobjects.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)