user.aryana.top Open in urlscan Pro
5.145.115.206  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response user.aryana.top/	7 KB 4 KB	4784ms 3956ms	Document text/html	5.145.115.206 MEGANETWORK-ASN -...
General Check archive.org Show headers Download Go to Full URL https://user.aryana.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.145.115.206 , Iran, Islamic Republic Of, ASN60256 (MEGANETWORK-ASN --- --- --- --- Meganetwork.ir Legacy --- Cloud Datacenter and Storage Solutions --- --- --- ---, IR), Reverse DNS Software DERAK.CLOUD / Resource Hash 62075b8f6a535cdf6b5180155f0482e78cada3a6804f57a1d5ee81de2c84014d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=10 public content-encoding gzip content-type text/html date Tue, 25 Apr 2023 11:37:55 GMT derak-cache MISS derak-served 3.701 derak-umbrage f11b3e1e6925429d8abda4e9acdbae2c-EF-115-206-98-21-01.cdn etag W/"6441695f-1cee" expires Tue, 25 Apr 2023 11:38:05 GMT last-modified Thu, 20 Apr 2023 16:33:35 GMT server DERAK.CLOUD strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-cdn Imperva x-iinfo 10-537198797-537198807 NNNN CT(61 66 0) RT(1682422671805 69) q(0 31 31 -1) r(31 31) U12
GET H2	200	a-with-which-them-Yes-thing-Dance-I-prettyre-me- user.aryana.top/	139 KB 0	7730ms 7730ms	Script text/javascript	5.145.115.206 MEGANETWORK-ASN -...
General Check archive.org Show headers Download Go to Full URL https://user.aryana.top/a-with-which-them-Yes-thing-Dance-I-prettyre-me- Requested by Host: user.aryana.top URL: https://user.aryana.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.145.115.206 , Iran, Islamic Republic Of, ASN60256 (MEGANETWORK-ASN --- --- --- --- Meganetwork.ir Legacy --- Cloud Datacenter and Storage Solutions --- --- --- ---, IR), Reverse DNS Software DERAK.CLOUD / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 11:37:56 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-cdn Imperva server DERAK.CLOUD derak-cache MISS etag W/"2e7b20ad" vary Accept-Encoding content-type text/javascript derak-served 0.628 x-iinfo 10-537199489-0 0CNN RT(1682422675778 70) q(0 -1 -1 -1) r(0 -1) cache-control max-age=23, public derak-umbrage e5c0be97c7b82bf07e1c1650476755ac-EF-115-206-98-21-01.cdn expires Tue, 25 Apr 2023 11:38:18 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	74 KB 25 KB	196ms 100ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: user.aryana.top URL: https://user.aryana.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0a62afcba3886187e4fe866c7719e64db5050b8922d82a7d7663aa215afff697 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 11:37:55 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25012 x-xss-protection 0 server cafe etag 597 / 19472 / m202304190101 / config-hash: 14056978138630577265 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 25 Apr 2023 11:37:55 GMT
GET H2	200	wrapup_gettr_1_1_0.js Show response public.servenobid.com/partner/gettr/	230 KB 74 KB	99ms 32ms	Script application/javascript	18.65.39.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.servenobid.com/partner/gettr/wrapup_gettr_1_1_0.js Requested by Host: user.aryana.top URL: https://user.aryana.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-91.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash a9f897bab8f34ae5f92373ce8e760aba7827c594c07f21373e66841f11a143a2 Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 04:15:52 GMT content-encoding gzip via 1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront) last-modified Tue, 10 Jan 2023 22:00:51 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 130671 x-amz-server-side-encryption AES256 etag W/"1712c9d340a8416c52b1b5bf7f4ff233" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id btRZ-lY_WAYZj8A0eI8zsDs2Bvf-jLApqC9HO-qHS740LrxfGCgqLg==
GET H2	204	choice.js Show response cmp.quantcast.com/choice/RTqhyjztMK-nu/user.aryana.top/	0 325 B	218ms 148ms	Script text/plain	2600:9000:21c7:4000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/choice/RTqhyjztMK-nu/user.aryana.top/choice.js?tag_version=V2 Requested by Host: user.aryana.top URL: https://user.aryana.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21c7:4000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 11:37:54 GMT via 1.1 1396f0307ab4835adf6e4163507d4c8a.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop AMS54-C1 vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Miss from cloudfront cache-control max-age=3600 cross-origin-resource-policy cross-origin x-amz-cf-id TlR_CIy_fgitySLAbnlnpqN_ezctn8LAaKNYJXTGnRczvvMo6IyxGg==
GET H2	200	7.3f6d4921.chunk.css user.aryana.top/static/css/	342 KB 97 KB	7713ms 7713ms	Stylesheet text/css	5.145.115.206 MEGANETWORK-ASN -...
General Check archive.org Show headers Download Go to Full URL https://user.aryana.top/static/css/7.3f6d4921.chunk.css Requested by Host: user.aryana.top URL: https://user.aryana.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.145.115.206 , Iran, Islamic Republic Of, ASN60256 (MEGANETWORK-ASN --- --- --- --- Meganetwork.ir Legacy --- Cloud Datacenter and Storage Solutions --- --- --- ---, IR), Reverse DNS Software DERAK.CLOUD / Resource Hash c0e0a98ea9f3beacc0d138d2042c1e562bb89138c8592236a4101596cecfa4e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 11:37:56 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip last-modified Thu, 13 Apr 2023 10:53:20 GMT x-cdn Imperva server DERAK.CLOUD derak-cache MISS etag W/"6437df20-5593b" vary Accept-Encoding content-type text/css derak-served 0.616 x-iinfo 6-239588083-0 0CNN RT(1682422675791 67) q(0 -1 -1 -1) r(0 -1) cache-control max-age=30507258, public derak-umbrage 825dbe7f5e36cc7c2b0f08ae043108b6-EF-115-206-98-21-01.cdn expires Fri, 12 Apr 2024 13:52:13 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	360 KB 121 KB	114ms 33ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: public.servenobid.com URL: https://public.servenobid.com/partner/gettr/wrapup_gettr_1_1_0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 11:37:55 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123415 x-xss-protection 0 expires Tue, 25 Apr 2023 11:37:55 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/	400 KB 124 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 05:38:27 GMT content-encoding br x-content-type-options nosniff age 21568 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127052 x-xss-protection 0 server cafe etag 14196522953641333499 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 24 Apr 2024 05:38:27 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	37 B 65 B	101ms 57ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=user.aryana.top Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bc61b633042b1d2c93b2e90eee720960721d94848feae04eee0092b233d0abf4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 11:37:55 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41 x-xss-protection 0 expires Tue, 25 Apr 2023 11:37:55 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	88ms 34ms	Stylesheet text/css	2a00:1450:4001:801::200a
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: user.aryana.top URL: https://user.aryana.top/static/css/7.3f6d4921.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a -, , ASN (), Reverse DNS Software ESF / Resource Hash 5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://user.aryana.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 11:38:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 11:38:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 11:38:34 GMT
GET		7.fa7bbc88.chunk.js user.aryana.top/static/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

user.aryana.top

URL

https://user.aryana.top/static/js/7.fa7bbc88.chunk.js

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| __tcfapi function| __uspapi object| pbjsChunk object| pbjs object| _pbjsGlobals string| nobidVersion object| nobid object| wrapup object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.aryana.top/	1970-01-20 20:05:58	Name: __derak_session Value: f7742707-c1d8-40fa-c0f2-bfc49fc1bac1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmp.quantcast.com
fonts.googleapis.com
imasdk.googleapis.com
public.servenobid.com
securepubads.g.doubleclick.net
user.aryana.top
user.aryana.top
18.65.39.91
2600:9000:21c7:4000:9:46dc:4700:93a1
2a00:1450:4001:801::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
5.145.115.206
0a62afcba3886187e4fe866c7719e64db5050b8922d82a7d7663aa215afff697
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
62075b8f6a535cdf6b5180155f0482e78cada3a6804f57a1d5ee81de2c84014d
a9f897bab8f34ae5f92373ce8e760aba7827c594c07f21373e66841f11a143a2
bc61b633042b1d2c93b2e90eee720960721d94848feae04eee0092b233d0abf4
c0e0a98ea9f3beacc0d138d2042c1e562bb89138c8592236a4101596cecfa4e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855