Submitted URL: http://www.mardomreport.net/
Effective URL: https://www.mardomreport.net/
Submission: On June 08 via manual from DE — Scanned from DE

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 24 HTTP transactions. The main IP is 192.124.249.80, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.mardomreport.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 31st 2024. Valid for: a year.
This is the only time www.mardomreport.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
8 mardomreport.net
www.mardomreport.net
84 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
2 histats.com
s4.histats.com — Cisco Umbrella Rank: 10924
s10.histats.com — Cisco Umbrella Rank: 10693
7 KB
2 solarislabyrinth.com
solarislabyrinth.com
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
164 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 776
482 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1587
643 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1631
9 KB
1 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3847
853 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 124
32 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 8646
326 B
1 freepik.com
img.freepik.com — Cisco Umbrella Rank: 23613
7 KB
24 12
Domain Requested by
8 www.mardomreport.net www.mardomreport.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 solarislabyrinth.com www.mardomreport.net
solarislabyrinth.com
2 www.googletagmanager.com www.mardomreport.net
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.adsafeprotected.com www.mardomreport.net
1 rules.quantcount.com secure.quantserve.com
1 s10.histats.com www.mardomreport.net
1 s4.histats.com www.mardomreport.net
1 secure.quantserve.com www.mardomreport.net
1 udmserve.net www.mardomreport.net
1 i.ytimg.com www.mardomreport.net
1 cmp.quantcast.com www.mardomreport.net
1 img.freepik.com www.mardomreport.net
24 14
Subject Issuer Validity Valid
mardomreport.net
Go Daddy Secure Certificate Authority - G2
2024-03-31 -
2025-03-31
a year crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.freepik.com
R3
2024-04-09 -
2024-07-08
3 months crt.sh
solarislabyrinth.com
E1
2024-05-26 -
2024-08-24
3 months crt.sh
cmp.quantcast.com
R3
2024-04-25 -
2024-07-24
3 months crt.sh
edgestatic.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-30 -
2024-11-16
10 months crt.sh
quantserve.com
R3
2024-04-25 -
2024-07-24
3 months crt.sh
histats.com
R3
2024-05-13 -
2024-08-11
3 months crt.sh
s10.histats.com
E1
2024-04-11 -
2024-07-10
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2024-04-25 -
2025-05-24
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.mardomreport.net/
Frame ID: 122F5A4228BA2A415DF7C8288FC3FF27
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

2024© MardomReport.net - Links to news sources about Iran

Page URL History Show full URLs

  1. http://www.mardomreport.net/ HTTP 307
    https://www.mardomreport.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

24
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

15
IPs

4
Countries

352 kB
Transfer

816 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mardomreport.net/ HTTP 307
    https://www.mardomreport.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.mardomreport.net/
Redirect Chain
  • http://www.mardomreport.net/
  • https://www.mardomreport.net/
91 KB
22 KB
Document
General
Full URL
https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
2e972bfcce6508d35368a73c264f70ef070b89a9797cf33a9e16dd96c7d8907e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
21949
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Sat, 08 Jun 2024 06:19:47 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
EXPIRED
x-sucuri-id
15030
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.mardomreport.net/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/
206 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-37380840-1
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a33644b1b177c0af6b1ef54f3ece8be61a15a760d7de049087931b5bc3b8a383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75978
x-xss-protection
0
last-modified
Sat, 08 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 08 Jun 2024 06:19:48 GMT
style.css
www.mardomreport.net/css/
1 KB
768 B
Stylesheet
General
Full URL
https://www.mardomreport.net/css/style.css
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
ca25ae43ad5cad575dbf41db917ea8fd8d3ff4c31744eaad2e51c384e70de52f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:47 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-sucuri-cache
HIT
content-length
397
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 07:21:00 GMT
server
nginx
etag
"bd80197-5d1-5918cd05d4930-br"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15030
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
report_logo_2017.jpg
www.mardomreport.net/imag/
13 KB
13 KB
Image
General
Full URL
https://www.mardomreport.net/imag/report_logo_2017.jpg
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
0fadf81ca2e206127162d8a63af26deb70022fbb89c34beb0f627d8d66cd3b27
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:47 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Mon, 26 Aug 2019 16:46:03 GMT
server
nginx
etag
"bd80108-3313-59107e43e07bd"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15030
accept-ranges
bytes
content-length
13075
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
facebook_pic.png
www.mardomreport.net/imag/
22 KB
23 KB
Image
General
Full URL
https://www.mardomreport.net/imag/facebook_pic.png
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
bbec61b6c0365d1220560c05f7d2a1c1d3dad61d0f0b979b5d10821991009d73
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:47 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Mon, 26 Aug 2019 20:00:51 GMT
server
nginx
etag
"bd80109-5977-5910a9cddab51"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15030
accept-ranges
bytes
content-length
22903
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
new-twitter-logo-x-2023-twitter-x-logo-vector_972667-597.jpg
img.freepik.com/premium-vector/
7 KB
7 KB
Image
General
Full URL
https://img.freepik.com/premium-vector/new-twitter-logo-x-2023-twitter-x-logo-vector_972667-597.jpg
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
80ef54ce02085ba4789733fed67963932a193a9aa75fdc121d3bbd5558fed0c2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
x-check-cacheable
YES
last-modified
Thu, 21 Sep 2023 17:32:30 GMT
x-serial
1148
mpulse_cdn_cache
HIT
etag
"43a1b9a29a8a91034a970f00666d2acb"
content-type
image/avif
cache-control
private, no-transform, max-age=604800
mpulse_origin_time
0
x-robots-tag
noimageai
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6907
expires
Sat, 15 Jun 2024 06:19:48 GMT
insta.jpg
www.mardomreport.net/imag/
8 KB
8 KB
Image
General
Full URL
https://www.mardomreport.net/imag/insta.jpg
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
3d0034406baf6918f9bd00dc56c5c1b3c9cc50e679204655665559f250c53313
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:47 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Mon, 26 Aug 2019 21:47:31 GMT
server
nginx
etag
"bd80111-1f6b-5910c1a5e1956"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15030
accept-ranges
bytes
content-length
8043
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
t_logo.png
www.mardomreport.net/imag/
12 KB
12 KB
Image
General
Full URL
https://www.mardomreport.net/imag/t_logo.png
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
ef4b2712e4f7d504a3c6e2c9adce922a0f2d855496333811433fcc1984332007
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:47 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Thu, 29 Aug 2019 21:02:29 GMT
server
nginx
etag
"bd80104-306f-59147d2d281f7"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15030
accept-ranges
bytes
content-length
12399
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa1218b1c24dd8e8fc82686fde73b72abdab-prod.js
solarislabyrinth.com/files/
67 KB
24 KB
Script
General
Full URL
https://solarislabyrinth.com/files/fa1218b1c24dd8e8fc82686fde73b72abdab-prod.js
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8bf1ee205f2b0d3ff8209f2fc9ebee64cd1a626126914f0c868905ba086818
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
content-encoding
zstd
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1299687404
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
etag
"cdcf4f07b06181ae2b9f72a8625dcd1b2e616fcf691152d1f016773b89201c17"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-xmqk
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
8906c5ba387bbbc3-WAW
choice.js
cmp.quantcast.com/choice/JTN2gh1hH43hP/www.mardomreport.net/
0
326 B
Script
General
Full URL
https://cmp.quantcast.com/choice/JTN2gh1hH43hP/www.mardomreport.net/choice.js?tag_version=V2
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-18.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:47 GMT
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
MUC50-P3
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Miss from cloudfront
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
eYJFlRl81wfzv_kXKhi-ECrEH7ZRewQmhGzbKpZMZj2kPvofoq6sgg==
hqdefault.jpg
i.ytimg.com/vi/TryIMkSC83s/
32 KB
32 KB
Image
General
Full URL
https://i.ytimg.com/vi/TryIMkSC83s/hqdefault.jpg
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ebb8037de0b5471845e3a3c7a352d693e6566c2fea19cc1c650204de45cf09f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:16:29 GMT
x-content-type-options
nosniff
age
199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32627
x-xss-protection
0
server
sffe
etag
"1717787139"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 08 Jun 2024 06:21:29 GMT
img.fetch
udmserve.net/udm/
649 B
853 B
Script
General
Full URL
https://udmserve.net/udm/img.fetch?sid=19129;tid=1;dt=6;
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
3ec9bf777bb1e2cac1636b9a047d2576b6bb392eaea450a0e6e8435f385f20f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date
Sat, 08 Jun 2024 06:19:48 GMT
Connection
Keep-Alive
Content-Length
649
Content-Type
application/x-javascript
js15_as.js
www.mardomreport.net/s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://www.mardomreport.net/s10.histats.com/js15_as.js
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:47 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-sucuri-cache
HIT
content-length
4354
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2019 21:30:13 GMT
server
nginx
etag
"bd8012b-2c2a-59148360a1f3f-br"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
15030
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
quant.js
secure.quantserve.com/
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 15 Jun 2024 06:19:48 GMT
0.php
s4.histats.com/stats/
52 B
186 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4302537&@f16&@g1&@h1&@i1&@j1717827588177&@k0&@l1&@m2024%C2%A9%20MardomReport.net%20-%20Links%20to%20news%20sources%20about%20Iran&@n0&@o1000&@q0&@r0&@s511&@tde-DE&@u1600&@b1:186125083&@b3:1717827588&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.mardomreport.net%2F&@w
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
5db2fd61b686b66262a53974fdeb625766f9a16beeec9afadcabdc4a9df9d5fa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 06:19:48 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
cc_511.js
s10.histats.com/counters/
15 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_511.js
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
24763
etag
"1364484781"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8906c5bac858bb50-FRA
content-length
6278
rules-p-JTN2gh1hH43hP.js
rules.quantcount.com/
160 B
643 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-JTN2gh1hH43hP.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62e9c40fcc7ad199449645f0707b10d4d7c7593ca4fec67846607550c1d4b740

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:02:03 GMT
via
1.1 62be04c57195b92a15c9e33c0bb32906.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Wed, 22 Mar 2023 23:41:20 GMT
server
AmazonS3
etag
"dd41e421ca71c029cedb74ada08dccac"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
lQZt_87-50DBbXwwELk2KQRwWGb_YmBpkNnI0nu7uAuFNxgkYQhI7g==
js
www.googletagmanager.com/gtag/
253 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1GDBNRZZN6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37380840-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f5a2f3411a1e8e661ead412f358806b6700ddd012d3cb8468c085fbbb983332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91370
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 08 Jun 2024 06:19:48 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
482 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?ab=1&zoneid=5060489_advertisement_
Requested by
Host: www.mardomreport.net
URL: https://www.mardomreport.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 01:29:51 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
276598
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
HDQislV4Qt62Eq3B56TrGNdQOjSJ7LtWJP29KLs4Sa2RpZcKN180Jw==
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9752eb218010842a84b880aee5997839757104f3a48f1105873f576276df1f2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.google-analytics.com/g/
0
249 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1GDBNRZZN6&gtm=45je4650v9119037204za200&_p=1717827588102&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=995242339.1717827588&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1717827588&sct=1&seg=0&dl=https%3A%2F%2Fwww.mardomreport.net%2F&dt=2024%C2%A9%20MardomReport.net%20-%20Links%20to%20news%20sources%20about%20Iran&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=937
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GDBNRZZN6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 06:19:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mardomreport.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e197772d16367af76d8fcc8d14ce45ff8c4300d2a600eb76c2aa
solarislabyrinth.com/create/
303 B
722 B
Fetch
General
Full URL
https://solarislabyrinth.com/create/e197772d16367af76d8fcc8d14ce45ff8c4300d2a600eb76c2aa
Requested by
Host: solarislabyrinth.com
URL: https://solarislabyrinth.com/files/fa1218b1c24dd8e8fc82686fde73b72abdab-prod.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fec178f76c15ed3a461033f5895696dcf85b5ed84b5aaeca38397f80a868298
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1299687404
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mardomreport.net
x-hostname
fen-hoothoot-europe-west1-xmqk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8906c5bd4ec8b5f4-WAW
expires
Sat, 08 Jun 2024 06:19:47 GMT
favicon.ico
www.mardomreport.net/
2 KB
941 B
Other
General
Full URL
https://www.mardomreport.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.80 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10080.sucuri.net
Software
nginx /
Resource Hash
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 06:19:48 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
x-sucuri-cache
HIT
x-sucuri-id
15030
content-length
703
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37380840-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 08 Jun 2024 04:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6641
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 08 Jun 2024 06:29:08 GMT
collect
www.google-analytics.com/j/
1 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=395329854&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mardomreport.net%2F&ul=de-de&de=UTF-8&dt=2024%C2%A9%20MardomReport.net%20-%20Links%20to%20news%20sources%20about%20Iran&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1030204611&gjid=62590035&cid=995242339.1717827588&tid=UA-37380840-1&_gid=1161777369.1717827589&_r=1&gtm=457e4650za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_exp=0&jsscut=1&npa=1&z=792101533
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.mardomreport.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 06:19:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mardomreport.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| admiral object| googletag function| gtag object| dataLayer function| __tcfapi function| __uspapi number| timer function| autoRefresh object| _Hasync object| _qevents function| chfh function| chfh2 string| _HST_cntval object| Histats function| quantserve function| __qc object| ezt object| _qoptions object| google_tag_manager object| google_tag_data boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_511 function| histats_canvascounters_base.js function| 4dm1r11545242527 object| gaGlobal object| _HistatsCounterGraphics_511_setValues object| events undefined| timeout function| callback function| init function| remove string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

12 Cookies

Domain/Path Name / Value
www.mardomreport.net/ Name: HstCfa4302537
Value: 1717827588177
www.mardomreport.net/ Name: HstCla4302537
Value: 1717827588177
www.mardomreport.net/ Name: HstCmu4302537
Value: 1717827588177
www.mardomreport.net/ Name: HstPn4302537
Value: 1
www.mardomreport.net/ Name: HstPt4302537
Value: 1
www.mardomreport.net/ Name: HstCnv4302537
Value: 1
www.mardomreport.net/ Name: HstCns4302537
Value: 1
.mardomreport.net/ Name: _ga_1GDBNRZZN6
Value: GS1.1.1717827588.1.0.1717827588.0.0.0
.mardomreport.net/ Name: _awl
Value: 2.1717827588.5-8efda30d1e5a73a43963a858bf0c6eee-6763652d6575726f70652d7765737431-0
.mardomreport.net/ Name: _ga
Value: GA1.2.995242339.1717827588
.mardomreport.net/ Name: _gid
Value: GA1.2.1161777369.1717827589
.mardomreport.net/ Name: _gat_gtag_UA_37380840_1
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.mardomreport.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmp.quantcast.com
i.ytimg.com
img.freepik.com
region1.google-analytics.com
rules.quantcount.com
s10.histats.com
s4.histats.com
secure.quantserve.com
solarislabyrinth.com
static.adsafeprotected.com
udmserve.net
www.google-analytics.com
www.googletagmanager.com
www.mardomreport.net
104.18.24.111
158.69.254.144
18.173.154.18
192.124.249.80
2001:4860:4802:34::36
2600:9000:20ae:6000:6:44e3:f8c0:93a1
2600:9000:26da:b200:8:48e:53c0:93a1
2606:4700:10::6814:1347
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:810::2016
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a02:26f0:3500:11::215:14ca
68.71.249.118
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
0fadf81ca2e206127162d8a63af26deb70022fbb89c34beb0f627d8d66cd3b27
1f5a2f3411a1e8e661ead412f358806b6700ddd012d3cb8468c085fbbb983332
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
2e972bfcce6508d35368a73c264f70ef070b89a9797cf33a9e16dd96c7d8907e
3d0034406baf6918f9bd00dc56c5c1b3c9cc50e679204655665559f250c53313
3ec9bf777bb1e2cac1636b9a047d2576b6bb392eaea450a0e6e8435f385f20f7
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4ebb8037de0b5471845e3a3c7a352d693e6566c2fea19cc1c650204de45cf09f
5db2fd61b686b66262a53974fdeb625766f9a16beeec9afadcabdc4a9df9d5fa
62e9c40fcc7ad199449645f0707b10d4d7c7593ca4fec67846607550c1d4b740
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80ef54ce02085ba4789733fed67963932a193a9aa75fdc121d3bbd5558fed0c2
8fec178f76c15ed3a461033f5895696dcf85b5ed84b5aaeca38397f80a868298
a33644b1b177c0af6b1ef54f3ece8be61a15a760d7de049087931b5bc3b8a383
ab8bf1ee205f2b0d3ff8209f2fc9ebee64cd1a626126914f0c868905ba086818
bbec61b6c0365d1220560c05f7d2a1c1d3dad61d0f0b979b5d10821991009d73
c9752eb218010842a84b880aee5997839757104f3a48f1105873f576276df1f2
ca25ae43ad5cad575dbf41db917ea8fd8d3ff4c31744eaad2e51c384e70de52f
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef4b2712e4f7d504a3c6e2c9adce922a0f2d855496333811433fcc1984332007