lahzenegar.com Open in urlscan Pro
185.143.233.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lahzenegar.com/danooosh/playful
Submission: On August 17 via manual (August 17th 2022, 4:35:00 pm UTC) from IR — Scanned from DE

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 13 domains to perform 51 HTTP transactions. The main IP is 185.143.233.77, located in Iran, Islamic Republic Of and belongs to ABRARVAN-AS AbrArvan CDN and IaaS, IR. The main domain is lahzenegar.com.
TLS certificate: Issued by R3 on June 19th 2022. Valid for: 3 months.

This is the only time lahzenegar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.143.233.77 185.143.233.77	202468 (ABRARVAN-...) (ABRARVAN-AS AbrArvan CDN and IaaS)
12	185.143.233.23 185.143.233.23	202468 (ABRARVAN-...) (ABRARVAN-AS AbrArvan CDN and IaaS)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:1d5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.24 13.32.121.24	16509 (AMAZON-02) (AMAZON-02)
1	45.94.254.25 45.94.254.25	48551 (SINDAD) (SINDAD)
5	188.114.96.12 188.114.96.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	3.214.50.25 3.214.50.25	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.76.37.156 54.76.37.156	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::ac43:dbca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.94.255.10 45.94.255.10	48551 (SINDAD) (SINDAD)
4	45.94.255.25 45.94.255.25	48551 (SINDAD) (SINDAD)
51	22

2 185.143.233.77 (Iran, Islamic Republic Of)

ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR)

lahzenegar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.lahzenegar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.143.233.23 (Iran, Islamic Republic Of)

ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR)

assets.lahzecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1d5b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-24.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.94.254.25 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.org

s1.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ua.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.50.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-50-25.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

audience.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.37.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-37-156.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:dbca (United States)

ASN13335 (CLOUDFLARENET, US)

ma-cdn.pegah.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.94.255.10 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.cloud

mediacdn.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.94.255.25 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.cloud

api.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	lahzecdn.com assets.lahzecdn.com	1 MB
6	yektanet.com cdn.yektanet.com — Cisco Umbrella Rank: 32174 audience.yektanet.com — Cisco Umbrella Rank: 33955 ua.yektanet.com — Cisco Umbrella Rank: 33309	28 KB
6	mediaad.org s1.mediaad.org — Cisco Umbrella Rank: 67806 mediacdn.mediaad.org — Cisco Umbrella Rank: 36351 api.mediaad.org — Cisco Umbrella Rank: 53218	7 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 20712	144 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 853 vars.hotjar.com — Cisco Umbrella Rank: 858 in.hotjar.com — Cisco Umbrella Rank: 1567	69 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	21 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6076	608 B
2	google.com www.google.com — Cisco Umbrella Rank: 9	608 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108	511 B
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2976 heapanalytics.com — Cisco Umbrella Rank: 2533	43 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	134 KB
2	lahzenegar.com lahzenegar.com api.lahzenegar.com	4 KB
1	pegah.tech ma-cdn.pegah.tech — Cisco Umbrella Rank: 71768	1 KB
51	13

	Domain	Requested by
12	assets.lahzecdn.com	lahzenegar.com assets.lahzecdn.com
6	client.crisp.chat	assets.lahzecdn.com client.crisp.chat
4	api.mediaad.org	s1.mediaad.org
3	ua.yektanet.com	cdn.yektanet.com ua.yektanet.com
3	www.google-analytics.com	assets.lahzecdn.com www.google-analytics.com
2	www.google.de	lahzenegar.com
2	www.google.com	lahzenegar.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	cdn.yektanet.com	lahzenegar.com cdn.yektanet.com
2	www.googletagmanager.com	lahzenegar.com www.googletagmanager.com
1	mediacdn.mediaad.org	s1.mediaad.org
1	ma-cdn.pegah.tech	s1.mediaad.org
1	in.hotjar.com	script.hotjar.com
1	audience.yektanet.com	cdn.yektanet.com
1	vars.hotjar.com	static.hotjar.com
1	heapanalytics.com	lahzenegar.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	s1.mediaad.org	www.googletagmanager.com
1	cdn.heapanalytics.com	lahzenegar.com
1	api.lahzenegar.com	assets.lahzecdn.com
1	lahzenegar.com
51	23

This site contains no links.

Subject Issuer	Validity	Valid
*.crm.lahzenegar.com R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.arvan2.lahzecdn.com R3	`2022-06-11` - `2022-09-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
*.mediaad.org R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
mediaad.org R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://lahzenegar.com/danooosh/playful
Frame ID: 32C627CBD286F6D7495104B00E927323
Requests: 46 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 78ECB76053EC809E993A3A98D3DC452A
Requests: 1 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: D099F9A5215C8424D2B86C547A0067F3
Requests: 2 HTTP requests in this frame

Frame: https://mediacdn.mediaad.org/static/fingerprint.html
Frame ID: EB85E1E44F03D1976FB4ADE610B4CFA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

کلاس بازی محور - دانوش در لحظه نگار

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

51
Requests

100 %
HTTPS

38 %
IPv6

13
Domains

23
Subdomains

22
IPs

6
Countries

1510 kB
Transfer

5534 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request playful Show response
lahzenegar.com/danooosh/ 8 KB
3 KB 483ms
419ms Document
text/html 185.143.233.77
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.77 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.2.33

Resource Hash

89eeec178ac613c66a5c8a62ac975891542155f9a6567c26205cdb4e1e48e812

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

ar-atime: 0.399
ar-cache: BYPASS
ar-poweredby: Arvan Cloud (arvancloud.com)
ar-request-id: 8086064efc1292e9867a19e07a25a560
ar-sid: 6150
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 17 Aug 2022 16:34:55 GMT
server: ArvanCloud
vary: Accept-Encoding Accept-Encoding
x-powered-by: PHP/7.2.33
x-request-id: 8e05b04f39e7c5e10cb3aae810301647
x-xss-protection: 1; mode=block

GET
H2 200 lzn.4bcfde08.css
assets.lahzecdn.com/static/web/build/ 340 KB
62 KB 128ms
34ms Stylesheet
text/css 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.lahzecdn.com/static/web/build/lzn.4bcfde08.css

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

71977055d53b2c91e2cad691d1bd5ec58b050a2fc4c6234d62f4022bc09a42ef

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
ar-request-id: 499b78d25dc8c83325add35b74707e15
ar-atime: 0.001
ar-cache: HIT
x-cache-status: MISS
ar-sid: 6150
access-control-expose-headers: Server,Content-Length,Content-Range,Date
x-xss-protection: 1; mode=block
x-request-id: f12b5dd03afecae67744101f747d6dbb
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Fri, 12 Aug 2022 10:18:44 GMT

GET
H2 200 manifest.13acd7e1.js Show response
assets.lahzecdn.com/static/web/build/ 1 KB
1 KB 160ms
66ms Script
application/javascript 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.lahzecdn.com/static/web/build/manifest.13acd7e1.js

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fcd45b16c3acbec2c918966d6bce227d8794d0361ba35fd63b63730d26114758

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
ar-request-id: 019577ed028db6f506b77a5920db572a
x-original-content-length: 1740
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
ar-atime: 0.007
access-control-expose-headers: Server,Content-Length,Content-Range,Date
x-xss-protection: 1; mode=block
x-request-id: 451fcb3606b0e5f5b7e551c6c3b07089
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-server-id: b867be9da7d1
cache-control: max-age=864000
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Tue, 23 Aug 2022 06:09:25 GMT

GET
H2 200 vendor.bbf84cd5.js Show response
assets.lahzecdn.com/static/web/build/ 2 MB
562 KB 163ms
70ms Script
application/javascript 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.lahzecdn.com/static/web/build/vendor.bbf84cd5.js

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

670af0dfbfb485576d445e136300ce09854d4494181b948454ce363a3e9a56f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
ar-request-id: b6f991c9ffc6df49a0c9a743f7489a5d
ar-atime: 0.006
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
access-control-expose-headers: Server,Content-Length,Content-Range,Date
x-xss-protection: 1; mode=block
x-request-id: 8a5369a4c74cd776b829e1c6c78cb514
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Thu, 25 Aug 2022 18:43:41 GMT

GET
H2 200 lzn.4b1e103a.js Show response
assets.lahzecdn.com/static/web/build/ 1 MB
308 KB 198ms
105ms Script
application/javascript 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.lahzecdn.com/static/web/build/lzn.4b1e103a.js

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

b42e1cb667c8011b983510b4ae14ec65edd9b1ae119f6aea74caabb63e27220b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
ar-request-id: 1ec7763fc93890f9a45e3c60ec75c6dd
x-original-content-length: 1529796
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
ar-atime: 0.006
access-control-expose-headers: Server,Content-Length,Content-Range,Date
x-xss-protection: 1; mode=block
x-request-id: 8e5af6c75fd41f24eee5838c771ef0aa
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Sat, 27 Aug 2022 09:27:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
64 KB 93ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2QT2TW

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f57ae8649b036fc5f335d369caa44ebd3261326e4e6dc8cf3388cb1027d2b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64777
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 16:08:27 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 16:34:55 GMT

GET
H2 200 56dbf1c2a4a63aec2fc6d5adb784b035.woff
assets.lahzecdn.com/static/web/build/ 39 KB
39 KB 90ms
28ms Font
application/font-woff 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.lahzecdn.com/static/web/build/56dbf1c2a4a63aec2fc6d5adb784b035.woff

Requested by

Host: assets.lahzecdn.com
URL: https://assets.lahzecdn.com/static/web/build/lzn.4bcfde08.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

300b12b392945db198939b3312612081f9aea903f658aa0033186b9680edf465

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.lahzecdn.com/static/web/build/lzn.4bcfde08.css
Origin: https://lahzenegar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: e8c4e2d9dad63b12e66ea414a57f6ce4
ar-atime: 0.000
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 39424
x-xss-protection: 1; mode=block
x-request-id: e31841b916e6d413bc9fffe80381913c
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Tue, 09 Aug 2022 16:10:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.lahzecdn.com
URL: https://assets.lahzecdn.com/static/web/build/vendor.bbf84cd5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5575
date: Wed, 17 Aug 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Aug 2022 17:02:00 GMT

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 90ms
33ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: assets.lahzecdn.com
URL: https://assets.lahzecdn.com/static/web/build/lzn.4b1e103a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

606544e1a9799b24a9adb613926b64f4d8e6a920c46c8453dcafbbf5f3aa7524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6981
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Mar 2022 13:16:27 GMT
server: cloudflare
etag: W/"622f402b-1f63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 73c3d1ea2ed89bd7-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 18 Aug 2022 16:34:55 GMT

GET
H2 200 current Show response
api.lahzenegar.com/v3/events/$w9tpp/viewers/ 2 KB
1 KB 495ms
402ms XHR
application/json 185.143.233.77
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lahzenegar.com/v3/events/$w9tpp/viewers/current

Requested by

Host: assets.lahzecdn.com
URL: https://assets.lahzecdn.com/static/web/build/vendor.bbf84cd5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.77 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud / Lahzenegar

Resource Hash

7a61583fc49e35db129e70bcc1fbd18291a9502f61fc12696862e1b43242250e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: gzip
ar-request-id: 299c658244acc1797a54fd1a276e2065
ar-atime: 0.379
ar-cache: BYPASS
x-powered-by: Lahzenegar
ar-sid: 6150
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: e60b97bcf7180f163cabecbf81301a0a
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Api-Key, Device-ID

GET
H2 200 e643ab3d5dbcdad1a36c9e282650c5c7.png
assets.lahzecdn.com/static/web/build/ 9 KB
9 KB 21ms
20ms Image
image/webp 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lahzecdn.com/static/web/build/e643ab3d5dbcdad1a36c9e282650c5c7.png

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

b6c922c8a6c36e4bba674bf8634414d607cc9897834a1307b258826ac0c84b3f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: b90d200171be2e4f4463d8777ba7d7dc
x-original-content-length: 29651
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
ar-atime: 0.000
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 8824
x-xss-protection: 1; mode=block
x-request-id: bcd4cf7d289935b7e356cd9de39328b3
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-server-id: b867be9da7d1
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Thu, 04 Aug 2022 05:28:35 GMT

GET
H2 200 0d8655ced69c4d52592306e4d2190923.png
assets.lahzecdn.com/static/web/build/ 10 KB
11 KB 21ms
21ms Image
image/webp 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lahzecdn.com/static/web/build/0d8655ced69c4d52592306e4d2190923.png

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

ff9d3969339ffc64a139ab2ced756a691f7dd5d47d4bad519d2939c86cd42c13

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: 6973ffca1e4d032b627c86909f0030e0
x-original-content-length: 14629
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
ar-atime: 0.000
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 10522
x-xss-protection: 1; mode=block
x-request-id: bcef2442075140b740dfe56cc5466d26
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-server-id: b867be9da7d1
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Tue, 23 Aug 2022 06:11:43 GMT

GET
H2 200 93fceeed50792665866b64ecf3d055bd.png
assets.lahzecdn.com/static/web/build/ 12 KB
12 KB 22ms
21ms Image
image/png 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lahzecdn.com/static/web/build/93fceeed50792665866b64ecf3d055bd.png

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

613cbe7c986b4f5db084bbedb4aec09a36743baa36a58a2b94deeac22a69e806

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: 7c10596d2917d87f724fa43148966a76
ar-atime: 0.000
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 12078
x-xss-protection: 1; mode=block
x-request-id: a01b1dfb5d6e9f46c937cbaff9d43f48
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Thu, 04 Aug 2022 05:28:37 GMT

GET
H2 200 3b767fe901090248b4a5c850b932d2fe.png
assets.lahzecdn.com/static/web/build/ 9 KB
9 KB 22ms
21ms Image
image/webp 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lahzecdn.com/static/web/build/3b767fe901090248b4a5c850b932d2fe.png

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

43acff3b3e424fb632733c28e2e818bd681d4881160331d000cb863a18c7567d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: 446f36cf52cadc08f5b36320ded4a3bc
x-original-content-length: 12161
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
ar-atime: 0.000
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 8724
x-xss-protection: 1; mode=block
x-request-id: 0236413c33f14ae36998cda0d55836b0
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Thu, 25 Aug 2022 18:43:43 GMT

GET
H2 200 6eeba4c7ec28467eb776ef6ef4dc9486.png
assets.lahzecdn.com/static/web/build/ 2 KB
3 KB 21ms
21ms Image
image/webp 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lahzecdn.com/static/web/build/6eeba4c7ec28467eb776ef6ef4dc9486.png

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

820c5e6ef4379642d510babce86d737f86241ba68f1a34c7eff15e2b575a55c1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: 76222cf691638242ab6a889a13172457
x-original-content-length: 3711
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
ar-atime: 0.000
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 2074
x-xss-protection: 1; mode=block
x-request-id: 19112392efe46ad294ff7d4012b975de
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Thu, 25 Aug 2022 10:24:03 GMT

GET
H2 200 17a0dc8d8981360c039010839ac5b7e3.png
assets.lahzecdn.com/static/web/build/ 1 KB
2 KB 21ms
21ms Image
image/webp 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lahzecdn.com/static/web/build/17a0dc8d8981360c039010839ac5b7e3.png

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

db610917037de9dfbaf5a6713283b1e34439738be482974267b59adeab375879

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: 5a5b548f0e5bfc667ef0ce8e070a037f
x-original-content-length: 4778
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
ar-atime: 0.000
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 1516
x-xss-protection: 1; mode=block
x-request-id: 36e647c31d83f14f387e029f1a2ace4d
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-server-id: b867be9da7d1
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Tue, 23 Aug 2022 06:11:43 GMT

GET
H2 200 41f17f9c742242ec3114a8cec4f2871e.woff
assets.lahzecdn.com/static/web/build/ 39 KB
39 KB 25ms
24ms Font
application/font-woff 185.143.233.23
ABRARVAN-AS AbrAr...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.lahzecdn.com/static/web/build/41f17f9c742242ec3114a8cec4f2871e.woff

Requested by

Host: assets.lahzecdn.com
URL: https://assets.lahzecdn.com/static/web/build/lzn.4bcfde08.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.23 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

f48e671bbcda9dd6dfdaadcb3dd498cd96955f66bfe13b25ea94a497848670e8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.lahzecdn.com/static/web/build/lzn.4bcfde08.css
Origin: https://lahzenegar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
ar-request-id: 8e429fff42a14bfb14cf7595e65b7d53
ar-atime: 0.000
ar-cache: HIT
x-cache-status: HIT
ar-sid: 6150
access-control-expose-headers: Server,Content-Length,Content-Range,Date
content-length: 39880
x-xss-protection: 1; mode=block
x-request-id: 87d32adf1ac25f627b0e8dc7e71a8da9
ar-poweredby: Arvan Cloud (arvancloud.com)
server: ArvanCloud
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
x-server-id: 4deff4776e1b
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: Origin,Range,Accept-Encoding,Referer,Cache-Control
expires: Tue, 09 Aug 2022 16:10:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WBHMJN2K91&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2QT2TW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bf8fb076eea2cb6c3dd5d4aa8054e385f288f94038c0642841ae174b056dd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72134
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:34:55 GMT

GET
H2 200 heap-2976400810.js Show response
cdn.heapanalytics.com/js/ 109 KB
43 KB 87ms
30ms Script
application/javascript 13.32.121.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2976400810.js

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-24.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

89283459b0da2b66a5e41de4886e38d669b541dc15f0750bdb695daae734d5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:01 GMT
content-encoding: gzip
server: nginx
age: 53
etag: W/"1b323-PkdaFUMRDk1cC0Ahp9J7Zw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: o-LkwJDhMXI1YA3bVJYI0oj0hf5jXDWZDHl7LN0wTvqdrkX-x1Ig_g==

GET
H2 200 retargeting.js Show response
s1.mediaad.org/serve/28926/ 11 KB
4 KB 364ms
117ms Script
application/javascript 45.94.254.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.mediaad.org/serve/28926/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2QT2TW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.94.254.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS: host.sindad.org
Software: /
Resource Hash: 7cc85e5bf0f5c3809a7234c63c8baf455e3bf604f37a27803c43fd633b4f8fe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300, max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 rg.complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v3/bji7AWxo/ 31 KB
11 KB 223ms
156ms Script
application/javascript 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/bji7AWxo/rg.complete.js?v=202207017016
Requested by: Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291fad639356d67d1ba0b9061e12680f8dc256bf7710716332e6b429171b2d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 31 Jul 2022 16:27:46 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"96490fba92e1649bc31be6ffe4e1f91b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBx9Ukz1B%2BukmrYi7jYq4iUiIjp63zhD%2B3xYcSBCXG8x7zsWCx16bJ%2FFKhfpSkahnqeVGFJjyLlopow2%2FHQe7iBxsK5MOtDxqb%2F6%2Bx2lUkEZ8pA8Sya8b6Fh4C%2FzQyXmRSXg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
cf-ray: 73c3d1ebcf5a9271-FRA

GET
H2 200 hotjar-559987.js Show response
static.hotjar.com/c/ 6 KB
3 KB 103ms
55ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-559987.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2QT2TW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

cee79110cf3ac5753f510d1ddc79723ec4f7da914639ef50fad64617ca48a0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache-hit: 1
date: Wed, 17 Aug 2022 16:34:55 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-amz-cf-id: LlMTNHMHtfwuzozi8s97R2qbqmimIhSyQ_eG_UjG-Lc_simoDyUt1A==
etag: W/60cf12d82f40c15124e200825fa2b7f3

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 379 KB
95 KB 48ms
48ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?77e826c

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a586d884a1d5413849783bea66cb216710fa58ff31bc5bdcb224ee2badae3307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6981
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
server: cloudflare
etag: W/"62a737a2-5ec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 73c3d1eb690e9bd7-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 14 Aug 2032 16:34:55 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 327 KB
40 KB 41ms
41ms Stylesheet
text/css 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?77e826c

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c61bb6004fddf317317d374c110f542c304111ce52b5f4603cc13b04ed0704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6981
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 14:37:14 GMT
server: cloudflare
etag: W/"62e9369a-51a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 73c3d1eb69119bd7-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 14 Aug 2032 16:34:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 30ms
30ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1050366213&t=pageview&_s=1&dl=https%3A%2F%2Flahzenegar.com%2Fdanooosh%2Fplayful&dp=%2Fdanooosh%2Fplayful&ul=en-us&de=UTF-8&dt=%D9%84%D8%AD%D8%B8%D9%87%20%D9%86%DA%AF%D8%A7%D8%B1%20-%20%D8%AF%D8%B1%20%D8%AD%D8%A7%D9%84%20%D8%AF%D8%B1%DB%8C%D8%A7%D9%81%D8%AA%20...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=2094612939&gjid=679679445&cid=296885222.1660754096&tid=UA-67004145-1&_gid=769798509.1660754096&_r=1&_slc=1&z=1209833508

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lahzenegar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 32ms
32ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1050366213&t=pageview&_s=1&dl=https%3A%2F%2Flahzenegar.com%2Fdanooosh%2Fplayful&ul=en-us&de=UTF-8&dt=%D9%84%D8%AD%D8%B8%D9%87%20%D9%86%DA%AF%D8%A7%D8%B1%20-%20%D8%AF%D8%B1%20%D8%AD%D8%A7%D9%84%20%D8%AF%D8%B1%DB%8C%D8%A7%D9%81%D8%AA%20...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=2112727151&gjid=2073419634&cid=296885222.1660754096&tid=UA-67004145-1&_gid=769798509.1660754096&_r=1&gtm=2wg8f0K2QT2TW&z=614121075

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lahzenegar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 89ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67004145-1&cid=296885222.1660754096&jid=2094612939&gjid=679679445&_gid=769798509.1660754096&_u=YEDAAEAAAAAAAC~&z=2048222044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Aug 2022 16:34:56 GMT
content-type: text/plain
access-control-allow-origin: https://lahzenegar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 81ms
30ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67004145-1&cid=296885222.1660754096&jid=2112727151&gjid=2073419634&_gid=769798509.1660754096&_u=YEDAAEABAAAAAC~&z=1004746875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Aug 2022 16:34:56 GMT
content-type: text/plain
access-control-allow-origin: https://lahzenegar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
337 B 95ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WBHMJN2K91&gtm=2oe8f0&_p=1050366213&cid=296885222.1660754096&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660754095&sct=1&seg=0&dl=https%3A%2F%2Flahzenegar.com%2Fdanooosh%2Fplayful&dt=%D9%84%D8%AD%D8%B8%D9%87%20%D9%86%DA%AF%D8%A7%D8%B1%20-%20%D8%AF%D8%B1%20%D8%AD%D8%A7%D9%84%20%D8%AF%D8%B1%DB%8C%D8%A7%D9%81%D8%AA%20...&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WBHMJN2K91&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lahzenegar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/bfc745c2-9fe6-485c-98f8-d934ee1d1675/prelude/ 212 B
625 B 53ms
53ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/bfc745c2-9fe6-485c-98f8-d934ee1d1675/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-7-17-16-34

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?77e826c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f183f0801873fb6803136523e10f363b51efdc37de33b976ff37a94083e3deb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 16:34:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 73c3d1ec0c1c9a1d-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 17 Aug 2022 20:34:56 GMT

GET
H2 200 modules.8b83be320cd47888a36c.js Show response
script.hotjar.com/ 249 KB
64 KB 67ms
23ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b83be320cd47888a36c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-559987.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 452450
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65169
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 10:53:25 GMT
etag: "aa31991b0402338880bb68565eec8d76"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: n0ETSS2IIEJlN48hHXzHIM-aCMDG-UCRisq05Vvm64oBjF8ykuPUdg==

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 359ms
108ms Image
image/gif 3.214.50.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2976400810&u=6157130002101236&v=3115334727590776&s=856731815737763&b=web&tv=4.0&z=0&h=%2Fdanooosh%2Fplayful&d=lahzenegar.com&t=%D9%84%D8%AD%D8%B8%D9%87%20%D9%86%DA%AF%D8%A7%D8%B1%20-%20%D8%AF%D8%B1%20%D8%AD%D8%A7%D9%84%20%D8%AF%D8%B1%DB%8C%D8%A7%D9%81%D8%AA%20...&ts=1660754096010&st=1660754096020

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.50.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-50-25.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:56 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 176ms
122ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67004145-1&cid=296885222.1660754096&jid=2094612939&_u=YEDAAEAAAAAAAC~&z=1069587930

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 173ms
120ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67004145-1&cid=296885222.1660754096&jid=2094612939&_u=YEDAAEAAAAAAAC~&z=1069587930

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 174ms
122ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67004145-1&cid=296885222.1660754096&jid=2112727151&_u=YEDAAEABAAAAAC~&z=670746831

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 176ms
123ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67004145-1&cid=296885222.1660754096&jid=2112727151&_u=YEDAAEABAAAAAC~&z=670746831

Requested by

Host: lahzenegar.com
URL: https://lahzenegar.com/danooosh/playful

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame 78EC 2 KB
1 KB 75ms
24ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-559987.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-84.fra60.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://lahzenegar.com/danooosh/playful
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3052910
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-id: UW0_gH3Tx5fe1RUdmGC0wCqaAHGRGLYm_sJROGdxVy1zX6IBLLfwsA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 fingerprint.js Show response
cdn.yektanet.com/fp/ 31 KB
13 KB 66ms
37ms Script
application/javascript 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yektanet.com/fp/fingerprint.js?v=umd
Requested by: Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/bji7AWxo/rg.complete.js?v=202207017016
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d032aaa41bb27a928e3043a104a1a1df88b1fe44ccf69d48fa1ed5f66c3774a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 07:37:10 GMT
server: cloudflare
age: 2176
etag: W/"62f36026-7c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AH4QivDDIU1KtESBEOFwRyEkTSbMyvyWhofIdBFNuM3dsyCb75J1%2Bx8HmEgncnClSahjqBKbsyJW7X2%2FJK8W9oee%2FN%2FtFKtgRuAWtzEFUAAOipOjX%2BIeUuUGsm7qcDirDi0o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73c3d1ed4ef59208-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
714 B 102ms
41ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=WvLSKROo
Requested by: Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/bji7AWxo/rg.complete.js?v=202207017016
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
access-control-allow-methods: GET, OPTIONS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0%2F5AapyHA3yidhB9Zx0ZygA6DpAW%2Bz2pZ7sJej2WAyD4f1riCvwUiuEuGrGcgUGLHlTaW5nVA63nusz%2FltRE64tlYbSz9A%2Brk5cF%2BfbjC7SjdBgkxiBGbj227NoQhmmmIPY2HGh1bM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://lahzenegar.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 73c3d1ed8c1e6922-FRA
access-control-allow-headers: Authorization
expires: 0

GET
H2 200 / Show response
ua.yektanet.com/cookie/iframe/ Frame D099 3 KB
1 KB 56ms
40ms Document
text/html 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.yektanet.com/cookie/iframe/
Requested by: Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/bji7AWxo/rg.complete.js?v=202207017016
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47dcd0765922a10bb0d997d4b853fb66c369a76bb0f091dd4167db2c84f62d2e

Request headers

Referer: https://lahzenegar.com/danooosh/playful
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 73c3d1ed58ce9271-FRA
content-encoding: br
content-type: text/html
date: Wed, 17 Aug 2022 16:34:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
last-modified: Wednesday, 17-Aug-2022 16:34:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVFUJ2rdVcGJHhxskEarsDo7gbzU0kBJm2JDAhkJ0Sh5lWdQ07swgeTTAw4VbxyRaQNLOZFEOpUK0wjyv5F4CXe%2FfVkfzQhoM4X1c9kSVY%2FbknfhaMYkJZOq5boxOia7418%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
599 B 65ms
50ms Ping
image/gif 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=f90c5de6-7e8f-482f-8c4c-c7a4525b7a7f&abj=1&aed=adv&abh=17063&ac=https%3A%2F%2Flahzenegar.com%2Fdanooosh%2Fplayful&ae=%7B%7D&ad=lahzenegar.com&as=%D9%84%D8%AD%D8%B8%D9%87%20%D9%86%DA%AF%D8%A7%D8%B1%20-%20%D8%AF%D8%B1%20%D8%AD%D8%A7%D9%84%20%D8%AF%D8%B1%DB%8C%D8%A7%D9%81%D8%AA%20...&aef=WvLSKROo&aec=28115&aaa=direct&aab=null&ai=8815f30c-cc08-6d77-60ea-09569e3705f3&abw=1600&abb=0&aby=1600&abz=1200&al=1600&am=1200&abk=
Requested by: Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/bji7AWxo/rg.complete.js?v=202207017016
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 16:34:56 GMT
cf-cache-status: DYNAMIC
last-modified: Wednesday, 17-Aug-2022 16:34:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG2MJO4%2BBzOdeIud2p332Dcr26GP8FEGByRIzIGuOtILrZJZkNSmDmwLlhP19q20iodukFdn1IzSGAToJajRUHlp0Qz613Qco%2BOSy8%2BUPu6Mvw3egJ823Jnr2X9eBcG5WDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 73c3d1ed58d09271-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
expires: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/559987/ 148 B
322 B 138ms
49ms XHR
application/json 54.76.37.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/559987/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8b83be320cd47888a36c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.37.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-37-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 47f866be06afeedbb11f7dafe75b1ddb58fd9e1f7219b95de1af57454d63230c

Request headers

Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 set Show response
ua.yektanet.com/cookie/ Frame D099 78 B
971 B 42ms
41ms XHR
application/json 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.yektanet.com/cookie/set
Requested by: Host: ua.yektanet.com
URL: https://ua.yektanet.com/cookie/iframe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9839ac954c30db55aa1e91d1ee64167d81d7bef3fd16f7d0b3b049361bd5ed5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ua.yektanet.com/cookie/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Wednesday, 17-Aug-2022 16:34:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At8kNCdd%2FpCbSoHma7zUG7N%2BZL1oWa8PemL%2BM%2BNLg9vq6FYLtyFGTV9herQj9d9nBE3S5KDK4EX2MKakzb2c4IsVWr1hfrvC0hu3FF2AI0agVdzZypwaSo3pms9wnEkt9S4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 73c3d1edaf6f9208-FRA
expires: 0

GET
H2 200 advertiser.json Show response
ma-cdn.pegah.tech/v1/retargeting/28926/ 309 B
1 KB 95ms
33ms XHR
application/json 2606:4700:3034::ac43:dbca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ma-cdn.pegah.tech/v1/retargeting/28926/advertiser.json

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/28926/retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:dbca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1ba1dcf2c50569e0bc8f7f8607b25caacb3e6a947348aa331a747226193884

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 16:33:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLgXU65%2Bkn4wwuIEyN8p0bG9CbM8dk9gr%2BsEbio6gDsGs%2BENWYEYqr%2F6b2kFFR93wfuA2sY84qxDxYi%2Bfc3Vh4g9eIGcZNOxg5HDRnabuGZiqL0BkWAwxZNe37dS4yDpB27cJEApY2lOdJt3uV4zWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=14400
access-control-allow-credentials: false
cf-ray: 73c3d1ee0a58913a-FRA
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 fingerprint.html Show response
mediacdn.mediaad.org/static/ Frame EB85 4 KB
2 KB 337ms
107ms Document
text/html 45.94.255.10
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://mediacdn.mediaad.org/static/fingerprint.html

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/28926/retargeting.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.94.255.10 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

nginx/1.17.6 /

Resource Hash

0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://lahzenegar.com/danooosh/playful
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 17 Aug 2022 16:34:56 GMT
expires: Thu, 18 Aug 2022 16:34:56 GMT
server: nginx/1.17.6
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

GET
H3 200 / Show response
client.crisp.chat/settings/website/bfc745c2-9fe6-485c-98f8-d934ee1d1675/ 2 KB
1 KB 33ms
33ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/bfc745c2-9fe6-485c-98f8-d934ee1d1675/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1659623766814

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?77e826c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

896c48d7e63f03a214d8788499cf9772f71b333635b951ccb99cedfbbcfa8943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2563
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 15:52:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 73c3d1ee7ff89a1d-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 17 Aug 2022 20:34:56 GMT

GET
H3 200 fa.js Show response
client.crisp.chat/static/javascripts/locales/ 8 KB
3 KB 40ms
40ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/fa.js?77e826c

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?77e826c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2116346ac7c641e5fcc957abf98eff2cdb17f1c03046d280df9c18e8af25cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lahzenegar.com/danooosh/playful
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6980
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
server: cloudflare
etag: W/"62a737a2-21ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 73c3d1eea8589a1d-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 14 Aug 2032 16:34:56 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 tag Show response
api.mediaad.org/v1/events/ 0
478 B 327ms
111ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=8fac7f1b-45c8-4532-bd54-b84b9cdd466d

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/28926/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 17 Aug 2022 16:34:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://lahzenegar.com
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 0
499 B 310ms
110ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/28926/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://lahzenegar.com/danooosh/playful
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 17 Aug 2022 16:34:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://lahzenegar.com
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

OPTIONS
H2 200 tag
api.mediaad.org/v1/events/ Frame 0
0 343ms
102ms Preflight 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=8fac7f1b-45c8-4532-bd54-b84b9cdd466d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lahzenegar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://lahzenegar.com
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 17 Aug 2022 16:34:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 359ms
119ms Preflight 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lahzenegar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://lahzenegar.com
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 17 Aug 2022 16:34:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lahzenegar.com/	1970-01-20 09:38:26	Name: fplzn Value: 86bab6b0-1e4a-11ed-9aef-73379dcf8dce
.lahzenegar.com/	1970-01-20 05:20:40	Name: _gid Value: GA1.2.769798509.1660754096
.lahzenegar.com/	1970-01-20 05:19:14	Name: _gat Value: 1
.lahzenegar.com/	1970-01-20 05:19:14	Name: _gat_UA-67004145-1 Value: 1
.lahzenegar.com/	1970-01-20 14:55:14	Name: _ga_WBHMJN2K91 Value: GS1.1.1660754095.1.0.1660754095.0.0.0
.lahzenegar.com/	1970-01-20 14:55:14	Name: _ga Value: GA1.1.296885222.1660754096
.lahzenegar.com/	1970-01-20 14:47:11	Name: _hp2_id.2976400810 Value: %7B%22userId%22%3A%226157130002101236%22%2C%22pageviewId%22%3A%223115334727590776%22%2C%22sessionId%22%3A%22856731815737763%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.lahzenegar.com/	1970-01-20 14:04:50	Name: analytics_campaign Value: {%22source%22:%22direct%22%2C%22medium%22:null}
lahzenegar.com/	1970-01-20 14:04:50	Name: analytics_token Value: 1ac4806c-180b-8711-b5ad-7d681f25180c
lahzenegar.com/	1970-01-20 05:19:15	Name: analytics_session_token Value: 8815f30c-cc08-6d77-60ea-09569e3705f3
lahzenegar.com/	1970-01-20 05:20:40	Name: yektanet_session_last_activity Value: 8/17/2022
lahzenegar.com/	1969-12-31 23:59:59	Name: _yngt_iframe Value: 1
.lahzenegar.com/	1970-01-20 14:04:50	Name: _hjSessionUser_559987 Value: eyJpZCI6IjY4YWRmNDA3LWQwYzctNWQ2OC05ZjNmLWUxMjM3MGI0MjczZCIsImNyZWF0ZWQiOjE2NjA3NTQwOTYxMzMsImV4aXN0aW5nIjpmYWxzZX0=
.lahzenegar.com/	1970-01-20 05:19:15	Name: _hjFirstSeen Value: 1
lahzenegar.com/	1970-01-20 05:19:14	Name: _hjIncludedInSessionSample Value: 0
.lahzenegar.com/	1970-01-20 05:19:15	Name: _hjSession_559987 Value: eyJpZCI6IjQyODcxYmI1LTI0YWItNGZhZi1iMTNhLTk3ZTNkMjU5NjIyNSIsImNyZWF0ZWQiOjE2NjA3NTQwOTYxODksImluU2FtcGxlIjpmYWxzZX0=
lahzenegar.com/	1970-01-20 05:19:14	Name: _hjIncludedInPageviewSample Value: 1
.lahzenegar.com/	1970-01-20 05:19:15	Name: _hjAbsoluteSessionInProgress Value: 0
.yektanet.com/	1970-01-20 14:55:14	Name: gearbox_ad_token Value: d7c3adde-e1b90-0fa19-93c6e-e8b9c9b736f9b
.yektanet.com/	1970-01-20 14:55:14	Name: analytics_global_token Value: d7c3adde-e1b90-0fa19-93c6e-e8b9c9b736f9b
.lahzenegar.com/	1970-01-20 09:42:02	Name: crisp-client%2Fsession%2Fbfc745c2-9fe6-485c-98f8-d934ee1d1675 Value: session_a193bdd7-c984-4fcc-a7ff-9fd6195c11da
lahzenegar.com/	1970-01-20 06:02:26	Name: _yngt Value: d7c3adde-e1b90-0fa19-93c6e-e8b9c9b736f9b
.lahzenegar.com/	1970-01-20 05:19:15	Name: _hp2_ses_props.2976400810 Value: %7B%22ts%22%3A1660754096010%2C%22d%22%3A%22lahzenegar.com%22%2C%22h%22%3A%22%2Fdanooosh%2Fplayful%22%7D
.mediaad.org/	1970-01-20 14:55:14	Name: USER_ID Value: 8fac7f1b-45c8-4532-bd54-b84b9cdd466d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lahzenegar.com
api.mediaad.org
assets.lahzecdn.com
audience.yektanet.com
cdn.heapanalytics.com
cdn.yektanet.com
client.crisp.chat
heapanalytics.com
in.hotjar.com
lahzenegar.com
ma-cdn.pegah.tech
mediacdn.mediaad.org
region1.google-analytics.com
s1.mediaad.org
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
ua.yektanet.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.121.24
18.66.139.84
18.66.97.10
185.143.233.23
185.143.233.77
188.114.96.12
188.114.96.3
2001:4860:4802:32::36
2606:4700:3034::ac43:dbca
2606:4700::6812:1d5b
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9d
3.214.50.25
45.94.254.25
45.94.255.10
45.94.255.25
52.222.236.74
54.76.37.156
0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd
1d032aaa41bb27a928e3043a104a1a1df88b1fe44ccf69d48fa1ed5f66c3774a
291fad639356d67d1ba0b9061e12680f8dc256bf7710716332e6b429171b2d16
2bf8fb076eea2cb6c3dd5d4aa8054e385f288f94038c0642841ae174b056dd9f
300b12b392945db198939b3312612081f9aea903f658aa0033186b9680edf465
3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010
43acff3b3e424fb632733c28e2e818bd681d4881160331d000cb863a18c7567d
47dcd0765922a10bb0d997d4b853fb66c369a76bb0f091dd4167db2c84f62d2e
47f866be06afeedbb11f7dafe75b1ddb58fd9e1f7219b95de1af57454d63230c
606544e1a9799b24a9adb613926b64f4d8e6a920c46c8453dcafbbf5f3aa7524
613cbe7c986b4f5db084bbedb4aec09a36743baa36a58a2b94deeac22a69e806
670af0dfbfb485576d445e136300ce09854d4494181b948454ce363a3e9a56f1
6f57ae8649b036fc5f335d369caa44ebd3261326e4e6dc8cf3388cb1027d2b64
71977055d53b2c91e2cad691d1bd5ec58b050a2fc4c6234d62f4022bc09a42ef
7a61583fc49e35db129e70bcc1fbd18291a9502f61fc12696862e1b43242250e
7cc85e5bf0f5c3809a7234c63c8baf455e3bf604f37a27803c43fd633b4f8fe6
820c5e6ef4379642d510babce86d737f86241ba68f1a34c7eff15e2b575a55c1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89283459b0da2b66a5e41de4886e38d669b541dc15f0750bdb695daae734d5a7
896c48d7e63f03a214d8788499cf9772f71b333635b951ccb99cedfbbcfa8943
89eeec178ac613c66a5c8a62ac975891542155f9a6567c26205cdb4e1e48e812
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
9839ac954c30db55aa1e91d1ee64167d81d7bef3fd16f7d0b3b049361bd5ed5f
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9e1ba1dcf2c50569e0bc8f7f8607b25caacb3e6a947348aa331a747226193884
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a586d884a1d5413849783bea66cb216710fa58ff31bc5bdcb224ee2badae3307
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e1cb667c8011b983510b4ae14ec65edd9b1ae119f6aea74caabb63e27220b
b6c922c8a6c36e4bba674bf8634414d607cc9897834a1307b258826ac0c84b3f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c9c61bb6004fddf317317d374c110f542c304111ce52b5f4603cc13b04ed0704
cee79110cf3ac5753f510d1ddc79723ec4f7da914639ef50fad64617ca48a0c4
db610917037de9dfbaf5a6713283b1e34439738be482974267b59adeab375879
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2116346ac7c641e5fcc957abf98eff2cdb17f1c03046d280df9c18e8af25cfb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f183f0801873fb6803136523e10f363b51efdc37de33b976ff37a94083e3deb2
f48e671bbcda9dd6dfdaadcb3dd498cd96955f66bfe13b25ea94a497848670e8
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcd45b16c3acbec2c918966d6bce227d8794d0361ba35fd63b63730d26114758
ff9d3969339ffc64a139ab2ced756a691f7dd5d47d4bad519d2939c86cd42c13

lahzenegar.com Open in urlscan Pro 185.143.233.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

38 %IPv6

13 Domains

23 Subdomains

22 IPs

6 Countries

1510 kBTransfer

5534 kBSize

24 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lahzenegar.com Open in urlscan Pro
185.143.233.77 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

38 %
IPv6

13
Domains

23
Subdomains

22
IPs

6
Countries

1510 kB
Transfer

5534 kB
Size

24
Cookies

51 HTTP transactions
1 data transactions