web.bale.ai Open in urlscan Pro
2.189.68.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://web.bale.ai/chat
Submission: On December 27 via api (December 27th 2023, 5:00:53 pm UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2.189.68.126, located in Iran, Islamic Republic Of and belongs to TIC-AS, IR. The main domain is web.bale.ai. The Cisco Umbrella rank of the primary domain is 771216.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2023. Valid for: a year.

This is the only time web.bale.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2.189.68.126 2.189.68.126	48159 (TIC-AS) (TIC-AS)
1	2a09:8280:1::3:e 2a09:8280:1::3:e	40509 (FLY) (FLY)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2.189.68.118 2.189.68.118	48159 (TIC-AS) (TIC-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
27	9

13 2.189.68.126 (Iran, Islamic Republic Of)

ASN48159 (TIC-AS, IR)

web.bale.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sentry.bale.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a09:8280:1::3:e (United States)

ASN40509 (FLY, US)

worldtimeapi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.189.68.118 (Iran, Islamic Republic Of)

ASN48159 (TIC-AS, IR)

next-api.bale.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	bale.ai web.bale.ai — Cisco Umbrella Rank: 771216 next-api.bale.ai — Cisco Umbrella Rank: 529769	2 MB
6	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 3835 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 525 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 470	2 KB
2	bale.sh sentry.bale.sh — Cisco Umbrella Rank: 883206	567 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	75 KB
1	worldtimeapi.org worldtimeapi.org — Cisco Umbrella Rank: 33504	811 B
0	google.de Failed www.google.de Failed
27	7

	Domain	Requested by
11	web.bale.ai	web.bale.ai
4	next-api.bale.ai	web.bale.ai
2	firebaseremoteconfig.googleapis.com	web.bale.ai
2	firebaseinstallations.googleapis.com	web.bale.ai
2	firebase.googleapis.com	web.bale.ai
2	sentry.bale.sh	web.bale.ai
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	web.bale.ai
1	worldtimeapi.org	web.bale.ai
0	www.google.de Failed
27	10

This site contains no links.

Subject Issuer	Validity	Valid
*.bale.ai Sectigo RSA Domain Validation Secure Server CA	`2023-07-17` - `2024-08-16`	a year	crt.sh
bale.sh R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
worldtimeapi.org R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://web.bale.ai/chat
Frame ID: BDE590031006FF28614B721A3B23B56F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bale Web

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

27
Requests

96 %
HTTPS

75 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

1983 kB
Transfer

7670 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request chat Show response
web.bale.ai/ 2 KB
2 KB 390ms
99ms Document
text/html 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/chat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

dd01ea413edefd1597ec4d351fe69b3940265e4f74da5ee414c028eaf82baa80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
date: Wed, 27 Dec 2023 17:00:48 GMT
etag: W/"658ad47e-817"
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM *.bmi.ir
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
web.bale.ai/static/js/ 7 MB
2 MB 113ms
113ms Script
application/javascript 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/js/main.js

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/chat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

e7f088d2055b1ac5bdba4fd9cc7d492539a06c0e1f9d9a92ae6ccf43fc5b1a44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
content-encoding: gzip
cross-origin-embedder-policy: require-corp
etag: W/"658ad47e-6ed490"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 main.517dd444.css
web.bale.ai/static/css/ 193 KB
33 KB 728ms
728ms Stylesheet
text/css 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/css/main.517dd444.css

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/chat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

3edb5d9b42fd5b05cbdca4b4148d128b9f17cba9b445244be7585ca933c59d46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
content-encoding: gzip
cross-origin-embedder-policy: require-corp
etag: W/"658ad47e-3022a"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: text/css
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
sentry.bale.sh/api/3/envelope/ 2 B
264 B 329ms
102ms Fetch
application/json 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.bale.sh/api/3/envelope/?sentry_key=0103844f88bd442f823da17d9e2c490a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://web.bale.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Dec 2023 17:00:49 GMT
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 2
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json

GET
H2 200 UTC Show response
worldtimeapi.org/api/timezone/ 356 B
811 B 104ms
34ms Fetch
application/json 2a09:8280:1::3:e
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://worldtimeapi.org/api/timezone/UTC

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::3:e , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/9e37a80f (2023-12-22) /

Resource Hash

f9f1782fac916d4d6f5bce3252db3540b850f3c754a81012570a69a758256a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-request-from: 2001:1b60:1010:3:1011:d3e2:9c66:a534
via: 2 fly.io
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-response-origin: 4d891099b7de58
content-length: 223
x-xss-protection: 1; mode=block
x-request-id: F6S-5No6XC_EY4jkThmh
x-runtime: 502Âµs
x-request-regions: a/fra;s/cdg
fly-request-id: 01HJP3HFMJCHCB6TPYZFC3D4VW-fra
server: Fly/9e37a80f (2023-12-22)
x-download-options: noopen
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1703700000
x-ratelimit-limit: 1800
x-ratelimit-remaining: 1799

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/ 339 B
421 B 39ms
39ms Fetch
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/webConfig

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ef72c75b792c5658c6180fe9f57ffeb89f5359e84127642523507dd2e0708b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
x-goog-api-key: AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://web.bale.ai
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/ 0
0 143ms
36ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1021532566934:web:b2ad900168d835871119b7/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://web.bale.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://web.bale.ai
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 27 Dec 2023 17:00:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/najva-1104/ 629 B
686 B 268ms
267ms Fetch
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/najva-1104/installations

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3b153600782732df54f09679533d9574850533f68e61b5f616edcf2b3cacb9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
x-goog-api-key: AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://web.bale.ai
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 496
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/najva-1104/ 0
0 110ms
37ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/najva-1104/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://web.bale.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://web.bale.ai
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 27 Dec 2023 17:00:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 Login.6e3d7c5c.chunk.css
web.bale.ai/static/css/ 9 KB
3 KB 99ms
98ms Stylesheet
text/css 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/css/Login.6e3d7c5c.chunk.css

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

cba9089fe485ab65188e851b885c2299affb7457f93d2b1e4b753aafccd13701

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
content-encoding: gzip
cross-origin-embedder-policy: require-corp
etag: W/"658ad47e-23d5"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 Login.47616453.chunk.js Show response
web.bale.ai/static/js/ 41 KB
12 KB 100ms
100ms Script
application/javascript 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/js/Login.47616453.chunk.js

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

79d356ca2089d71603d863d46d155879297dc10b904f24e2806ea82ddc249148

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
content-encoding: gzip
cross-origin-embedder-policy: require-corp
etag: W/"658ad47e-a461"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 web-vitals.19b5e757.chunk.js Show response
web.bale.ai/static/js/ 6 KB
3 KB 99ms
99ms Script
application/javascript 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/js/web-vitals.19b5e757.chunk.js

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

fbf8c25b0c19819cdf2fe1415e16cbb472ef5341cf62d70da239279c3842a617

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
content-encoding: gzip
cross-origin-embedder-policy: require-corp
etag: W/"658ad47e-1953"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 Shabnam.d04c93d9a9ecd30ebf61.woff2
web.bale.ai/static/media/ 35 KB
36 KB 99ms
99ms Font
font/woff2 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/media/Shabnam.d04c93d9a9ecd30ebf61.woff2

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/css/main.517dd444.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

540d3f4e172bd6b5c70dd06bce57e055ce59270e95ea642b414fe0709faaa085

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.bale.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
etag: "658ad47e-8ba8"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: font/woff2
accept-ranges: bytes
content-length: 35752
x-xss-protection: 1; mode=block

GET
H2 200 Shabnam-Bold.fae09661adb985b99014.woff2
web.bale.ai/static/media/ 37 KB
38 KB 100ms
100ms Font
font/woff2 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/media/Shabnam-Bold.fae09661adb985b99014.woff2

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/css/main.517dd444.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

1ff187f5320ec4527ebb6a71831b88289a6cb18ca33ac34476b96960f0af7282

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.bale.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
etag: "658ad47e-930c"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: font/woff2
accept-ranges: bytes
content-length: 37644
x-xss-protection: 1; mode=block

GET
H2 200 logo82.png
web.bale.ai/ 3 KB
4 KB 101ms
101ms Image
image/png 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.bale.ai/logo82.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

46dd44a3defb0007f511901b391ec4df98ac6579f06852f4e88ab5a0dde30826

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:22:49 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
etag: "658ad3a9-dac"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: image/png
accept-ranges: bytes
content-length: 3500
x-xss-protection: 1; mode=block

GET
H2 200 1f1ee-1f1f7.png
web.bale.ai/emoji-data/img-apple-64/ 3 KB
4 KB 102ms
101ms Image
image/png 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.bale.ai/emoji-data/img-apple-64/1f1ee-1f1f7.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

3b961a7c18093409b4aba025f0df3346e765e119cab2488f8dd09214a7974bd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:22:49 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
etag: "658ad3a9-d6d"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: image/png
accept-ranges: bytes
content-length: 3437
x-xss-protection: 1; mode=block

GET
H2 200 Shabnam-Medium.d1ab1fbec917269c40b8.woff2
web.bale.ai/static/media/ 36 KB
37 KB 99ms
99ms Font
font/woff2 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.bale.ai/static/media/Shabnam-Medium.d1ab1fbec917269c40b8.woff2

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/css/main.517dd444.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

fd5931f57e84baad81cc7243cfc1c83e5ac7f5dd17818d917765063544a54441

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.bale.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bale.ai https://*.bale.ai; script-src https://bale.ai https://*.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://*.bale.ai 'unsafe-inline'; font-src https://bale.ai https://*.bale.ai data: ; img-src https://*.bale.ai https://bale.ai https://*.picofile.com/file/ data: blob: https://api.neshan.org *.paste.pics *.uupload.ir; media-src https://bale.ai https://*.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://*.bale.ai https://map.ir https://*.bale.ai https://*.bale.sh https://cdn.jsdelivr.net wss://*.ble.ir https://*.ble.ir wss://*.bale.sh https://*.googleapis.com https://*.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://*.bmi.ir
last-modified: Tue, 26 Dec 2023 13:26:22 GMT
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
etag: "658ad47e-9130"
x-frame-options: ALLOW-FROM *.bmi.ir
content-type: font/woff2
accept-ranges: bytes
content-length: 37168
x-xss-protection: 1; mode=block

POST
H2 401 Send Show response
next-api.bale.ai/bale.fanoos.v1.fanoos/ 0
291 B 424ms
106ms Fetch
application/grpc-web+proto 2.189.68.118
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send
Requested by: Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-grpc-web: 1
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/grpc-web+proto

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
www-authenticate: Bearer realm="https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send"
grpc-status: 16
server: envoy
content-type: application/grpc-web+proto
access-control-allow-origin: https://web.bale.ai
access-control-expose-headers: grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-allow-credentials: true
grpc-message: Jwt is missing
content-length: 0

OPTIONS
H2 200 Send
next-api.bale.ai/bale.fanoos.v1.fanoos/ 0
0 390ms
94ms Preflight 2.189.68.118
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-grpc-web
Access-Control-Request-Method: POST
Origin: https://web.bale.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,custom-header-1,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout, auth-jwt, session_id
access-control-allow-methods: GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin: https://web.bale.ai
access-control-expose-headers: grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-max-age: 1728000
date: Wed, 27 Dec 2023 17:00:49 GMT
server: envoy

POST
H2 401 Send Show response
next-api.bale.ai/bale.fanoos.v1.fanoos/ 0
32 B 424ms
107ms Fetch
application/grpc-web+proto 2.189.68.118
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send
Requested by: Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-grpc-web: 1
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/grpc-web+proto

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
www-authenticate: Bearer realm="https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send"
grpc-status: 16
server: envoy
content-type: application/grpc-web+proto
access-control-allow-origin: https://web.bale.ai
access-control-expose-headers: grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-allow-credentials: true
grpc-message: Jwt is missing
content-length: 0

OPTIONS
H2 200 Send
next-api.bale.ai/bale.fanoos.v1.fanoos/ 0
0 388ms
95ms Preflight 2.189.68.118
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2.189.68.118 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-grpc-web
Access-Control-Request-Method: POST
Origin: https://web.bale.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,custom-header-1,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout, auth-jwt, session_id
access-control-allow-methods: GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin: https://web.bale.ai
access-control-expose-headers: grpc-status,grpc-message,grpc-status-details-bin,grpc-status-details-text,set-cookie
access-control-max-age: 1728000
date: Wed, 27 Dec 2023 17:00:49 GMT
server: envoy

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 75ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-M7ZV898665

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

559b64187828e0bce3c1a04063831611aabcdfef4fba4a0eb2788ceb3f9ad258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 17:00:49 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 77ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M7ZV898665&gtm=45je3bt0v883156430&_p=1703696449338&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&_fid=fMFrfNgX3h6dMVlLmTxLWN&cid=1507999934.1703696449&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703696449&sct=1&seg=0&dl=https%3A%2F%2Fweb.bale.ai%2Flogin&dt=Bale%20Web&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase&tfd=1678
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-M7ZV898665
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Dec 2023 17:00:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.bale.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

POST
H2 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/ 1 KB
690 B 38ms
38ms Fetch
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/fireperf:fetch?key=AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

843d783dc30f5c3d3bdee06c4f8eea7ccd27f1806223a758e381b64d1bead1e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTAyMTUzMjU2NjkzNDp3ZWI6YjJhZDkwMDE2OGQ4MzU4NzExMTliNyIsImV4cCI6MTcwNDMwMTI0OSwiZmlkIjoiZk1GcmZOZ1gzaDZkTVZsTG1UeExXTiIsInByb2plY3ROdW1iZXIiOjEwMjE1MzI1NjY5MzR9.AB2LPV8wRgIhANQYizu3u2UhMzLQb49rc03GXdGIxAeJFHsAu9cmbXx4AiEAn6a9Oo0gnN8Yi66sx-kakY2uuMoptgFcE1z_LmG6-iE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Dec 2023 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-najva-1104-fireperf-fetch--2116023519
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://web.bale.ai
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 464
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/ 0
0 97ms
29ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/najva-1104/namespaces/fireperf:fetch?key=AIzaSyCU4wCpGB7W029GWOi_53FH0-r8nK5vClo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://web.bale.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://web.bale.ai
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 27 Dec 2023 17:00:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 / Show response
sentry.bale.sh/api/3/envelope/ 41 B
303 B 108ms
104ms Fetch
application/json 2.189.68.126
TIC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.bale.sh/api/3/envelope/?sentry_key=0103844f88bd442f823da17d9e2c490a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0

Requested by

Host: web.bale.ai
URL: https://web.bale.ai/static/js/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.189.68.126 , Iran, Islamic Republic Of, ASN48159 (TIC-AS, IR),

Reverse DNS

Software

Resource Hash

a78ed11e2db988e982c99ff06cf2726071bb09f5acded755cfad2944dafb68f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://web.bale.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Dec 2023 17:00:51 GMT
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 41
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M7ZV898665&cid=1507999934.1703696449&gtm=45je3bt0v883156430&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=282101638

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bale.ai/	1970-01-21 02:50:56	Name: _ga Value: GA1.1.1507999934.1703696449
			.bale.ai/	1970-01-21 02:50:56	Name: _ga_M7ZV898665 Value: GS1.1.1703696449.1.0.1703696449.60.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-M7ZV898665(Line 95) Message: Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M7ZV898665&cid=1507999934.1703696449&gtm=45je3bt0v883156430&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1' because it violates the following Content Security Policy directive: "connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob:".
security	error	URL: https://web.bale.ai/login Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M7ZV898665&cid=1507999934.1703696449&gtm=45je3bt0v883156430&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=282101638' because it violates the following Content Security Policy directive: "img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir".
network	error	URL: https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://next-api.bale.ai/bale.fanoos.v1.fanoos/Send Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://bale.ai https://.bale.ai; script-src https://bale.ai https://.bale.ai https://www.googletagmanager.com 'unsafe-eval' 'wasm-unsafe-eval' blob: ; style-src https://bale.ai https://.bale.ai 'unsafe-inline'; font-src https://bale.ai https://.bale.ai data: ; img-src https://.bale.ai https://bale.ai https://.picofile.com/file/ data: blob: https://api.neshan.org .paste.pics .uupload.ir; media-src https://bale.ai https://.bale.ai data: blob: ; connect-src https://bale.ai https://bale.sh https://worldtimeapi.org wss://.bale.ai https://map.ir https://.bale.ai https://.bale.sh https://cdn.jsdelivr.net wss://.ble.ir https://.ble.ir wss://.bale.sh https://.googleapis.com https://.google.com https://fetch.adivery.com https://nasim-bam.sadad.co.ir https://tsm.shaparak.ir blob: ; frame-ancestors https://.bmi.ir
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.bmi.ir
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
next-api.bale.ai
region1.analytics.google.com
sentry.bale.sh
web.bale.ai
worldtimeapi.org
www.google.de
www.googletagmanager.com
www.google.de
2.189.68.118
2.189.68.126
2001:4860:4802:32::36
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200a
2a00:1450:4001:829::200a
2a09:8280:1::3:e
1ff187f5320ec4527ebb6a71831b88289a6cb18ca33ac34476b96960f0af7282
3b961a7c18093409b4aba025f0df3346e765e119cab2488f8dd09214a7974bd8
3edb5d9b42fd5b05cbdca4b4148d128b9f17cba9b445244be7585ca933c59d46
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46dd44a3defb0007f511901b391ec4df98ac6579f06852f4e88ab5a0dde30826
540d3f4e172bd6b5c70dd06bce57e055ce59270e95ea642b414fe0709faaa085
559b64187828e0bce3c1a04063831611aabcdfef4fba4a0eb2788ceb3f9ad258
79d356ca2089d71603d863d46d155879297dc10b904f24e2806ea82ddc249148
843d783dc30f5c3d3bdee06c4f8eea7ccd27f1806223a758e381b64d1bead1e6
9ef72c75b792c5658c6180fe9f57ffeb89f5359e84127642523507dd2e0708b5
a78ed11e2db988e982c99ff06cf2726071bb09f5acded755cfad2944dafb68f4
b3b153600782732df54f09679533d9574850533f68e61b5f616edcf2b3cacb9b
cba9089fe485ab65188e851b885c2299affb7457f93d2b1e4b753aafccd13701
dd01ea413edefd1597ec4d351fe69b3940265e4f74da5ee414c028eaf82baa80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f088d2055b1ac5bdba4fd9cc7d492539a06c0e1f9d9a92ae6ccf43fc5b1a44
f9f1782fac916d4d6f5bce3252db3540b850f3c754a81012570a69a758256a0d
fbf8c25b0c19819cdf2fe1415e16cbb472ef5341cf62d70da239279c3842a617
fd5931f57e84baad81cc7243cfc1c83e5ac7f5dd17818d917765063544a54441

web.bale.ai Open in urlscan Pro 2.189.68.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

96 %HTTPS

75 %IPv6

7 Domains

10 Subdomains

9 IPs

3 Countries

1983 kBTransfer

7670 kBSize

2 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

web.bale.ai Open in urlscan Pro
2.189.68.126 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

96 %
HTTPS

75 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

1983 kB
Transfer

7670 kB
Size

2
Cookies

27 HTTP transactions
0 data transactions