urlscan.io logo urlscan.io
SecurityTrails logo

web.bale.ai Open in urlscan Pro
2.189.68.126  Public Scan

Go To Rescan Add Verdict Report
URL: https://web.bale.ai/
Submission: On November 06 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2.189.68.126, located in Iran, Islamic Republic Of and belongs to TIC-AS, IR. The main domain is web.bale.ai. The Cisco Umbrella rank of the primary domain is 434171.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2023. Valid for: a year.
This is the only time web.bale.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2.189.68.126 (Iran, Islamic Republic Of)

ASN48159 (TIC-AS, IR)
web.bale.ai
sentry.bale.sh
1    2a09:8280:1::3:e (United States)

ASN40509 (FLY, US)
worldtimeapi.org
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2.189.68.118 (Iran, Islamic Republic Of)

ASN48159 (TIC-AS, IR)
next-api.bale.ai
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseremoteconfig.googleapis.com
Apex Domain
Subdomains		 Transfer
15 bale.ai
web.bale.ai — Cisco Umbrella Rank: 434171
next-api.bale.ai — Cisco Umbrella Rank: 338331
2 MB
6 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 3697
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 555
firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 497
2 KB
3 bale.sh
sentry.bale.sh — Cisco Umbrella Rank: 550089
793 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
252 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
74 KB
1 worldtimeapi.org
worldtimeapi.org — Cisco Umbrella Rank: 31729
793 B
0 google.fr Failed
www.google.fr Failed
28 7
Domain Requested by
11 web.bale.ai web.bale.ai
4 next-api.bale.ai web.bale.ai
3 sentry.bale.sh web.bale.ai
2 firebaseremoteconfig.googleapis.com web.bale.ai
2 firebaseinstallations.googleapis.com web.bale.ai
2 firebase.googleapis.com web.bale.ai
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com web.bale.ai
1 worldtimeapi.org web.bale.ai
0 www.google.fr Failed
28 10

This site contains no links.

Subject Issuer Validity Valid
*.bale.ai
Sectigo RSA Domain Validation Secure Server CA		 2023-07-17 -
2024-08-16		 a year crt.sh
bale.sh
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
worldtimeapi.org
R3		 2023-09-22 -
2023-12-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://web.bale.ai/
Frame ID: 3FA839FED0A572568512E8482323F6E8
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bale Web

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

96 %
HTTPS

75 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

1837 kB
Transfer

7203 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
web.bale.ai/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
ee156c6710895632b7e9a445bca7517a24d332c32e8333beb59e05e6b4d469ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
date
Mon, 06 Nov 2023 06:35:37 GMT
etag
W/"65411aa2-7ea"
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM *.bmi.ir
x-xss-protection
1; mode=block
main.js
web.bale.ai/static/js/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/js/main.js
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
fb6939e909cd9c9aaa0fed0185969e0275732364cc9e5173d1f2b0770ca2ec26
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
content-encoding
gzip
cross-origin-embedder-policy
require-corp
etag
W/"65411aa2-67b80d"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
application/javascript
x-xss-protection
1; mode=block
main.8dc413b2.css
web.bale.ai/static/css/ 		182 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/css/main.8dc413b2.css
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
676d0355bd33ba79b9a3f8725a0289f9634eb3214ae38b7a6a0d0fa333ea39e6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
content-encoding
gzip
cross-origin-embedder-policy
require-corp
etag
W/"65411aa2-2d933"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
text/css
x-xss-protection
1; mode=block
/
sentry.bale.sh/api/2/envelope/ 		2 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.bale.sh/api/2/envelope/?sentry_key=9809e72728674aac9c7e65120fc9277b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://web.bale.ai/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 06 Nov 2023 06:35:38 GMT
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
strict-transport-security
max-age=15724800; includeSubDomains
content-length
2
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
UTC
worldtimeapi.org/api/timezone/ 		340 B
793 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://worldtimeapi.org/api/timezone/UTC
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::3:e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
78c91daf350af772f203832d42af36e7f17a91e6d20db8638b3b09c4868a451c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-request-from
2001:41d0:8:d154::16
via
2 fly.io
x-permitted-cross-domain-policies
none
cross-origin-window-policy
deny
x-response-origin
148e392f300328
content-length
216
x-xss-protection
1; mode=block
x-request-id
F5T1LlUofB4tok5MA8KB
x-runtime
372µs
x-request-regions
a/cdg;s/cdg
fly-request-id
01HEHNG3CKCG5APZBY2B6CXCEX-cdg
server
Fly/7328d5b5 (2023-10-27)
x-download-options
noopen
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1699254000
x-ratelimit-limit
1800
x-ratelimit-remaining
1799
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/ 		339 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/webConfig
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ef72c75b792c5658c6180fe9f57ffeb89f5359e84127642523507dd2e0708b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
x-goog-api-key
AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.bale.ai
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://web.bale.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://web.bale.ai
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 06 Nov 2023 06:35:38 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/najva-1104/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/najva-1104/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://web.bale.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://web.bale.ai
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 06 Nov 2023 06:35:38 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/najva-1104/ 		627 B
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/najva-1104/installations
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48e067c219411a8741ad86444ea31c6196a5a37fb6120da8e25f75486c021381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
x-goog-api-key
AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type
application/json

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.bale.ai
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
496
x-xss-protection
0
web-vitals.19b5e757.chunk.js
web.bale.ai/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/js/web-vitals.19b5e757.chunk.js
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
fbf8c25b0c19819cdf2fe1415e16cbb472ef5341cf62d70da239279c3842a617
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
content-encoding
gzip
cross-origin-embedder-policy
require-corp
etag
W/"65411aa2-1953"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
application/javascript
x-xss-protection
1; mode=block
/
sentry.bale.sh/api/2/envelope/ 		2 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.bale.sh/api/2/envelope/?sentry_key=9809e72728674aac9c7e65120fc9277b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://web.bale.ai/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 06 Nov 2023 06:35:38 GMT
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
strict-transport-security
max-age=15724800; includeSubDomains
content-length
2
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
/
sentry.bale.sh/api/2/envelope/ 		2 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.bale.sh/api/2/envelope/?sentry_key=9809e72728674aac9c7e65120fc9277b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://web.bale.ai/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 06 Nov 2023 06:35:38 GMT
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
strict-transport-security
max-age=15724800; includeSubDomains
content-length
2
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
Login.d3d9d323.chunk.css
web.bale.ai/static/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/css/Login.d3d9d323.chunk.css
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
45618a8aed232f122b701a38a1778d8685579dedb2fb2cd46b995f55aae2199f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
content-encoding
gzip
cross-origin-embedder-policy
require-corp
etag
W/"65411aa2-20bd"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
text/css
x-xss-protection
1; mode=block
Login.75b17cc5.chunk.js
web.bale.ai/static/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/js/Login.75b17cc5.chunk.js
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
ad8907c2a6baab86197d0be98ce67b83ec8da2b31ace65f22a2336299443f8dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
content-encoding
gzip
cross-origin-embedder-policy
require-corp
etag
W/"65411aa2-9fb5"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
application/javascript
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		209 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-M7ZV898665
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47a715bbca8b74ace8ede095469d49e7c6d88d4d4d24b08cc33d81e401b01e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75876
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 06:35:39 GMT
SendSerajEvent
next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-grpc-web
Access-Control-Request-Method
POST
Origin
https://web.bale.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,custom-header-1,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout, auth-jwt, session_id
access-control-allow-methods
GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin
https://web.bale.ai
access-control-expose-headers
grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-max-age
1728000
date
Mon, 06 Nov 2023 06:35:38 GMT
server
envoy
SendSerajEvent
next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/ 		0
307 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-grpc-web
1
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type
application/grpc-web+proto

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
www-authenticate
Bearer realm="https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent"
grpc-status
16
server
envoy
content-type
application/grpc-web+proto
access-control-allow-origin
https://web.bale.ai
access-control-expose-headers
grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-allow-credentials
true
grpc-message
Jwt is missing
content-length
0
Shabnam.d04c93d9a9ecd30ebf61.woff2
web.bale.ai/static/media/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/media/Shabnam.d04c93d9a9ecd30ebf61.woff2
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/css/main.8dc413b2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
540d3f4e172bd6b5c70dd06bce57e055ce59270e95ea642b414fe0709faaa085
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://web.bale.ai
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
etag
"65411aa2-8ba8"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
font/woff2
accept-ranges
bytes
content-length
35752
x-xss-protection
1; mode=block
Shabnam-Bold.fae09661adb985b99014.woff2
web.bale.ai/static/media/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/media/Shabnam-Bold.fae09661adb985b99014.woff2
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/css/main.8dc413b2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
1ff187f5320ec4527ebb6a71831b88289a6cb18ca33ac34476b96960f0af7282
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://web.bale.ai
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
etag
"65411aa2-930c"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
font/woff2
accept-ranges
bytes
content-length
37644
x-xss-protection
1; mode=block
logo82.png
web.bale.ai/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.bale.ai/logo82.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
46dd44a3defb0007f511901b391ec4df98ac6579f06852f4e88ab5a0dde30826
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:14:34 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
etag
"654119da-dac"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
image/png
accept-ranges
bytes
content-length
3500
x-xss-protection
1; mode=block
1f1ee-1f1f7.png
web.bale.ai/emoji-data/img-apple-64/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.bale.ai/emoji-data/img-apple-64/1f1ee-1f1f7.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
3b961a7c18093409b4aba025f0df3346e765e119cab2488f8dd09214a7974bd8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:14:34 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
etag
"654119da-d6d"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
image/png
accept-ranges
bytes
content-length
3437
x-xss-protection
1; mode=block
Shabnam-Medium.d1ab1fbec917269c40b8.woff2
web.bale.ai/static/media/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.bale.ai/static/media/Shabnam-Medium.d1ab1fbec917269c40b8.woff2
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/css/main.8dc413b2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
/
Resource Hash
fd5931f57e84baad81cc7243cfc1c83e5ac7f5dd17818d917765063544a54441
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://web.bale.ai
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified
Tue, 31 Oct 2023 15:17:54 GMT
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
etag
"65411aa2-9130"
x-frame-options
ALLOW-FROM *.bmi.ir
content-type
font/woff2
accept-ranges
bytes
content-length
37168
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M7ZV898665&gtm=45je3b11v883156430&_p=1699252538966&_gaz=1&gcd=11l1l1l1l1&_fid=dlgtl4Pn8LNML8IXvp89l7&cid=784269454.1699252539&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699252539&sct=1&seg=0&dl=https%3A%2F%2Fweb.bale.ai%2Flogin&dt=Bale%20Web&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase&tfd=1879
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-M7ZV898665
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 06:35:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://web.bale.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		0
0
SendSerajEvent
next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/ 		0
32 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-grpc-web
1
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type
application/grpc-web+proto

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
www-authenticate
Bearer realm="https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent"
grpc-status
16
server
envoy
content-type
application/grpc-web+proto
access-control-allow-origin
https://web.bale.ai
access-control-expose-headers
grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-allow-credentials
true
grpc-message
Jwt is missing
content-length
0
SendSerajEvent
next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-grpc-web
Access-Control-Request-Method
POST
Origin
https://web.bale.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,custom-header-1,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout, auth-jwt, session_id
access-control-allow-methods
GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin
https://web.bale.ai
access-control-expose-headers
grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-max-age
1728000
date
Mon, 06 Nov 2023 06:35:38 GMT
server
envoy
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/ 		1 KB
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/fireperf:fetch?key=AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo
Requested by
Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e0940e03df2b92029e4283b74f78f49ba4f38246a18eaeffb25cd179f5c457e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
Authorization
FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTAyMTUzMjU2NjkzNDp3ZWI6YjJhZDkwMDE2OGQ4MzU4NzExMTliNyIsImV4cCI6MTY5OTg1NzMzOSwiZmlkIjoiZGxndGw0UG44TE5NTDhJWHZwODlsNyIsInByb2plY3ROdW1iZXIiOjEwMjE1MzI1NjY5MzR9.AB2LPV8wRQIgLm5ZZQzEn8r8vh9IOwP8PqjegKX9GTaTFwpN_X_Y1_8CIQCusZgKtPmJv8TLzFmRV0PlfTe6ahG0dGUAdx-tXi-CYA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Nov 2023 06:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
etag
etag-najva-1104-fireperf-fetch--2116048567
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.bale.ai
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
464
x-xss-protection
0
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/fireperf:fetch?key=AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://web.bale.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://web.bale.ai
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 06 Nov 2023 06:35:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.fr
URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M7ZV898665&cid=784269454.1699252539&gtm=45je3b11v883156430&aip=1&z=1485785923

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunk_bale_web object| SENTRY_RELEASE object| SENTRY_RELEASES object| __SENTRY__ function| _ object| regeneratorRuntime function| Hammer string| myLogs object| dataLayer function| gtag object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Domain/Path Name / Value
.bale.ai/ Name: _ga
Value: GA1.1.784269454.1699252539
.bale.ai/ Name: _ga_M7ZV898665
Value: GS1.1.1699252539.1.0.1699252539.60.0.0

4 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-M7ZV898665(Line 94)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M7ZV898665&cid=784269454.1699252539&gtm=45je3b11v883156430&aip=1' because it violates the following Content Security Policy directive: "connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob:".
security error URL: https://web.bale.ai/login
Message:
Refused to load the image 'https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M7ZV898665&cid=784269454.1699252539&gtm=45je3b11v883156430&aip=1&z=1485785923' because it violates the following Content Security Policy directive: "img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir".
network error URL: https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://next-api.bale.ai/bale.seraj_proxy.v1.SerajProxy/SendSerajEvent
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.bale.ai; script-src https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://*.bale.ai 'unsafe-inline'; font-src https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://*.bale.ai data: blob: ; connect-src https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.bmi.ir
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
next-api.bale.ai
region1.analytics.google.com
sentry.bale.sh
web.bale.ai
worldtimeapi.org
www.google.fr
www.googletagmanager.com
www.google.fr
2.189.68.118
2.189.68.126
2001:4860:4802:34::36
2a00:1450:4001:80e::200a
2a00:1450:4001:813::200a
2a00:1450:4001:828::200a
2a00:1450:4001:830::2008
2a09:8280:1::3:e
0e0940e03df2b92029e4283b74f78f49ba4f38246a18eaeffb25cd179f5c457e
1ff187f5320ec4527ebb6a71831b88289a6cb18ca33ac34476b96960f0af7282
3b961a7c18093409b4aba025f0df3346e765e119cab2488f8dd09214a7974bd8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45618a8aed232f122b701a38a1778d8685579dedb2fb2cd46b995f55aae2199f
46dd44a3defb0007f511901b391ec4df98ac6579f06852f4e88ab5a0dde30826
47a715bbca8b74ace8ede095469d49e7c6d88d4d4d24b08cc33d81e401b01e5a
48e067c219411a8741ad86444ea31c6196a5a37fb6120da8e25f75486c021381
540d3f4e172bd6b5c70dd06bce57e055ce59270e95ea642b414fe0709faaa085
676d0355bd33ba79b9a3f8725a0289f9634eb3214ae38b7a6a0d0fa333ea39e6
78c91daf350af772f203832d42af36e7f17a91e6d20db8638b3b09c4868a451c
9ef72c75b792c5658c6180fe9f57ffeb89f5359e84127642523507dd2e0708b5
ad8907c2a6baab86197d0be98ce67b83ec8da2b31ace65f22a2336299443f8dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee156c6710895632b7e9a445bca7517a24d332c32e8333beb59e05e6b4d469ba
fb6939e909cd9c9aaa0fed0185969e0275732364cc9e5173d1f2b0770ca2ec26
fbf8c25b0c19819cdf2fe1415e16cbb472ef5341cf62d70da239279c3842a617
fd5931f57e84baad81cc7243cfc1c83e5ac7f5dd17818d917765063544a54441