trojancode5.amirhoosein1383h.workers.dev Open in urlscan Pro
2606:4700:3032::6815:2e31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://trojancode5.amirhoosein1383h.workers.dev/
Submission: On June 23 via api (June 23rd 2024, 1:07:00 am UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 11 domains to perform 105 HTTP transactions. The main IP is 2606:4700:3032::6815:2e31, located in United States and belongs to CLOUDFLARENET, US. The main domain is trojancode5.amirhoosein1383h.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on June 1st 2024. Valid for: 3 months.

This is the only time trojancode5.amirhoosein1383h.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::6815:2e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	185.79.157.214 185.79.157.214	58224 (TCI) (TCI)
1	172.67.223.221 172.67.223.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.116.161.98 185.116.161.98	61173 (GWSN-AS) (GWSN-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
10	185.166.104.3 185.166.104.3	202319 (CAFEBAZAAR) (CAFEBAZAAR)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	185.166.104.4 185.166.104.4	202319 (CAFEBAZAAR) (CAFEBAZAAR)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
6	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
105	16

1 2606:4700:3032::6815:2e31 (United States)

ASN13335 (CLOUDFLARENET, US)

trojancode5.amirhoosein1383h.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 185.79.157.214 (Iran, Islamic Republic Of)

ASN58224 (TCI, IR)

www.iranicard.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.223.221 (United States)

ASN13335 (CLOUDFLARENET, US)

trojancode5.amirhoosein1383h.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.116.161.98 (Tehran, Iran, Islamic Republic Of)

ASN61173 (GWSN-AS, IR)
PTR: static.98.161.116.185.clients.irandns.com

sdk.afrak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.166.104.3 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)

cdn.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ua.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.166.104.4 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)

audience.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

van.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	iranicard.ir www.iranicard.ir — Cisco Umbrella Rank: 933513	1 MB
12	yektanet.com cdn.yektanet.com — Cisco Umbrella Rank: 63712 audience.yektanet.com — Cisco Umbrella Rank: 68897 ua.yektanet.com — Cisco Umbrella Rank: 66127	46 KB
8	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 743 v.clarity.ms — Cisco Umbrella Rank: 7632	29 KB
5	najva.com van.najva.com — Cisco Umbrella Rank: 111529 cr.najva.com — Cisco Umbrella Rank: 168673 app.najva.com — Cisco Umbrella Rank: 155674	50 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	303 KB
2	workers.dev trojancode5.amirhoosein1383h.workers.dev	38 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8088	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	271 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3125
1	afrak.com sdk.afrak.com	3 KB
105	11

	Domain	Requested by
37	www.iranicard.ir	trojancode5.amirhoosein1383h.workers.dev www.iranicard.ir
8	ua.yektanet.com	cdn.yektanet.com
6	v.clarity.ms	www.clarity.ms
3	van.najva.com	trojancode5.amirhoosein1383h.workers.dev van.najva.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com trojancode5.amirhoosein1383h.workers.dev
3	www.googletagmanager.com	trojancode5.amirhoosein1383h.workers.dev www.googletagmanager.com
2	audience.yektanet.com	cdn.yektanet.com
2	www.clarity.ms	trojancode5.amirhoosein1383h.workers.dev www.clarity.ms
2	cdn.yektanet.com	trojancode5.amirhoosein1383h.workers.dev van.najva.com
2	trojancode5.amirhoosein1383h.workers.dev	trojancode5.amirhoosein1383h.workers.dev
1	app.najva.com	van.najva.com
1	cr.najva.com	van.najva.com
1	www.google.de	trojancode5.amirhoosein1383h.workers.dev
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	sdk.afrak.com	trojancode5.amirhoosein1383h.workers.dev
105	16

This site contains links to these domains. Also see Links.

Domain
www.iranicard.ir
panel.iranicard.ir

Subject Issuer	Validity	Valid
amirhoosein1383h.workers.dev GTS CA 1P5	`2024-06-01` - `2024-08-30`	3 months	crt.sh
iranicard.ir R3	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.afrak.com Certum Domain Validation CA SHA2	`2024-01-09` - `2025-01-08`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cdn.yektanet.com R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
yektanet.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
najva.com GTS CA 1P5	`2024-05-12` - `2024-08-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://trojancode5.amirhoosein1383h.workers.dev/
Frame ID: BB7E09665900CDAA402834E7368BC77E
Requests: 104 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: D5C56A2B355DBCDB64EC94CBCD796A36
Requests: 1 HTTP requests in this frame

Frame: https://app.najva.com/cmif/?website_id=16775
Frame ID: 349958D5CE48373D9AB5C1D3FB499E6B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ایرانیکارت: پیشگام در نقد کردن درآمد و پرداخت‌ های بین الملل

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

105
Requests

70 %
HTTPS

40 %
IPv6

11
Domains

16
Subdomains

16
IPs

5
Countries

1998 kB
Transfer

4261 kB
Size

16
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://www.iranicard.ir/

Search URL Search Domain Scan URL

URL: https://panel.iranicard.ir/login
Title: ورود/عضویت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/
Title: کارت‌های اعتباری

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/visacard/
Title: خرید ویزا کارت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/visacard/physical-visacard/
Title: ویزا کارت فیزیکی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/visacard/physical-visacard/credit-card/
Title: کردیت کارت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/visacard/virtual-visacard/
Title: ویزا کارت مجازی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/visacard/virtual-visacard/gift/
Title: ویزا کارت مجازی (هدیه)

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/other-cards-services/mastercard-visacard-charge/
Title: شارژ مستر کارت و ویزا کارت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/mastercard/
Title: خرید مستر کارت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/mastercard/physical-mastercard/
Title: مستر کارت فیزیکی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/mastercard/virtual-mastercard/
Title: مستر کارت مجازی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/mastercard/virtual-mastercard/america/
Title: مستر کارت مجازی آمریکا

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/
Title: خرید گیفت کارت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/
Title: خرید گیفت کارت بازی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/playstation/
Title: گیفت کارت پلی استیشن – PS4

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/ps-plus/
Title: گیفت کارت پلی استیشن پلاس

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/xbox/
Title: گیفت کارت ایکس باکس – Xbox

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/xbox-game-pass/
Title: گیفت کارت گیم پس – Xbox

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/steam/
Title: گیفت کارت استیم والت – Steam

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/pubg/
Title: گیفت کارت پابجی – Pubg

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/blizzard/
Title: گیفت کارت بتل نت – Battle.Net

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/free-fire/
Title: گیفت کارت فری فایر – Free Fire

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/roblox/
Title: گیفت کارت روبلاکس – Roblox

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/game-giftcard/razer-gold/
Title: گیفت کارت ریزر گلد – Razer Gold

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/visacard/virtual-visacard/usa-gift/
Title: گیفت کارت ویزا – VISA

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/payment-giftcard/amazon/
Title: گیفت کارت آمازون – Amazon

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/application-giftcard/apple/
Title: گیفت کارت اپل – Apple

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/application-giftcard/spotify/
Title: گیفت کارت اسپاتیفای – Spotify

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/application-giftcard/skype/
Title: گیفت کارت اسکایپ – Skype

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/card/giftcard/application-giftcard/netflix/
Title: گیفت کارت نتفلیکس – Netflix

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/
Title: پرداخت ارزی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/student-and-international/
Title: دانشجویی و آزمون های بین المللی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/student-and-international/tests/
Title: آزمون های بین المللی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/student-and-international/language-tests/
Title: ثبت نام آزمون‌ های زبان

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/student-and-international/student/
Title: پرداخت های دانشجویی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/foreign-services/
Title: سرویس های خارجی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/foreign-services/international-simcard/
Title: خرید سیم کارت های بین المللی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/foreign-services/virtual-number/
Title: خرید شماره مجازی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/travel/
Title: مسافرت و مهاجرت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/travel/foreign-tickets/
Title: خرید بلیط خارجی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/travel/visa-embassy-fee/
Title: ویزا و سفارت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/travel/hotel-hostel-reservation/
Title: رزرو هتل و هاستل

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/accounts/
Title: اکانت های پرمیوم و تریال

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/accounts/artificial-intelligence/
Title: خرید اکانت هوش مصنوعی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/accounts/seo-tools/
Title: خرید اکانت ابزارهای سئو

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/accounts/game/
Title: خرید اکانت بازی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/
Title: خرید سرور مجازی خارجی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/trade-vps/
Title: خرید سرور مجازی ترید (Trade VPS)

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/daily-vps/
Title: خرید سرور مجازی (VPS) روزانه

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/usa-vps/
Title: خرید سرور مجازی (VPS) آمریکا

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/uk-vps/
Title: خرید سرور مجازی (VPS) انگلیس

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/netherlands-vps/
Title: خرید سرور مجازی (VPS) هلند

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/uae-vps/
Title: خرید سرور مجازی (VPS) امارات

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/turkey-vps/
Title: خرید سرور مجازی (VPS) ترکیه

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/poland-vps/
Title: خرید سرور مجازی (VPS) لهستان

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/vps/germany-vps/
Title: خرید سرور مجازی (VPS) آلمان

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/
Title: حساب های بین المللی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/paypal/
Title: پی پال

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/paypal/paypal-account-creation/
Title: افتتاح حساب پی پال

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/paypal/paypal-buy-and-sell/
Title: خرید و فروش پی پال

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/skrill/
Title: اسکریل

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/skrill/skrill-buy-and-sell/
Title: خرید و فروش دلار اسکریل

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/webmoney/
Title: وب مانی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/webmoney/webmoney-account-creation/
Title: افتتاح حساب وب مانی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/webmoney/webmoney-buy-and-sell/
Title: خرید و فروش وب مانی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/exchange-earnings/
Title: نقد کردن درامد ارزی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/exchange-earnings/shutterstock/
Title: اکانت Contributor شاتر استوک

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/perfect-money/
Title: پرفکت مانی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/perfect-money/perfectmoney-account-creation/
Title: ساخت حساب پرفکت مانی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/international-accounts/perfect-money/perfectmoney-buy-and-sell/
Title: خرید و فروش پرفکت مانی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/
Title: خرید ارز دیجیتال

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-bitcoin/
Title: فروش و خرید بیت کوین

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-ethereum/
Title: فروش و خرید اتریوم

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-bnb/
Title: فروش و خرید بایننس کوین

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-cardano/
Title: فروش و خرید کاردانو

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-solana/
Title: فروش و خرید سولانا

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-xrp/
Title: فروش و خرید ریپل

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-dogecoin/
Title: فروش و خرید دوج کوین

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-avalanche/
Title: فروش و خرید آواکس (avalanche)

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/metaverse/
Title: متاورس

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-decentraland/
Title: فروش و خرید مانا

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-axie-infinity/
Title: فروش و خرید اکسی اینفینیتی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-the-sandbox/
Title: فروش و خرید سندباکس

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-chiliz/
Title: فروش و خرید چیلیز

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-tron/
Title: فروش و خرید ترون

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-bitcoin-cash/
Title: فروش و خرید بیت کوین کش

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-digibyte/
Title: فروش و خرید دیجی بایت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-shiba/
Title: فروش و خرید شیبا اینو

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/price/
Title: مشاهده قیمت ارزهای دیجیتال

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/stablecoin/
Title: خرید استیبل کوین

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-tether/
Title: فروش و خرید تتر

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/coin-binance-usd/
Title: فروش و خرید بایننس یو اس دی

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/hardware-wallet/
Title: خرید انواع کیف پول سخت افزاری

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/hardware-wallet/safepal/
Title: کیف پول SafePal

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/hardware-wallet/trezor/
Title: کیف پول ترزور

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/hardware-wallet/cool-wallet/
Title: کیف پول کول ولت

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/hardware-wallet/ledger/
Title: کیف پول لجر

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/crypto/hardware-wallet/ellipal/
Title: کیف پول الیپال

Search URL Search Domain Scan URL

URL: https://www.iranicard.ir/payments/shopping/
Title: خرید کالا از سایت های خارجی

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
trojancode5.amirhoosein1383h.workers.dev/ 290 KB
37 KB 1824ms
1606ms Document
text/html 2606:4700:3032::6815:2e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27876647e112ce83bd2041b6c5a8484996ebf641e512c6be5ec62cbba8b41f08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8980935e9e8f915e-FRA
content-encoding: br
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Sun, 23 Jun 2024 01:06:29 GMT
link: <https://www.iranicard.ir/wp-json/>; rel="https://api.w.org/", <https://www.iranicard.ir/wp-json/wp/v2/pages/140000>; rel="alternate"; type="application/json", <https://www.iranicard.ir/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoY2qK24HoS9dGqHyIGrklr%2Bmu4WjvuvmN2ozj517KxZC9zHS54Y1Frv9RqGP0fVgxkjG0kSfQN%2BMx7dgLHaWXSO6N91Yzsg0LK%2BZFJ5lzxG7FlesWqqFF2mXNgYH%2FOON%2FP%2B7bOIJWDOz6SqYqGTzX63TrXZL0sSsCMwC3GEQXxoF6c2uBLD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-rocket-nginx-serving-static: MISS
x-xss-protection: 1; mode=block

GET
H2 200 vendors.min.css
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/ 200 KB
36 KB 1623ms
1010ms Stylesheet
text/css 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/vendors.min.css?ver=1.1.2

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

76abbe8f4505fa14b916c37643caff8622358c3907c5e1586f1c5252e8d938aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:30 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-rocket-nginx-serving-static: BYPASS
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: W/"667264f7-321f5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:30 GMT

GET
H2 200 style.css
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/ 234 KB
48 KB 988ms
376ms Stylesheet
text/css 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/style.css?ver=2.2.261

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

94ba50750b216f529ef7ccad9c53d5da6efa33eac17b7e7cc26ebd6bdda47b91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:30 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-rocket-nginx-serving-static: BYPASS
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: W/"667264f7-3a721"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:30 GMT

GET
H2 200 theme.min.js Show response
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/js/ 103 KB
34 KB 1623ms
1010ms Script
application/javascript 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/js/theme.min.js?ver=2.0.0

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

dbb409e0a26958ffa3c117493f4c20a7fd777308bd1880be65987714d4763bcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:30 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-rocket-nginx-serving-static: BYPASS
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: W/"667264f7-19b4e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:30 GMT

GET
H2 200 logo-iranicard.svg
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/ 11 KB
5 KB 1623ms
1010ms Image
image/svg+xml 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/logo-iranicard.svg
Requested by: Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 7976c87bab57f0149553940c7a363ce2ef157b3e433e19887bd1cff448feea9a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: W/"667264f7-2ae8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 24 Jun 2024 01:06:30 GMT

GET
H2 200 fa.png
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/ 4 KB
5 KB 1623ms
1010ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/fa.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

31b3e2d5b3a1469f5b7d756dc3fef627ebf462c8a9427f9f5d424fd4a44ee37f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:30 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 4348
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:20 GMT
server: nginx/1.24.0
etag: "667264f4-10fc"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:30 GMT

GET
H2 200 en.png
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/ 5 KB
5 KB 289ms
288ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/en.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ea2d09cba21bf377e88fe75313f88e6bd358d2689b4e62058c717acae59f5330

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 5153
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:20 GMT
server: nginx/1.24.0
etag: "667264f4-1421"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 elem.png
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/ 8 KB
8 KB 581ms
581ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/images/elem.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

1f2a161dac4585791d92ad7e69e438840905a34ae0d0e6793346d1ca0f787384

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 7936
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: "667264f7-1f00"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H3 200 email-decode.min.js Show response
trojancode5.amirhoosein1383h.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 258ms
255ms Script
application/javascript 172.67.223.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trojancode5.amirhoosein1383h.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.223.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jun 2024 08:39:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66729944-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCOHtZOUYr7ZL00ZiNEc502gWHW5fdTbjs4RrMEUfytbCrKKDGkz3gqfVY19kaerCssY58v0FXl9APCjZdb8%2BsEQ7Y3gQOO%2Fg0Z%2BvLU4Uy8EhaF7uNoVV1dbeCvS%2BkmkvI3nXZsEIEx3VRgJ0HPufbIlPXAQ9n1kp2ae"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8980937f089a6ade-FRA
expires: Tue, 25 Jun 2024 01:06:33 GMT

GET
H2 200 vendors.min.js Show response
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/js/ 241 KB
67 KB 1472ms
1469ms Script
application/javascript 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/js/vendors.min.js

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

cde159de35b60239492e3d37619608cdbabd772d7ba8e413847c8547e18cd643

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-rocket-nginx-serving-static: MISS
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: W/"667264f7-3c555"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 script.js Show response
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/js/ 249 KB
49 KB 4623ms
4620ms Script
application/javascript 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/js/script.js?ver=2.2.261

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

1365dc314f6fb5c6896109d6af82b95dbcbd7760d727219c86dab0a85421a486

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-rocket-nginx-serving-static: BYPASS
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: W/"667264f7-3e348"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H/1.1 200
OK 9 Show response
sdk.afrak.com/sdk/redirect/ 12 KB
3 KB 425ms
132ms Script
text/plain 185.116.161.98
GWSN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.afrak.com/sdk/redirect/9
Requested by: Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.116.161.98 Tehran, Iran, Islamic Republic Of, ASN61173 (GWSN-AS, IR),
Reverse DNS: static.98.161.116.185.clients.irandns.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 36827e3d6d1397eb60fd8ffb0b950260cfb7b4c47572ce18202eb9d954e16007

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 01:06:33 GMT
Content-Encoding: br
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin,Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 2839

GET
H2 200 index.js Show response
www.iranicard.ir/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 6010ms
6008ms Script
application/javascript 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-rocket-nginx-serving-static: BYPASS
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:42:53 GMT
server: nginx/1.24.0
etag: W/"65ffbd5d-2cf9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 index.js Show response
www.iranicard.ir/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 6011ms
6008ms Script
application/javascript 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-rocket-nginx-serving-static: BYPASS
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:42:53 GMT
server: nginx/1.24.0
etag: W/"65ffbd5d-32fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 319 KB
106 KB 669ms
166ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NC3V59T

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d18c253e1432b68f15564a436a61d14009291d7be9854fe01549d274bddc4b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107970
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Jun 2024 01:06:34 GMT

GET
H2 206 Iranicard.mp4
www.iranicard.ir/wp-content/uploads/2023/03/ 46 KB
0 5994ms
5994ms Media
video/mp4 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/uploads/2023/03/Iranicard.mp4

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
Content-Range: bytes 0-38348794/38348795
x-rocket-nginx-serving-static: MISS
Content-Length: 38348795
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Mar 2023 09:40:35 GMT
server: nginx/1.24.0
etag: "640c4c93-24927fb"
content-type: video/mp4
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 iranicard.woff
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/fonts/icons/fonts/ 311 KB
312 KB 428ms
155ms Font
font/woff 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/fonts/icons/fonts/iranicard.woff?g7phw3
Requested by: Host: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/vendors.min.css?ver=1.1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: a35484d68c7d8163ee58f7ee0c60a4f7d31f6b07455006804963756858f892c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/vendors.min.css?ver=1.1.2
Origin: https://trojancode5.amirhoosein1383h.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: "667264f7-4dc60"
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 318560
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 estedad-fd-var.woff2
www.iranicard.ir/wp-content/themes/iranicard_v2/assets/fonts/estedad/fd/ 114 KB
114 KB 894ms
621ms Font
font/woff2 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/fonts/estedad/fd/estedad-fd-var.woff2
Requested by: Host: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/style.css?ver=2.2.261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: d9d9ab2e516764239708c51d487f45d6ce23d13045eb3ee3719eecfd04c8ede7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.iranicard.ir/wp-content/themes/iranicard_v2/assets/css/style.css?ver=2.2.261
Origin: https://trojancode5.amirhoosein1383h.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:34 GMT
last-modified: Wed, 19 Jun 2024 04:56:23 GMT
server: nginx/1.24.0
etag: "667264f7-1c8a8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 116904
expires: Mon, 24 Jun 2024 01:06:34 GMT

GET
H2 200 %D8%B4%D9%85%D8%A7%D8%B1%D9%87-%DA%A9%D8%A7%D8%B1%D8%AA-%D9%85%D8%AC%D8%A7%D8%B2%DB%8C.png
www.iranicard.ir/wp-content/uploads/2024/06/ 161 KB
162 KB 5906ms
5903ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%DA%A9%D8%A7%D8%B1%D8%AA-%D9%85%D8%AC%D8%A7%D8%B2%DB%8C.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0ce39d3c4152da7513f64c6a2836ca1faf7783509485fd0a7b52afe32b0a6e19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 164836
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 16 Jun 2024 11:26:35 GMT
server: nginx/1.24.0
etag: "666ecbeb-283e4"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 money.png
www.iranicard.ir/wp-content/uploads/2024/04/ 2 KB
3 KB 5906ms
5903ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/04/money.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

792206f184ce0e9fc41fd6f6d67b60f835301715a843533c7594b0063a1a69c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 2137
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2024 05:30:16 GMT
server: nginx/1.24.0
etag: "663081e8-859"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 glob-index.png
www.iranicard.ir/wp-content/uploads/2024/04/ 2 KB
2 KB 5906ms
5903ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/04/glob-index.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

12630ca4fa918ed13da400cfc9739471f9f92a9ea6b73f00e4788d78b9a2efba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 1973
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2024 05:30:14 GMT
server: nginx/1.24.0
etag: "663081e6-7b5"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 card-pop.png
www.iranicard.ir/wp-content/uploads/2024/04/ 1 KB
2 KB 5906ms
5903ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/04/card-pop.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

a7fc1a5197abda111c0790e859632582ff3b05e522b0d07c371b0bec1f4472bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 1502
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2024 05:30:12 GMT
server: nginx/1.24.0
etag: "663081e4-5de"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 browser.png
www.iranicard.ir/wp-content/uploads/2024/04/ 952 B
1 KB 5906ms
5904ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/04/browser.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

cde51716b9060754a63c4a3a9cffc8d07d3309d1b06debc16f608c4dffbea31d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 952
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2024 05:30:11 GMT
server: nginx/1.24.0
etag: "663081e3-3b8"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 1.png
www.iranicard.ir/wp-content/uploads/crypto/cache/coins/32x32/ 2 KB
2 KB 5905ms
5904ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/crypto/cache/coins/32x32/1.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 1573
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Nov 2023 17:00:24 GMT
server: nginx/1.24.0
etag: "6558eda8-625"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 1.svg
www.iranicard.ir/wp-content/uploads/crypto/cache/coins/charts/ 34 KB
5 KB 5905ms
5904ms Image
image/svg+xml 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iranicard.ir/wp-content/uploads/crypto/cache/coins/charts/1.svg?ver=1719103604
Requested by: Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 947fa4147ce6b69ce5943af2cd3889fad231323e33bc3ebb36273be54d47d998

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 00:46:45 GMT
server: nginx/1.24.0
etag: W/"66777075-8743"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 1027.png
www.iranicard.ir/wp-content/uploads/crypto/cache/coins/32x32/ 2 KB
2 KB 5906ms
5905ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/crypto/cache/coins/32x32/1027.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 1759
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Nov 2023 17:00:25 GMT
server: nginx/1.24.0
etag: "6558eda9-6df"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 1027.svg
www.iranicard.ir/wp-content/uploads/crypto/cache/coins/charts/ 34 KB
5 KB 5906ms
5905ms Image
image/svg+xml 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iranicard.ir/wp-content/uploads/crypto/cache/coins/charts/1027.svg?ver=1719103604
Requested by: Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 3602af5a6a730327bc42bd08407aa58899511ce1ba857b3985dd0e2a73f502a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 00:46:56 GMT
server: nginx/1.24.0
etag: W/"66777080-874d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
104 KB 170ms
169ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-94SQ5MKLB2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC3V59T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b44fbc328add359a8ed5a68d53c8b8f4eb27e4dc110c1cb71d709903dd59086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 01:06:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
93 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11298879900&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC3V59T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d123474d0069208f911b88f57a49a39b53dcdcced42b8473661bef61280b859d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95559
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Jun 2024 01:06:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 292ms
104ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC3V59T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 00:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 23 Jun 2024 02:29:07 GMT

GET
H2 200 rg.complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/ 98 KB
22 KB 262ms
77ms Script
application/javascript 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/rg.complete.js?v=20240502303

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

07b1fc9045ad66a404d4bba687c21814b29d6c198ced403787b0a54b9c8f34ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:34 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: HIT
last-modified: Thu, 09 May 2024 07:07:02 GMT
server: Delivery
x-amz-request-id: tx0000048f3ce95d9318923-00667724ee-9ede900-default
etag: W/"c5f0b46d354b45f03683157f451d9688"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-encoding: br
x-rgw-object-type: Normal
cache-control: public, max-age=3600
x-zrk-us: 200
x-zrk-sn: 3001

GET
H2 200 g38webjbpa Show response
www.clarity.ms/tag/ 1 KB
1 KB 460ms
158ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/g38webjbpa?ref=gtm2
Requested by: Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 280fb3e7e65fa642b4522206d68f88b23c4cd820cbf5bdb43a55dd1daefe4e06

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sun, 23 Jun 2024 01:06:35 GMT
x-azure-ref: 20240623T010635Z-17d856f5577pvl7r1409hunabg0000000690000000001zya
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1056
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 315ms
91ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-94SQ5MKLB2&gtm=45je46j0v884547907z8831792580za200zb831792580&_p=1719104793382&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=577171765.1719104795&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719104794&sct=1&seg=0&dl=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&dt=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=7049&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94SQ5MKLB2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trojancode5.amirhoosein1383h.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
271 B 400ms
176ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-94SQ5MKLB2&cid=577171765.1719104795&gtm=45je46j0v884547907z8831792580za200zb831792580&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94SQ5MKLB2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trojancode5.amirhoosein1383h.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 306ms
96ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94SQ5MKLB2&cid=577171765.1719104795&gtm=45je46j0v884547907z8831792580za200zb831792580&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=811666637

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
225 B 97ms
96ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1686249901&t=pageview&_s=1&dl=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ul=de-de&de=UTF-8&dt=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=826435247&gjid=153909946&cid=577171765.1719104795&tid=UA-171257281-1&_gid=4258623.1719104795&_r=1&_slc=1&gtm=45He46j0n81NC3V59Tv831792580za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=402316432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trojancode5.amirhoosein1383h.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
428 B 338ms
159ms XHR
application/json 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=ksNCS0fs

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/rg.complete.js?v=20240502303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:35 GMT
strict-transport-security: max-age=0
x-zrk-cs: BYPASS
x-zrk-us: 200
x-zrk-sn: 3001
content-length: 5
pragma: no-cache
server: Delivery
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://trojancode5.amirhoosein1383h.workers.dev
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: Authorization
expires: 0

GET
H2 200 /
ua.yektanet.com/cookie/iframe/ Frame D5C5 0
0 307ms
154ms Document
text/html 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/cookie/iframe/

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/rg.complete.js?v=20240502303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: br
content-type: text/html
date: Sun, 23 Jun 2024 01:06:35 GMT
expires: 0
last-modified: Sunday, 23-Jun-2024 01:06:35 GMT
pragma: no-cache
server: Delivery
strict-transport-security: max-age=0
vary: Accept-Encoding
x-zrk-cs: BYPASS
x-zrk-sn: 3001
x-zrk-us: 200

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
661 B 366ms
195ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=e964a991-812a-4bf4-9180-3db354af20a3&abj=0&aed=adv&abh=38810&sv=3&st=rg.complete.js&ac=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ae=%7B%7D&ad=trojancode5.amirhoosein1383h.workers.dev&as=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&aef=ksNCS0fs&aec=62198&ai=19d8aca0-e04e-24d4-3897-c090a9234871&abw=1600&abb=10169&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/rg.complete.js?v=20240502303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:35 GMT
strict-transport-security: max-age=0
last-modified: Sunday, 23-Jun-2024 01:06:35 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 3001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
660 B 365ms
196ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=a6604387-0ffd-40d3-ac54-264665f6a119&abj=1&aed=adv&abh=38810&sv=3&st=rg.complete.js&psc=396&psi=6757&ac=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ae=%7B%7D&ad=trojancode5.amirhoosein1383h.workers.dev&as=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&aef=ksNCS0fs&aec=62198&ai=19d8aca0-e04e-24d4-3897-c090a9234871&abw=1600&abb=10169&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/rg.complete.js?v=20240502303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:35 GMT
strict-transport-security: max-age=0
last-modified: Sunday, 23-Jun-2024 01:06:35 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 3001
content-length: 42
expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 154ms
154ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/g38webjbpa?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:35 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240623T010635Z-17d856f5577pvl7r1409hunabg0000000690000000001zyk
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 949203f2-601e-0050-0434-c2ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 77ms
77ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1686249901&t=event&ni=1&_s=2&dl=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ul=de-de&de=UTF-8&dt=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=cm06am&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=577171765.1719104795&tid=UA-171257281-1&_gid=4258623.1719104795&gtm=45He46j0n81NC3V59Tv831792580za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd3=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fg38webjbpa%2Fz2dppo%2Fcm06am&npa=1&z=1733158949

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 11:44:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48107
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
304 B 833ms
330ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://trojancode5.amirhoosein1383h.workers.dev
Date: Sun, 23 Jun 2024 01:06:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
660 B 162ms
160ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=I&abf=080657ad-79ba-4f2e-8dce-ad56a349d406&abj=0&aed=adv&abh=38810&sv=3&st=rg.complete.js&ac=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ae=%7B%7D&ad=trojancode5.amirhoosein1383h.workers.dev&ba=85e3f3f6-67f20-09369-93348-8a7289c4fdbf2&as=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&aef=ksNCS0fs&aec=62198&ai=19d8aca0-e04e-24d4-3897-c090a9234871&abw=1600&abb=10286&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/rg.complete.js?v=20240502303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:38 GMT
strict-transport-security: max-age=0
last-modified: Sunday, 23-Jun-2024 01:06:38 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 3001
content-length: 42
expires: 0

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
304 B 170ms
169ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://trojancode5.amirhoosein1383h.workers.dev
Date: Sun, 23 Jun 2024 01:06:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://trojancode5.amirhoosein1383h.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 %D8%B4%D9%85%D8%A7%D8%B1%D9%87-%DA%A9%D8%A7%D8%B1%D8%AA-%D9%85%D8%AC%D8%A7%D8%B2%DB%8C.png
www.iranicard.ir/wp-content/uploads/2024/06/ 161 KB
0 162ms
162ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%DA%A9%D8%A7%D8%B1%D8%AA-%D9%85%D8%AC%D8%A7%D8%B2%DB%8C.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0ce39d3c4152da7513f64c6a2836ca1faf7783509485fd0a7b52afe32b0a6e19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:33 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 16 Jun 2024 11:26:35 GMT
server: nginx/1.24.0
etag: "666ecbeb-283e4"
content-type: image/png
x-rocket-nginx-serving-static: MISS
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 164836
x-xss-protection: 1; mode=block
expires: Mon, 24 Jun 2024 01:06:33 GMT

GET
H2 200 Ai.png
www.iranicard.ir/wp-content/uploads/2024/06/ 211 KB
212 KB 1638ms
1633ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/Ai.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

c403c4bd8c452714f8852f081115d5c3efeafacbc262afe0984384369d730a01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 216498
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jun 2024 08:46:19 GMT
server: nginx/1.24.0
etag: "66680edb-34db2"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 %D8%AE%D8%B1%DB%8C%D8%AF-%DA%AF%DB%8C%D9%81%D8%AA-%DA%A9%D8%A7%D8%B1%D8%AA-.-2.png
www.iranicard.ir/wp-content/uploads/2024/06/ 59 KB
60 KB 1638ms
1633ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/%D8%AE%D8%B1%DB%8C%D8%AF-%DA%AF%DB%8C%D9%81%D8%AA-%DA%A9%D8%A7%D8%B1%D8%AA-.-2.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

e70813397f4c0fb6a2df17b7393aacc5657f2e65d70cf02a0edc30a734659e78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 60733
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jun 2024 08:46:12 GMT
server: nginx/1.24.0
etag: "66680ed4-ed3d"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 paypal.png
www.iranicard.ir/wp-content/uploads/2024/06/ 128 KB
128 KB 1638ms
1634ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/paypal.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0cdf1931b8fbd8a7d129090223040865fac2a9ff02e4fa1c0ef61b78695c9c90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 130732
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jun 2024 08:46:15 GMT
server: nginx/1.24.0
etag: "66680ed7-1feac"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 App-.-2.png
www.iranicard.ir/wp-content/uploads/2024/06/ 122 KB
122 KB 1638ms
1634ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/App-.-2.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

a88e67e39fddc1f157ba78a25486c9e7cef8e34e91eb429d2b56c6b82460ea54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 124774
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jun 2024 08:46:22 GMT
server: nginx/1.24.0
etag: "66680ede-1e766"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 pate-1.png
www.iranicard.ir/wp-content/uploads/2022/07/ 3 KB
3 KB 1639ms
1635ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2022/07/pate-1.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

f903df8fec54f259ce6b4f0f8d1d657164c6ab50262a9d6c651d169dff13af13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 2672
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 20:43:47 GMT
server: nginx/1.24.0
etag: "62fc0183-a70"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 AfrakLogo-1.png
www.iranicard.ir/wp-content/uploads/2022/07/ 10 KB
10 KB 1639ms
1635ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2022/07/AfrakLogo-1.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

d04d2f334836872e72579a4303b15efb40359ad3bfdf833534a6c52214ae4351

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 10128
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 20:43:47 GMT
server: nginx/1.24.0
etag: "62fc0183-2790"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 Axha-1.png
www.iranicard.ir/wp-content/uploads/2022/07/ 22 KB
22 KB 1639ms
1635ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2022/07/Axha-1.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

64d99afa951df4b6610372772e375fcd446bb6321c3406c9ae3fefdb282b4255

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 22500
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 20:43:47 GMT
server: nginx/1.24.0
etag: "62fc0183-57e4"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 shepa-1.png
www.iranicard.ir/wp-content/uploads/2022/07/ 4 KB
4 KB 1640ms
1636ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2022/07/shepa-1.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

fad15186cb4f148e93918d35c7c451f63e6fe204da36bb0ba503c1448403f8af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 3659
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 20:43:48 GMT
server: nginx/1.24.0
etag: "62fc0184-e4b"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 paliz-company.png
www.iranicard.ir/wp-content/uploads/2024/01/ 6 KB
6 KB 1645ms
1641ms Image
image/png 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/01/paliz-company.png

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0e61fd2eb6880f87120c604f56c4fafd6a035b377a606b1f7926530316522727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 5638
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 Jan 2024 11:31:48 GMT
server: nginx/1.24.0
etag: "65993a24-1606"
content-type: image/png
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 zksync-airdrop-news-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 26 KB
26 KB 1645ms
1641ms Image
image/webp 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/zksync-airdrop-news-415x285.webp

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

d8356dee370e4bf82c478a7bee8a89d19c587b9b5533c27ddadcf3e341ad42ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 26560
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jun 2024 12:38:03 GMT
server: nginx/1.24.0
etag: "66717fab-67c0"
content-type: image/webp
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 hamster-daily-combo-3-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 35 KB
35 KB 1645ms
1642ms Image
image/webp 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/hamster-daily-combo-3-415x285.webp

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

6f076294c2ec6f649e4fb99c586ff82c3b3128ab1ca65612f45fa5b2388c7171

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 35758
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jun 2024 12:13:52 GMT
server: nginx/1.24.0
etag: "6672cb80-8bae"
content-type: image/webp
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET
H2 200 Morse-code-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 21 KB
0 1646ms
1642ms Image
image/webp 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iranicard.ir/wp-content/uploads/2024/06/Morse-code-415x285.webp

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rocket-nginx-serving-static: MISS
content-length: 47716
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jun 2024 13:34:37 GMT
server: nginx/1.24.0
etag: "6669a3ed-ba64"
content-type: image/webp
cache-control: max-age=86400
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:06:39 GMT

GET Last-chance-to-withdraw-notCoin-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 0
0

GET hamster-pre-market-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 0
0

GET Asias-First-Spot-Bitcoin-Ethereum-ETFs-Now-Live-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/04/ 0
0

GET Ethereum-Foundation-Wants-To-Use-AI-to-De-Risk-ETH-Ecosystem-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/04/ 0
0

GET Australias-top-exchange-may-approve-spot-Bitcoin-ETFs-this-year-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/04/ 0
0

GET Crypto-on-track-to-hit-1B-users-by-end-of-2025-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/04/ 0
0

GET Why-Ethereum-Is-Not-a-Security-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/04/ 0
0

GET Ethereum-Sees-Significant-Drop-in-Transaction-Fees-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/04/ 0
0

GET russia-crypto-ban-reinforce-ruble-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/04/ 0
0

GET zhaket-1.jpg
www.iranicard.ir/wp-content/uploads/2023/04/ 0
0

GET 05181e%D8%B3%D8%B3%D8%B3a8-196f-4a4e-8343%DB%8C-42b636824886.png
www.iranicard.ir/wp-content/uploads/2022/12/ 0
0

GET 05181ea8-196f-4%D8%ABa4e-8343-42b636824886-copy.jpg
www.iranicard.ir/wp-content/uploads/2022/12/ 0
0

GET Untitled-1.jpg
www.iranicard.ir/wp-content/uploads/2023/04/ 0
0

GET chamedoon.jpg
www.iranicard.ir/wp-content/uploads/2023/02/ 0
0

GET 05181ea8-196f-4a4e-8343%DB%8C-%D8%AB42b636824886.png
www.iranicard.ir/wp-content/uploads/2022/12/ 0
0

GET 05181ea%D8%B38-196f-4a4e-8343%DB%8C-42b636824886.png
www.iranicard.ir/wp-content/uploads/2022/12/ 0
0

GET 05181ea8-196f-4a4e-8343%DB%8C-42b%D9%84636824886.png
www.iranicard.ir/wp-content/uploads/2022/12/ 0
0

GET 05181ea8-196f-4a4e-8343%DB%8C-42b636824886.png
www.iranicard.ir/wp-content/uploads/2022/12/ 0
0

GET hamster-combat-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 0
0

GET the-best-foreign-freelance-sites-1-415x285.jpg
www.iranicard.ir/wp-content/uploads/2019/02/ 0
0

GET The-best-Netflix-series-415x285.jpg
www.iranicard.ir/wp-content/uploads/2024/06/ 0
0

GET what-is-zksync-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 0
0

GET Complete-Guide-to-Ledger-Wallet-Bluetooth-Connection-Problem-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 0
0

GET trust-wallet-metamask-415x285.webp
www.iranicard.ir/wp-content/uploads/2024/06/ 0
0

GET decentralized-exchanges-415x285.jpg
www.iranicard.ir/wp-content/uploads/2022/01/ 0
0

GET trust-min-415x285.jpg
www.iranicard.ir/wp-content/uploads/2021/12/ 0
0

GET iranicard-sign-in-415x285.jpg
www.iranicard.ir/wp-content/uploads/2022/02/ 0
0

GET webmoney-4-min-415x285.jpg
www.iranicard.ir/wp-content/uploads/2021/04/ 0
0

GET call-of-duty-415x285.jpg
www.iranicard.ir/wp-content/uploads/2020/05/ 0
0

GET photo_2020-01-28_19-42-38-1-415x285.jpg
www.iranicard.ir/wp-content/uploads/2020/04/ 0
0

GET
H3 200 local-messaging.css
van.najva.com/static/cdn/css/ 10 KB
2 KB 154ms
81ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/cdn/css/local-messaging.css?v=20240502303

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: HIT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000009957e008cb0dc66f-0066733afd-a11e6c4-default
age: 3511
content-encoding: br
x-zrk-us: 200
x-zrk-sn: 4002
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 16:31:31 GMT
server: cloudflare
etag: W/"20685ae09d2ce2a080031240f15c7725"
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P89ZvIHqk2IuxlsnKUwjaW6d4zqfjjl3UtOudrt3c9dM9IRXcaaLUzNb%2BsKu%2BV77JpCKXGJsYrNN8e4AOGYLYGo9KVz3f6s3K2dyYeNucso2x7CdBYDvLmefAD%2Fi0kc9"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
x-rgw-object-type: Normal
cache-control: public, max-age=14400
access-control-max-age: 10
cf-ray: 898093a74c37bba7-FRA
access-control-allow-headers: *
x-amz-meta-mtime: 1623484316

GET
H3 200 iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.js Show response
van.najva.com/static/js/scripts/ 176 KB
45 KB 177ms
105ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.js?v=20240502303

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3401ffdf7dfa1f7408a4398d9f7933392b433f495a976ac3667de5cab9320ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:39 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: REVALIDATED
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000f42800440bb6ac3b-006676b6e2-9ed6892-default
content-encoding: br
x-zrk-us: 200
x-zrk-sn: 3001
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jun 2024 03:30:38 GMT
server: cloudflare
etag: W/"5a4491346a8b2975229508c91103e668"
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwB2q1Di7GAGgLcGLL2CK8vUr85jwcBrq%2F6jjDZWaXsYZBOkLNVzNoWW3XrXSruCEV8oht9RMR7jebpGfQsAV9%2FRR28F9eUtTM4X%2F5aUjr8i94uRX6EDXrkYoNiGxh2n"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
x-rgw-object-type: Normal
cache-control: public, max-age=14400
access-control-max-age: 10
cf-ray: 898093a74c33bba7-FRA
access-control-allow-headers: *

POST admin-ajax.php
www.iranicard.ir/wp-admin/ 0
0

GET
H3 200 iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.json Show response
van.najva.com/static/js/scripts/ 3 KB
2 KB 238ms
159ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.json?v=2024-06-23T01

Requested by

Host: van.najva.com
URL: https://van.najva.com/static/js/scripts/iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.js?v=20240502303

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d961819acef7e51394c87a831604c791cb3036a35cf34a650f83d5b41260d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:40 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000bf932259ab1ecdb6-0066777520-9ede78c-default
content-encoding: zstd
x-zrk-us: 200
x-zrk-sn: 3001
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jun 2024 03:30:39 GMT
server: cloudflare
etag: W/"5cea8550a910537cc215188b5e631c61"
vary: Accept-Encoding, Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://trojancode5.amirhoosein1383h.workers.dev
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7J0Zo4vklfb1DJnp1sfqrS6l9ayw%2FXrNYnwrznkZuPMHVyjmaYFpv3DB88Xk0gFoFnqsmqsnr004RdkXhJQyncLJRMJfS2HTeM86r1wR3dOXL4jxcEqgRSBUT%2BA2ickS"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
x-rgw-object-type: Normal
cache-control: public, max-age=3600
access-control-max-age: 10
cf-ray: 898093a9c8c5bb7a-FRA
access-control-allow-headers: *

GET
H2 206 Iranicard.mp4
www.iranicard.ir/wp-content/uploads/2023/03/ 0
0 2608ms
1390ms Media
video/mp4 185.79.157.214
TCI

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iranicard.ir/wp-content/uploads/2023/03/Iranicard.mp4

Requested by

Host: trojancode5.amirhoosein1383h.workers.dev
URL: https://trojancode5.amirhoosein1383h.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.79.157.214 , Iran, Islamic Republic Of, ASN58224 (TCI, IR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Range: bytes=38273024-
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:41 GMT
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
Content-Range: bytes 38273024-38348794/38348795
x-rocket-nginx-serving-static: MISS
Content-Length: 75771
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Mar 2023 09:40:35 GMT
server: nginx/1.24.0
etag: "640c4c93-24927fb"
content-type: video/mp4
cache-control: max-age=86400
permissions-policy: interest-cohort=()
expires: Mon, 24 Jun 2024 01:06:41 GMT

GET
H2 200 complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v4/WFMvVhL7/ 57 KB
18 KB 88ms
87ms Script
application/javascript 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v4/WFMvVhL7/complete.js?v=2024-06-23T01

Requested by

Host: van.najva.com
URL: https://van.najva.com/static/js/scripts/iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.js?v=20240502303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

94b2095a6914a335077e417a72420468b197a9e5cc09d965ead8a675e516f6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:40 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: HIT
last-modified: Wed, 24 Apr 2024 17:16:19 GMT
server: Delivery
x-amz-request-id: tx000007df4a22197b00d45-00667773b7-9ed69e5-default
etag: W/"ee26be70d65859f07ed3e85ef4d26543"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-encoding: br
x-rgw-object-type: Normal
cache-control: public, max-age=3600
x-zrk-us: 200
x-zrk-sn: 3001

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
427 B 144ms
144ms XHR
application/json 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=WFMvVhL7

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/WFMvVhL7/complete.js?v=2024-06-23T01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:06:40 GMT
strict-transport-security: max-age=0
x-zrk-cs: BYPASS
x-zrk-us: 200
x-zrk-sn: 3001
content-length: 5
pragma: no-cache
server: Delivery
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://trojancode5.amirhoosein1383h.workers.dev
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: Authorization
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 156ms
156ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=847a334d-0fcf-488f-b0ae-ef33b86c6b82&abj=1&aed=pub&abh=&sv=4&st=complete.js&psc=120&psi=12517&ac=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ae=%7B%7D&ad=trojancode5.amirhoosein1383h.workers.dev&ba=85e3f3f6-67f20-09369-93348-8a7289c4fdbf2&as=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&aef=WFMvVhL7&aec=66197&ai=19d8aca0-e04e-24d4-3897-c090a9234871&abw=1600&abb=9702&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/WFMvVhL7/complete.js?v=2024-06-23T01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:40 GMT
strict-transport-security: max-age=0
last-modified: Sunday, 23-Jun-2024 01:06:40 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 3001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 151ms
151ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=E&abf=43912fc8-4fa0-4d77-8c5a-0e194cbcbc01&abj=0&aed=pub&abh=&sv=4&st=complete.js&ac=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ae=%7B%7D&ad=trojancode5.amirhoosein1383h.workers.dev&ba=85e3f3f6-67f20-09369-93348-8a7289c4fdbf2&as=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&aef=WFMvVhL7&aec=66197&ai=19d8aca0-e04e-24d4-3897-c090a9234871&abw=1600&abb=9702&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/WFMvVhL7/complete.js?v=2024-06-23T01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:40 GMT
strict-transport-security: max-age=0
last-modified: Sunday, 23-Jun-2024 01:06:40 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 3001
content-length: 42
expires: 0

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
304 B 147ms
147ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://trojancode5.amirhoosein1383h.workers.dev
Date: Sun, 23 Jun 2024 01:06:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H3 200 / Show response
cr.najva.com/api/v2/current/user/ 23 B
720 B 108ms
98ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cr.najva.com/api/v2/current/user/

Requested by

Host: van.najva.com
URL: https://van.najva.com/static/js/scripts/iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.js?v=20240502303

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b9005ceedcca3db16936099474837e084332d880ecd70d8d54d09ac0e0fcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 23 Jun 2024 01:06:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 23
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://trojancode5.amirhoosein1383h.workers.dev
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1skTrGspHuXvWuHSFXssvQDwmRZJl5dBAFR5OI%2FvRzOEwJ33EJWBnFFGvfSymsRRlFegq0hHam8zsJhS6gs%2BQZczjF3ek85nCuud99t0BEWLr3pYG7psJUdbZsqMIo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 898093b8f817bba7-FRA
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
660 B 146ms
146ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=I&abf=0e7d72c7-c46a-4e55-871a-cd744d37382a&abj=0&aed=pub&abh=&sv=4&st=complete.js&ac=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ae=%7B%7D&ad=trojancode5.amirhoosein1383h.workers.dev&ba=85e3f3f6-67f20-09369-93348-8a7289c4fdbf2&as=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&aef=WFMvVhL7&aec=66197&ai=19d8aca0-e04e-24d4-3897-c090a9234871&abw=1600&abb=9858&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/WFMvVhL7/complete.js?v=2024-06-23T01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:43 GMT
strict-transport-security: max-age=0
last-modified: Sunday, 23-Jun-2024 01:06:43 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 3001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
660 B 2541ms
2541ms Ping
image/gif 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=E&abf=347d5b38-962e-4ea7-9a67-1ed8469bf99b&abj=0&aed=adv&abh=38810&sv=3&st=rg.complete.js&ac=https%3A%2F%2Ftrojancode5.amirhoosein1383h.workers.dev%2F&ae=%7B%7D&ad=trojancode5.amirhoosein1383h.workers.dev&ba=85e3f3f6-67f20-09369-93348-8a7289c4fdbf2&as=%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%DA%A9%D8%A7%D8%B1%D8%AA%3A%20%D9%BE%DB%8C%D8%B4%DA%AF%D8%A7%D9%85%20%D8%AF%D8%B1%20%D9%86%D9%82%D8%AF%20%DA%A9%D8%B1%D8%AF%D9%86%20%D8%AF%D8%B1%D8%A2%D9%85%D8%AF%20%D9%88%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%E2%80%8C%20%D9%87%D8%A7%DB%8C%20%D8%A8%DB%8C%D9%86%20%D8%A7%D9%84%D9%85%D9%84%D9%84&aef=ksNCS0fs&aec=62198&ai=19d8aca0-e04e-24d4-3897-c090a9234871&abw=1600&abb=9858&aby=1600&abz=1200&al=1600&am=1200&abk=

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ybFR3m8J/rg.complete.js?v=20240502303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 01:06:47 GMT
strict-transport-security: max-age=0
last-modified: Sunday, 23-Jun-2024 01:06:47 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 3001
content-length: 42
expires: 0

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
304 B 430ms
430ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://trojancode5.amirhoosein1383h.workers.dev
Date: Sun, 23 Jun 2024 01:06:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 /
app.najva.com/cmif/ Frame 3499 0
0 307ms
228ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.najva.com/cmif/?website_id=16775

Requested by

Host: van.najva.com
URL: https://van.najva.com/static/js/scripts/iranicard304-website-16775-912c2428-b863-43ba-a58e-05e8a2b97dec.js?v=20240502303

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 898093e509db9164-FRA
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Sun, 23 Jun 2024 01:06:49 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDEIHATaPjGxWjG0OB0AC5ZvWcBj2rvNl2xOQba7I0N%2F0uy7i0I2inHlPOq5RVeFcQzKhs7fzeQ0lJ%2F7azgvnc7oyrswGt%2B9%2FG%2Fc4embuLFa4yhaWoys8VGhG2vSAhel"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-content-type-options: nosniff

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
304 B 159ms
158ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://trojancode5.amirhoosein1383h.workers.dev
Date: Sun, 23 Jun 2024 01:06:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
304 B 148ms
148ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://trojancode5.amirhoosein1383h.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://trojancode5.amirhoosein1383h.workers.dev
Date: Sun, 23 Jun 2024 01:06:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/06/Last-chance-to-withdraw-notCoin-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/06/hamster-pre-market-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/04/Asias-First-Spot-Bitcoin-Ethereum-ETFs-Now-Live-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/04/Ethereum-Foundation-Wants-To-Use-AI-to-De-Risk-ETH-Ecosystem-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/04/Australias-top-exchange-may-approve-spot-Bitcoin-ETFs-this-year-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/04/Crypto-on-track-to-hit-1B-users-by-end-of-2025-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/04/Why-Ethereum-Is-Not-a-Security-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/04/Ethereum-Sees-Significant-Drop-in-Transaction-Fees-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/04/russia-crypto-ban-reinforce-ruble-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2023/04/zhaket-1.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/12/05181e%D8%B3%D8%B3%D8%B3a8-196f-4a4e-8343%DB%8C-42b636824886.png

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/12/05181ea8-196f-4%D8%ABa4e-8343-42b636824886-copy.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2023/04/Untitled-1.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2023/02/chamedoon.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/12/05181ea8-196f-4a4e-8343%DB%8C-%D8%AB42b636824886.png

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/12/05181ea%D8%B38-196f-4a4e-8343%DB%8C-42b636824886.png

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/12/05181ea8-196f-4a4e-8343%DB%8C-42b%D9%84636824886.png

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/12/05181ea8-196f-4a4e-8343%DB%8C-42b636824886.png

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/06/hamster-combat-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2019/02/the-best-foreign-freelance-sites-1-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/06/The-best-Netflix-series-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/06/what-is-zksync-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/06/Complete-Guide-to-Ledger-Wallet-Bluetooth-Connection-Problem-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2024/06/trust-wallet-metamask-415x285.webp

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/01/decentralized-exchanges-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2021/12/trust-min-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2022/02/iranicard-sign-in-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2021/04/webmoney-4-min-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2020/05/call-of-duty-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-content/uploads/2020/04/photo_2020-01-28_19-42-38-1-415x285.jpg

Domain: www.iranicard.ir
URL: https://www.iranicard.ir/wp-admin/admin-ajax.php

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amirhoosein1383h.workers.dev/	1970-01-20 23:41:20	Name: _gcl_au Value: 1.1.1766247405.1719104795
.amirhoosein1383h.workers.dev/	1970-01-21 07:07:44	Name: _ga_94SQ5MKLB2 Value: GS1.1.1719104794.1.0.1719104794.60.0.0
.amirhoosein1383h.workers.dev/	1970-01-21 07:07:44	Name: _ga Value: GA1.3.577171765.1719104795
.amirhoosein1383h.workers.dev/	1970-01-20 21:33:11	Name: _gid Value: GA1.3.4258623.1719104795
.amirhoosein1383h.workers.dev/	1970-01-20 21:31:44	Name: _gat_UA-171257281-1 Value: 1
trojancode5.amirhoosein1383h.workers.dev/	1970-01-21 06:17:20	Name: analytics_token Value: 367ee20a-6766-19ba-0216-7ac04c633658
trojancode5.amirhoosein1383h.workers.dev/	1970-01-20 21:31:46	Name: analytics_session_token Value: 19d8aca0-e04e-24d4-3897-c090a9234871
trojancode5.amirhoosein1383h.workers.dev/	1970-01-20 21:33:11	Name: yektanet_session_last_activity Value: 6/23/2024
trojancode5.amirhoosein1383h.workers.dev/	1969-12-31 23:59:59	Name: _yngt_iframe Value: 1
www.clarity.ms/	1970-01-21 06:17:20	Name: CLID Value: 84c1c6814d774152ac4f30bc56c042ff.20240623.20250623
.yektanet.com/	1970-01-21 07:07:44	Name: gearbox_ad_token Value: 85e3f3f6-67f20-09369-93348-8a7289c4fdbf2
.yektanet.com/	1970-01-21 07:07:44	Name: analytics_global_token Value: 85e3f3f6-67f20-09369-93348-8a7289c4fdbf2
trojancode5.amirhoosein1383h.workers.dev/	1970-01-20 22:14:56	Name: _yngt Value: 85e3f3f6-67f20-09369-93348-8a7289c4fdbf2
.amirhoosein1383h.workers.dev/	1970-01-21 06:17:20	Name: _clck Value: z2dppo%7C2%7Cfmv%7C0%7C1635
.amirhoosein1383h.workers.dev/	1970-01-20 21:33:11	Name: _clsk Value: cm06am%7C1719104797420%7C1%7C1%7Cv.clarity.ms%2Fcollect
.najva.com/	1970-01-21 07:07:44	Name: najva_token Value: f84d164f-6811-46e2-9a07-15fad1c3dac2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://trojancode5.amirhoosein1383h.workers.dev/ Message: Access to XMLHttpRequest at 'https://www.iranicard.ir/wp-admin/admin-ajax.php' from origin 'https://trojancode5.amirhoosein1383h.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.iranicard.ir/wp-admin/admin-ajax.php Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.najva.com
audience.yektanet.com
cdn.yektanet.com
cr.najva.com
region1.analytics.google.com
sdk.afrak.com
stats.g.doubleclick.net
trojancode5.amirhoosein1383h.workers.dev
ua.yektanet.com
v.clarity.ms
van.najva.com
www.clarity.ms
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.iranicard.ir
www.iranicard.ir
142.250.186.67
142.250.186.78
172.67.223.221
185.116.161.98
185.166.104.3
185.166.104.4
185.79.157.214
188.114.97.3
20.114.189.135
2001:4860:4802:34::178
2001:4860:4802:34::36
2606:4700:3032::6815:2e31
2620:1ec:bdf::45
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9b
07b1fc9045ad66a404d4bba687c21814b29d6c198ced403787b0a54b9c8f34ca
0cdf1931b8fbd8a7d129090223040865fac2a9ff02e4fa1c0ef61b78695c9c90
0ce39d3c4152da7513f64c6a2836ca1faf7783509485fd0a7b52afe32b0a6e19
0e61fd2eb6880f87120c604f56c4fafd6a035b377a606b1f7926530316522727
12630ca4fa918ed13da400cfc9739471f9f92a9ea6b73f00e4788d78b9a2efba
1365dc314f6fb5c6896109d6af82b95dbcbd7760d727219c86dab0a85421a486
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f2a161dac4585791d92ad7e69e438840905a34ae0d0e6793346d1ca0f787384
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27876647e112ce83bd2041b6c5a8484996ebf641e512c6be5ec62cbba8b41f08
280fb3e7e65fa642b4522206d68f88b23c4cd820cbf5bdb43a55dd1daefe4e06
2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08
31b3e2d5b3a1469f5b7d756dc3fef627ebf462c8a9427f9f5d424fd4a44ee37f
3602af5a6a730327bc42bd08407aa58899511ce1ba857b3985dd0e2a73f502a4
36827e3d6d1397eb60fd8ffb0b950260cfb7b4c47572ce18202eb9d954e16007
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf
53b9005ceedcca3db16936099474837e084332d880ecd70d8d54d09ac0e0fcc5
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
64d99afa951df4b6610372772e375fcd446bb6321c3406c9ae3fefdb282b4255
6f076294c2ec6f649e4fb99c586ff82c3b3128ab1ca65612f45fa5b2388c7171
76abbe8f4505fa14b916c37643caff8622358c3907c5e1586f1c5252e8d938aa
792206f184ce0e9fc41fd6f6d67b60f835301715a843533c7594b0063a1a69c0
7976c87bab57f0149553940c7a363ce2ef157b3e433e19887bd1cff448feea9a
7b44fbc328add359a8ed5a68d53c8b8f4eb27e4dc110c1cb71d709903dd59086
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
947fa4147ce6b69ce5943af2cd3889fad231323e33bc3ebb36273be54d47d998
94b2095a6914a335077e417a72420468b197a9e5cc09d965ead8a675e516f6fd
94ba50750b216f529ef7ccad9c53d5da6efa33eac17b7e7cc26ebd6bdda47b91
a35484d68c7d8163ee58f7ee0c60a4f7d31f6b07455006804963756858f892c8
a6d961819acef7e51394c87a831604c791cb3036a35cf34a650f83d5b41260d2
a7fc1a5197abda111c0790e859632582ff3b05e522b0d07c371b0bec1f4472bd
a88e67e39fddc1f157ba78a25486c9e7cef8e34e91eb429d2b56c6b82460ea54
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c403c4bd8c452714f8852f081115d5c3efeafacbc262afe0984384369d730a01
cde159de35b60239492e3d37619608cdbabd772d7ba8e413847c8547e18cd643
cde51716b9060754a63c4a3a9cffc8d07d3309d1b06debc16f608c4dffbea31d
d04d2f334836872e72579a4303b15efb40359ad3bfdf833534a6c52214ae4351
d123474d0069208f911b88f57a49a39b53dcdcced42b8473661bef61280b859d
d18c253e1432b68f15564a436a61d14009291d7be9854fe01549d274bddc4b5e
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
d8356dee370e4bf82c478a7bee8a89d19c587b9b5533c27ddadcf3e341ad42ae
d9d9ab2e516764239708c51d487f45d6ce23d13045eb3ee3719eecfd04c8ede7
dbb409e0a26958ffa3c117493f4c20a7fd777308bd1880be65987714d4763bcf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70813397f4c0fb6a2df17b7393aacc5657f2e65d70cf02a0edc30a734659e78
ea2d09cba21bf377e88fe75313f88e6bd358d2689b4e62058c717acae59f5330
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3401ffdf7dfa1f7408a4398d9f7933392b433f495a976ac3667de5cab9320ff
f903df8fec54f259ce6b4f0f8d1d657164c6ab50262a9d6c651d169dff13af13
fad15186cb4f148e93918d35c7c451f63e6fe204da36bb0ba503c1448403f8af
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

trojancode5.amirhoosein1383h.workers.dev Open in urlscan Pro 2606:4700:3032::6815:2e31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

70 %HTTPS

40 %IPv6

11 Domains

16 Subdomains

16 IPs

5 Countries

1998 kBTransfer

4261 kBSize

16 Cookies

100 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trojancode5.amirhoosein1383h.workers.dev Open in urlscan Pro
2606:4700:3032::6815:2e31 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

70 %
HTTPS

40 %
IPv6

11
Domains

16
Subdomains

16
IPs

5
Countries

1998 kB
Transfer

4261 kB
Size

16
Cookies

105 HTTP transactions
1 data transactions