urlscan.io logo urlscan.io
SecurityTrails logo

www.banimode.com Open in urlscan Pro
185.143.234.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://banimode.ir/AX?id=1889042
Effective URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Submission: On April 15 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 22 domains to perform 103 HTTP transactions. The main IP is 185.143.234.101, located in Iran, Islamic Republic Of and belongs to ABRARVAN-AS AbrArvan CDN and IaaS, IR. The main domain is www.banimode.com. The Cisco Umbrella rank of the primary domain is 795508.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on June 10th 2020. Valid for: 2 years.
This is the only time www.banimode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.2.56.64 14618 (AMAZON-AES)
44 185.143.234.101 202468 (ABRARVAN-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 109.206.255.46 25264 (AADP)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 188.114.97.7 13335 (CLOUDFLAR...)
1 18.66.2.81 16509 (AMAZON-02)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 4 185.166.104.3 202319 (CAFEBAZAAR)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:1ec:27::... 8075 (MICROSOFT...)
1 185.147.178.24 44932 (SABAIDEA)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.222.236.63 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.40 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 185.191.77.170 51431 (IR-AVABAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 20.84.22.197 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 185.105.185.162 25264 (AADP)
4 45.94.254.24 48551 (SINDAD)
1 5.144.131.212 59441 (HOSTIRAN-...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
103 30
1    52.2.56.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: us-ip-2.short.io
banimode.ir
44    185.143.234.101 (Iran, Islamic Republic Of)

ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR)
www.banimode.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    109.206.255.46 (Iran, Islamic Republic Of)

ASN25264 (AADP, IR)
PTR: maknanet.com
cdn.sanjagh.com
1    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
s1.mediaad.org
3    188.114.97.7 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.yektanet.com
1    18.66.2.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-81.txl50.r.cloudfront.net
static.hotjar.com
3    2606:4700:4400::ac40:996f (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
4    185.166.104.3 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)
app.najva.com
van.najva.com
7    2606:4700::6812:1c5b (United States)

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
image.crisp.chat
1    2620:1ec:27::cafe:1485 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    185.147.178.24 (Iran, Islamic Republic Of)

ASN44932 (SABAIDEA, IR)
plus.sabavision.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:3034::ac43:dbca (United States)

ASN13335 (CLOUDFLARENET, US)
ma-cdn.pegah.tech
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net
vars.hotjar.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    185.191.77.170 (Iran, Islamic Republic Of)

ASN51431 (IR-AVABARID-AS, IR)
mediacdn.mediaad.org
2    2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)
in-automate.sendinblue.com
5    20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    185.105.185.162 (Iran, Islamic Republic Of)

ASN25264 (AADP, IR)
PTR: maknanet.com
api.sanjagh.com
4    45.94.254.24 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.org
api.mediaad.org
1    5.144.131.212 (Tehran, Iran, Islamic Republic Of)

ASN59441 (HOSTIRAN-NETWORK, IR)
PTR: 5-144-131-212.static.hostiran.name
app.raychat.io
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
44 banimode.com
www.banimode.com — Cisco Umbrella Rank: 795508
2 MB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1219
f.clarity.ms — Cisco Umbrella Rank: 2124
c.clarity.ms — Cisco Umbrella Rank: 637
25 KB
7 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 19250
image.crisp.chat — Cisco Umbrella Rank: 63235
146 KB
6 mediaad.org
s1.mediaad.org — Cisco Umbrella Rank: 62500
mediacdn.mediaad.org — Cisco Umbrella Rank: 51739
api.mediaad.org — Cisco Umbrella Rank: 62215
7 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 724
www.google.com — Cisco Umbrella Rank: 4
1020 B
4 najva.com
app.najva.com — Cisco Umbrella Rank: 48520
van.najva.com — Cisco Umbrella Rank: 53687
47 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5383
628 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
2 KB
3 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 26477
5 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 621
script.hotjar.com — Cisco Umbrella Rank: 818
vars.hotjar.com — Cisco Umbrella Rank: 999
67 KB
3 yektanet.com
cdn.yektanet.com — Cisco Umbrella Rank: 33079
3 sanjagh.com
cdn.sanjagh.com — Cisco Umbrella Rank: 95066
api.sanjagh.com — Cisco Umbrella Rank: 100859
20 KB
2 sendinblue.com
in-automate.sendinblue.com — Cisco Umbrella Rank: 28003
239 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
126 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 234
556 B
1 raychat.io
app.raychat.io — Cisco Umbrella Rank: 279283
88 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1199
5 KB
1 pegah.tech
ma-cdn.pegah.tech — Cisco Umbrella Rank: 75378
3 KB
1 sabavision.com
plus.sabavision.com — Cisco Umbrella Rank: 47936
4 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 104
15 KB
1 banimode.ir
banimode.ir
492 B
103 22
Domain Requested by
44 www.banimode.com www.banimode.com
6 client.crisp.chat www.banimode.com
client.crisp.chat
5 f.clarity.ms www.clarity.ms
f.clarity.ms
4 api.mediaad.org s1.mediaad.org
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.google.de www.banimode.com
3 sibautomation.com www.banimode.com
sibautomation.com
static.cloudflareinsights.com
3 cdn.yektanet.com www.banimode.com
app.najva.com
2 c.clarity.ms 1 redirects
2 api.sanjagh.com cdn.sanjagh.com
2 www.google.com www.banimode.com
2 in-automate.sendinblue.com sibautomation.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 van.najva.com www.banimode.com
app.najva.com
2 app.najva.com 1 redirects www.banimode.com
2 www.googletagmanager.com www.banimode.com
www.googletagmanager.com
1 c.bing.com 1 redirects
1 app.raychat.io www.banimode.com
1 image.crisp.chat www.banimode.com
1 mediacdn.mediaad.org s1.mediaad.org
1 static.cloudflareinsights.com sibautomation.com
1 vars.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 script.hotjar.com static.hotjar.com
1 ma-cdn.pegah.tech s1.mediaad.org
1 plus.sabavision.com www.googletagmanager.com
1 www.clarity.ms www.banimode.com
1 static.hotjar.com www.banimode.com
1 s1.mediaad.org www.googletagmanager.com
1 cdn.sanjagh.com www.banimode.com
1 www.googleadservices.com www.googletagmanager.com
1 banimode.ir 1 redirects
103 33

This site contains links to these domains. Also see Links.

Domain
bnmd.org
Subject Issuer Validity Valid
*.banimode.com
Certum Domain Validation CA SHA2		 2020-06-10 -
2022-06-09		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
sanjagh.com
R3		 2022-02-26 -
2022-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
app.najva.com
R3		 2022-03-05 -
2022-06-03		 3 months crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.sabavision.com
Certum Domain Validation CA SHA2		 2022-02-14 -
2023-02-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
mediaad.org
R3		 2022-03-22 -
2022-06-20		 3 months crt.sh
sendinblue.com
Cloudflare Inc ECC CA-3		 2021-09-29 -
2022-09-28		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
van.najva.com
R3		 2022-03-01 -
2022-05-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.mediaad.org
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.raychat.io
Certum Domain Validation CA SHA2		 2021-09-08 -
2022-09-08		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Frame ID: B69880855687C45FCC26A5421A1D1C89
Requests: 68 HTTP requests in this frame

Frame: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Frame ID: 40810112D8A9E24F5B7805CE67905DB5
Requests: 26 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=529kytwk8kjj18l430cvhsof
Frame ID: EDFC94057796E24D6CF7E488ED31EB23
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 74F8646DD92A5F1947B7F28320A53833
Requests: 1 HTTP requests in this frame

Frame: https://mediacdn.mediaad.org/static/fingerprint.html
Frame ID: E02FD49FCE0777E8A44AF84F4E486482
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

رمضان مبارک

Page URL History Show full URLs

  1. https://banimode.ir/AX?id=1889042 HTTP 302
    https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramada... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • app\.raychat\.io/scripts/js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

97 %
HTTPS

48 %
IPv6

22
Domains

33
Subdomains

30
IPs

6
Countries

2418 kB
Transfer

4172 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://banimode.ir/AX?id=1889042 HTTP 302
    https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://app.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509 HTTP 301
  • https://van.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509
Request Chain 92
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=08AD08573DC74801A310C247569EE6BB&RedC=c.clarity.ms&MXFR=172E91198BCB642C331F809E8FCB6AF8 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=08AD08573DC74801A310C247569EE6BB&MUID=00CE7EEC5CA36CDB2A296F6B5D286D6F

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.banimode.com/landing/ramadan1401/
Redirect Chain
  • https://banimode.ir/AX?id=1889042
  • https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
c6802da9e0c0fbdb86422b526dd9e1880c9f6516679736ce4cdc96c9584494e0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

ar-atime
0.416
ar-cache
BYPASS
ar-poweredby
Arvan Cloud (arvancloud.com)
ar-request-id
dfa314b9775bb2ee4aeb3ae9b33381e6
ar-sid
6150
content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 09:11:06 GMT
etag
W/"624d3f58-26f0"
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Date
Fri, 15 Apr 2022 09:11:05 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
connection
close
content-length
0
content-type
text/html; charset=utf-8
location
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
pragma
no-cache
x-content-type-options
nosniff
x-powered-by
Short.io link shortener
x-ratelimit-limit
50
x-ratelimit-remaining
49
x-ratelimit-reset
60
style.css
www.banimode.com/landing/ramadan1401/assets/css/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
59d0be357fc1f8f3b7712198b0c12964a5d535a809d2d8c273dad06379213e3a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Sun, 03 Apr 2022 09:27:31 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"62496883-d8d6"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=604800
ar-request-id
89e33ae0dcb5dcffc906e0493e8cb356
expires
Fri, 22 Apr 2022 09:11:06 GMT
banimode-extra.svg
www.banimode.com/landing/ramadan1401/assets/img/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/banimode-extra.svg?v1
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4b59b8f306d42c97e5ab58f027e0616808f98cd4feaabbfc2f5041d57f826a8f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624726cf-2f22"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=0
ar-request-id
851537ef7155adcafba314cd4c9fc471
expires
Fri, 15 Apr 2022 09:11:06 GMT
down-arrow.svg
www.banimode.com/landing/ramadan1401/assets/img/ 		315 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/down-arrow.svg
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
5b0aa82c6c9ea424ccf73494d91fbdd84ac7a792742c9d4b260a080613982984
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624726cf-13b"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=0
ar-request-id
607e5bb1930d3c06a583b50cd6d93454
expires
Fri, 15 Apr 2022 09:11:06 GMT
whatsapp.svg
www.banimode.com/landing/ramadan1401/assets/img/ 		859 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/whatsapp.svg
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
74ef58ce79d88e75a720e58ea11e81c741a4094bc1adfe3ee8014617d53d440e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624726cf-35b"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=0
ar-request-id
1e39d12e8a86abd39efffd1dafd831ee
expires
Fri, 15 Apr 2022 09:11:06 GMT
telegram.svg
www.banimode.com/landing/ramadan1401/assets/img/ 		853 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/telegram.svg
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0cff5dbd3a7712af7eaa5f1adb0c2688339ca3837ffb0277e83a73ff7269507f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624726cf-355"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=0
ar-request-id
027cd3cfda74ce61367b6389dd8487a9
expires
Fri, 15 Apr 2022 09:11:06 GMT
jquery.min.js
www.banimode.com/landing/ramadan1401/assets/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/assets/js/jquery.min.js
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624726cf-15851"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=604800
ar-request-id
e30d60cd70bd085c03819eeae3eacb9c
expires
Fri, 22 Apr 2022 09:11:06 GMT
script.js
www.banimode.com/landing/ramadan1401/assets/js/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/assets/js/script.js?v1.4
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
6736d2937ab00d7100be533fe5ba999a87ee6421121b881898612fd713881710
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
ar-atime
0.001
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Tue, 05 Apr 2022 11:42:48 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624c2b38-5f87"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=604800
ar-request-id
f33d4da7246c9ca292398041884936fe
expires
Fri, 22 Apr 2022 09:11:06 GMT
gtm.js
www.googletagmanager.com/ 		242 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PN2Q4QJ
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58504513ddc6cae789b4aa7e0d06d17a65fe0754805adbeaa6bdab5e4b1540f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61314
x-xss-protection
0
expires
Fri, 15 Apr 2022 09:11:06 GMT
background-desktop.png
www.banimode.com/landing/ramadan1401/assets/img/ 		424 KB
425 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/background-desktop.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
5322e837c30fddeb95d3d5b9456b59a41b790467ca1d54adbca6443188041b30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
content-length
434629
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624726cf-6a1c5"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
ar-request-id
c76855f0fe9708ad4b9281410466accc
expires
Sun, 15 May 2022 09:11:06 GMT
cloud.png
www.banimode.com/landing/ramadan1401/assets/img/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/cloud.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
ar-poweredby
Arvan Cloud (arvancloud.com)
ar-request-id
ea3078ba79c20900bdfb9a1a398e2b44
ar-atime
0.332
server
ArvanCloud
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/html
ar-sid
6150
content-encoding
gzip
Yekan-Bakh-FaNum-04-Regular.ttf
www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/Yekan-Bakh-FaNum-04-Regular.ttf
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
a090217342502f1a8968b9abbee3ab5e0c3ef07f85fc3c8fa3c467824f69d101
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
ar-atime
0.506
ar-cache
BYPASS
ar-sid
6150
content-length
60576
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624726cf-eca0"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/octet-stream
accept-ranges
bytes
ar-request-id
cc29bcca1669add765d05160e8e88045
Yekan-Bakh-FaNum-06-Bold.ttf
www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/Yekan-Bakh-FaNum-06-Bold.ttf
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
741b24435d3be7bd3fb577c51623c68fdf97533fbb13e2e6ce3b85d561fafba4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
x-content-type-options
nosniff
ar-atime
0.501
ar-cache
BYPASS
ar-sid
6150
content-length
60024
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624726cf-ea78"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/octet-stream
accept-ranges
bytes
ar-request-id
016134ff53df7c8d7b0319cd98a8b5f6
Yekan-Bakh-FaNum-08-Fat.ttf
www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/Yekan-Bakh-FaNum-08-Fat.ttf
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
b2e60cfbf27291ba89548982b0c7b8c0951e54eaafbf4d5a7121bd2bdb8f45cf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
ar-atime
0.507
ar-cache
BYPASS
ar-sid
6150
content-length
60300
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624726cf-eb8c"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/octet-stream
accept-ranges
bytes
ar-request-id
d215933cc11b54c69077692d008f2894
Yekan-Bakh-FaNum-07-Heavy.ttf
www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/assets/fonts/yekanbakhfanum/ttf/Yekan-Bakh-FaNum-07-Heavy.ttf
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
fe4be1ad7dcc5ab6c75f39e08a63a3730cebaa9ea8070b5814b56a755a2aeebe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
ar-atime
0.506
ar-cache
BYPASS
ar-sid
6150
content-length
60096
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624726cf-eac0"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/octet-stream
accept-ranges
bytes
ar-request-id
500854cfe35f130c8911514a94de9b5b
index.html
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 4081 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ef9260b2f30e5d92f8491ee3b82c2fcc843b3e6e4e2cba824e0a04b9377077e9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

ar-atime
0.416
ar-cache
BYPASS
ar-poweredby
Arvan Cloud (arvancloud.com)
ar-request-id
601a4e07e3db3d16bfc8ac3ea73e1526
ar-sid
6150
content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 09:11:06 GMT
etag
W/"624d3f58-12a6"
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
footer-bg.png
www.banimode.com/landing/ramadan1401/assets/img/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/footer-bg.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
ar-poweredby
Arvan Cloud (arvancloud.com)
ar-request-id
0f71b466e057746e85a53fbbfc763f85
ar-atime
0.429
server
ArvanCloud
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/html
ar-sid
6150
content-encoding
gzip
footer-bg-1.png
www.banimode.com/landing/ramadan1401/assets/img/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/footer-bg-1.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/assets/css/style.css?v1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
ar-poweredby
Arvan Cloud (arvancloud.com)
ar-request-id
7db63820ddaec0be90b1bcfa09a42a7a
ar-atime
0.425
server
ArvanCloud
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/html
ar-sid
6150
content-encoding
gzip
data.json
www.banimode.com/landing/ramadan1401/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/data.json?rand=16500138
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
7fa1c4f4b5bd359e458e625ae78b81f19e789ce1044afdb20969b87da75d183e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
ar-atime
0.416
ar-cache
BYPASS
ar-sid
6150
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 15 Apr 2022 09:10:07 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"6259366f-1473"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/json
ar-request-id
45d71166c6278eccf1465dc4ad587079
banner-desktop.png
www.banimode.com/landing/ramadan1401/assets/img/ 		411 KB
412 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/assets/img/banner-desktop.png?v1
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ffff784792f5753f193e34e95d94195521b4d1efcec879e6e47d573eb7f3d841
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
content-length
420994
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Fri, 01 Apr 2022 16:22:39 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624726cf-66c82"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
ar-request-id
5c5a100fb11ffc82bf38889683ed4bfc
expires
Sun, 15 May 2022 09:11:06 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PN2Q4QJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14892
x-xss-protection
0
server
cafe
etag
4605403730725282575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Apr 2022 09:11:06 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8RCKD3CZEY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PN2Q4QJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee7a7f895c1fcd7322019fe9421c4ffc0cf1c47a17bec069e1fc00be578e226c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67104
x-xss-protection
0
expires
Fri, 15 Apr 2022 09:11:06 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PN2Q4QJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3235
date
Fri, 15 Apr 2022 08:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 10:17:11 GMT
client.js
cdn.sanjagh.com/assets/sdk/www.banimode.com/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sanjagh.com/assets/sdk/www.banimode.com/client.js?t=20223159
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.206.255.46 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS
maknanet.com
Software
nginx /
Resource Hash
b6a655a617b533fb5d74ec978465914653a492232633a88bc01157153c049340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 08:18:26 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:43:15 GMT
server
nginx
age
3160
etag
W/"622b19b3-e747"
vary
Accept-Encoding
x-cache
hit cached
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-max-age=3600
accept-ranges
bytes
content-length
19836
retargeting.js
s1.mediaad.org/serve/1354/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.mediaad.org/serve/1354/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PN2Q4QJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7a61e400a00272683e9ee20ec19882ec68ef3adcba50f6d929e53c58b53dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
237
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 15 Apr 2022 09:07:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gvkqsdF6SHoYrrpuNuAombAg5vksFIH5DBmyHuRp8XCdl0tumhKytCfhtwM3kNK7T0NSF8%2BiWabRXO66Y%2BwUrmFoxnCj2F1zRCUesk1%2BU7ULrGsvFI9vVUQnOIIQ2gbuz5tmU%2By860Ck6xaPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-requested-with
cache-control
max-age=300, max-age=300
access-control-allow-credentials
false
cf-ray
6fc38d4bdb129104-FRA
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/LTaW5yQW/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v3/LTaW5yQW/rg.complete.js?v=20220301509
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.7 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/UZlcobuv/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v3/UZlcobuv/rg.complete.js?v=20220301509
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.7 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
hotjar-1585268.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1585268.js?sv=6
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-81.txl50.r.cloudfront.net
Software
/
Resource Hash
25e3aae5055f1a6cc768de14e36cc2fbb048f3ff9b44cdd8c9afbe93c0e40e29
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
4
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1957
access-control-allow-origin
*
x-cache-hit
1
etag
W/65427d2db0a06bac639c21b10fe3d7a0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
oyRC3ss-Y3pF-02F5R-ICZkJPRHHTUFoyHLrKlTiYb3AJDjWKktcBQ==
sa.js
sibautomation.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/sa.js?key=529kytwk8kjj18l430cvhsof
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5169
x-powered-by
Sails <sailsjs.com>
x-xss-protection
1
x-sib-server
SENDINBLUE-web1-2
cf-bgj
minify
server
cloudflare
etag
W/"299e-Oqdc/sHyy3ZjpqcfAHh17A4IfJQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-polished
origSize=10654
cf-ray
6fc38d4bf9a59b1c-FRA
expires
Fri, 15 Apr 2022 13:11:06 GMT
local-messaging.css
app.najva.com/static/css/ 		0
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.najva.com/static/css/local-messaging.css?v=20220301509
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Sotoon /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
x-zrk-cs
HIT
x-zrk-us
200
x-zrk-sn
frankfurt1
content-length
0
last-modified
Sun, 13 Jun 2021 15:40:37 GMT
server
Sotoon
etag
"60c626f5-0"
strict-transport-security
max-age=0
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
access-control-allow-credentials
true
accept-ranges
bytes, bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js
van.najva.com/static/js/scripts/
Redirect Chain
  • https://app.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509
  • https://van.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509
180 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://van.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Sotoon /
Resource Hash
20381a661aba69019ebf98716c3544ae53f75aa32fecd5081635a0b376c1d44b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-zrk-cs
REVALIDATED
x-amz-request-id
tx000000000000001897294-006258f4f4-1e3340d-default
x-zrk-us
206
strict-transport-security
max-age=0
x-zrk-sn
frankfurt1
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 27 Dec 2021 16:38:04 GMT
server
Sotoon
cache-control
public, max-age=300
etag
W/"c7b9582ad4aaaa5b6fd44ed56705a46c"
access-control-max-age
60
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-allow-headers
*
x-amz-meta-mtime
1640612980

Redirect headers

date
Fri, 15 Apr 2022 09:11:06 GMT
x-zrk-cs
HIT
server
Sotoon
strict-transport-security
max-age=0
content-type
text/html
location
https://van.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509
cache-control
public, max-age=300
x-zrk-us
301
accept-ranges
bytes
x-zrk-sn
frankfurt1
content-length
194
l.js
client.crisp.chat/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2220cd56bd8f9d4ed017081772412a82df72d7a93ea54058d1f76713316a146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
64429
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Apr 2022 15:16:43 GMT
server
cloudflare
etag
W/"62583adb-1ebf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
false
cf-ray
6fc38d4c0f925bf9-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sat, 16 Apr 2022 09:11:06 GMT
8ghdj2lrah
www.clarity.ms/tag/ 		682 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/8ghdj2lrah
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1485 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
642e8224ef11697254d79494de1937a13a1bf1bc7b1ab1bcd638d5d1e1b906ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
x-powered-by
ASP.NET
x-azure-ref
0qzZZYgAAAAD7nHJMD7lfS4TJXxKlJWRlQkVSMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
events.min.js
plus.sabavision.com/dmp/dox/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plus.sabavision.com/dmp/dox/events.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PN2Q4QJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software
nginx /
Resource Hash
a632dc684383a269349fee1d320cba350a64be6616f1863c615158072d073fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:06 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 10:20:06 GMT
server
nginx
etag
W/"62136756-2aa9"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-upstream
0
cache-control
max-age=2592000
expires
Sun, 15 May 2022 09:11:06 GMT
collect
analytics.google.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8RCKD3CZEY&gtm=2oe4d0&_p=369526021&sr=1600x1200&_z=ccd.ICB&_gaz=1&ul=en-us&cid=501035572.1650013868&_s=1&dl=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&dt=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&sid=1650013868&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RCKD3CZEY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.banimode.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8RCKD3CZEY&cid=501035572.1650013868&gtm=2oe4d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RCKD3CZEY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.banimode.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8RCKD3CZEY&cid=501035572.1650013868&gtm=2oe4d0&aip=1&z=1166657180
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advertiser.json
ma-cdn.pegah.tech/v1/retargeting/1354/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma-cdn.pegah.tech/v1/retargeting/1354/advertiser.json
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/1354/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dbca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a5b4c04ad20eb35d6e1cae06bc87d024c4f9308a04b178b6be0dd71dae4335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 15 Apr 2022 09:07:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8i1KU4wxrsAZsGQjoiyoNNuYIkZAuVXU03B5bdEy9j6I3MofuMAi8cRx5egoDM0haK3SLO4rjhm8U%2FSbNmgfKRIhz717Fbcn93BiGt2kDtWZI2rXKv%2FP7fSrwdyghxJEiuXG7A2I88InnMAqZjB6Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-requested-with
cache-control
max-age=14400
access-control-allow-credentials
false
cf-ray
6fc38d4ce826900a-FRA
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
modules.0076bf93c385ddf0ff58.js
script.hotjar.com/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1585268.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 10:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
166921
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63817
access-control-allow-origin
*
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
etag
"838915b4bc2438e3190a8320d0520962"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
1xX98u_ipM3pCIJHNmCQbQYF9uz9YtMR0OG5n5ireVhWkfE647fuHw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/320730577/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320730577/?random=1650013868506&cv=9&fst=1650013868506&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&tiba=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71602c21ef83348fd4cc0925ffde8d0b3c172abf2ad40f26d81433f516a6c4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm.html
sibautomation.com/ Frame EDFC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?key=529kytwk8kjj18l430cvhsof
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=529kytwk8kjj18l430cvhsof
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
22c7b0baea90dd328515c30eedec7c49fec7ede97a0adc74a6362ab19d950f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.banimode.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2495
cache-control
public, max-age=7200
cf-apo-via
origin,host
cf-cache-status
HIT
cf-ray
6fc38d4c9aef9b1c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 09:11:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 15 Apr 2022 11:11:06 GMT
last-modified
Fri, 15 Apr 2022 08:29:31 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Sails <sailsjs.com>
x-sib-server
SENDINBLUE-web2-2
x-xss-protection
1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=369526021&t=pageview&_s=1&dl=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&ul=en-us&de=UTF-8&dt=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=749538424&gjid=2097701971&cid=501035572.1650013868&tid=UA-105066997-1&_gid=2092072911.1650013869&_r=1&gtm=2wg4d0PN2Q4QJ&z=739313152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.banimode.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
client.js
client.crisp.chat/static/javascripts/ 		376 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?b554d3d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e24863e727246d7d9acf71a82fb75ac38fe93ac6ba2e30042050c19caf7481
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
64430
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Apr 2022 15:16:42 GMT
server
cloudflare
etag
W/"62583ada-5e07e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
6fc38d4d69c168f7-FRA
access-control-allow-headers
Content-Type, Origin
expires
Mon, 12 Apr 2032 09:11:07 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		328 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?b554d3d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b9b0332ed8ff7be9e2ece033679de843a6635788714828637e3f43d27bb860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
64430
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Apr 2022 15:16:43 GMT
server
cloudflare
etag
W/"62583adb-521eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
6fc38d4d69c468f7-FRA
access-control-allow-headers
Content-Type, Origin
expires
Mon, 12 Apr 2032 09:11:07 GMT
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame 74F8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1585268.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-40.fra60.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://www.banimode.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166921
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id
zhcHeAOMFGLpQ1vxJGJ9l6ws12wUQZcSiAY5VoDyOCbj66_YcUHvLg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
animate.min.css
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 4081 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/animate.min.css
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
30d32919e3207b4cf9419f54395955fdb714e60f3c23c69c5c3248d6de22f2f5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624d3f58-d141"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=604800
ar-request-id
17b1289475d78cbf209e9ea8b6212d68
expires
Fri, 22 Apr 2022 09:11:07 GMT
jquery-3.4.1.min.js
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 4081 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/jquery-3.4.1.min.js
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
ar-atime
0.001
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624d3f58-15851"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=604800
ar-request-id
9ca8b15dae159cfc20fc575ca1e3d0cf
expires
Fri, 22 Apr 2022 09:11:07 GMT
c2runtime.js
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 4081 		217 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/c2runtime.js
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4421b70d090d7d96bb9e8a668eba6f2becc17e9dcca6049d032dd382a3336881
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624d3f58-364f0"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=604800
ar-request-id
ef28d96dc5a20371e15f9f68cfc698c8
expires
Fri, 22 Apr 2022 09:11:07 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105066997-1&cid=501035572.1650013868&jid=749538424&gjid=2097701971&_gid=2092072911.1650013869&_u=YADAAEAAAAAAAC~&z=431169936
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Apr 2022 09:11:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.banimode.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame EDFC 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=529kytwk8kjj18l430cvhsof
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://sibautomation.com/
Origin
https://sibautomation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6fc38d4f4e709277-FRA
fingerprint.html
mediacdn.mediaad.org/static/ Frame E02F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediacdn.mediaad.org/static/fingerprint.html
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/1354/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.191.77.170 , Iran, Islamic Republic Of, ASN51431 (IR-AVABARID-AS, IR),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
ebe4d507c5654de52a9b6151395ece02c052524e65c080499b89e0410d34b995

Request headers

Referer
https://www.banimode.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 09:11:07 GMT
etag
W/"608845bc-ec5"
expires
Sat, 16 Apr 2022 09:11:07 GMT
last-modified
Tue, 27 Apr 2021 17:11:24 GMT
server
nginx/1.17.6
x-cache-status
HIT
cm
in-automate.sendinblue.com/ Frame EDFC 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/cm?uuid=5373428f-434a-4372-a974-c0e4bedd7e24&key=529kytwk8kjj18l430cvhsof&cuid=ca4f62d5-4214-4642-afa4-a980b77770cd
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=529kytwk8kjj18l430cvhsof
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
6fc38d4f48fc906d-FRA
clarity.js
f.clarity.ms/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8ghdj2lrah
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
etag
"1d84ac37b962954"
last-modified
Thu, 07 Apr 2022 21:07:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.json
van.najva.com/static/js/scripts/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://van.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.json?v=2022-04-15T09
Requested by
Host: app.najva.com
URL: https://app.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Sotoon /
Resource Hash
e6aad2869c3c72ddf30f5b03b47ed66866f1196cca111b9dc943c3fc9321df88
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-zrk-cs
HIT
x-amz-request-id
tx0000000000000018d6584-0062592807-1e333dd-default
x-zrk-us
206
strict-transport-security
max-age=0
x-zrk-sn
frankfurt1
vary
Accept-Encoding, Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 27 Dec 2021 16:38:04 GMT
server
Sotoon
cache-control
public, max-age=300
etag
W/"bb0df4ce8f49817520b66de05309cbce"
access-control-max-age
60
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
https://www.banimode.com
access-control-expose-headers
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-allow-headers
*
x-amz-meta-mtime
1640612980
/
www.google.com/pagead/1p-user-list/320730577/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/320730577/?random=1650013868506&cv=9&fst=1650013200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&tiba=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&async=1&fmt=3&is_vtc=1&random=707718731&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/320730577/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/320730577/?random=1650013868506&cv=9&fst=1650013200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&tiba=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&async=1&fmt=3&is_vtc=1&random=707718731&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
client.crisp.chat/settings/website/c898e127-21c8-47f8-94f3-41f0616cfa2b/prelude/ 		79 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/c898e127-21c8-47f8-94f3-41f0616cfa2b/prelude/?callback=window.%24crisp.__spool.website_handler&2022-3-15-9-11
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b554d3d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44dbfeeaafb6d4378871deddb11c3bc3886fbc9110cba0bc90644c34e4018007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 15 Apr 2022 04:41:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
6fc38d4edbd568f7-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 15 Apr 2022 13:11:07 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105066997-1&cid=501035572.1650013868&jid=749538424&_u=YADAAEAAAAAAAC~&z=1430067298
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105066997-1&cid=501035572.1650013868&jid=749538424&_u=YADAAEAAAAAAAC~&z=1430067298
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
offlineClient.js
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 4081 		1 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/offlineClient.js
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/c2runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
c23af70fed3a2e281e9f0e459fe45b4a8cfe2f33b42c7e1bd4a4edf44a2284df
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624d3f58-565"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=604800
ar-request-id
2ae7c204fa4df7729eeb0962395ffcba
expires
Fri, 22 Apr 2022 09:11:07 GMT
/
client.crisp.chat/settings/website/c898e127-21c8-47f8-94f3-41f0616cfa2b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/c898e127-21c8-47f8-94f3-41f0616cfa2b/?callback=window.%24crisp.__spool.website_handler&1650007989074
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b554d3d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
733accb610b457e9b1354f5248b6bb3ab72a13ddb2d2ecefa3d28d585a52998f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5878
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 15 Apr 2022 07:33:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
6fc38d4f8cb468f7-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 15 Apr 2022 13:11:07 GMT
5ef0bc7c0a6247338e23ed93
api.sanjagh.com/web/rc/ 		2 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sanjagh.com/web/rc/5ef0bc7c0a6247338e23ed93?t=s
Requested by
Host: cdn.sanjagh.com
URL: https://cdn.sanjagh.com/assets/sdk/www.banimode.com/client.js?t=20223159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.105.185.162 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS
maknanet.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:08 GMT
server
nginx
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.banimode.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
2
5ef0bc7c0a6247338e23ed93
api.sanjagh.com/web/rc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sanjagh.com/web/rc/5ef0bc7c0a6247338e23ed93?t=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.105.185.162 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS
maknanet.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.banimode.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Pragma
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.banimode.com
access-control-max-age
2592000
cache-control
max-age=2592000,public
content-length
0
date
Fri, 15 Apr 2022 09:11:07 GMT
pragma
no-cache
server
nginx
data.js
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 4081 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/data.js
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/c2runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
db7522457398acf7fe8610d0e61659311094550f7d7da0d1488d16073bb3baca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
ar-atime
0.000
ar-cache
HIT
ar-sid
6150
vary
Accept-Encoding
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
W/"624d3f58-7a0a"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=604800
ar-request-id
6c47365c97e8dbb615be9b7da9838bab
expires
Fri, 22 Apr 2022 09:11:07 GMT
rum
sibautomation.com/cdn-cgi/ Frame EDFC 		0
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sibautomation.com/cm.html?key=529kytwk8kjj18l430cvhsof
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
6fc38d4fc85e9b1c-FRA
x-frame-options
DENY
loading-logo.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 4081 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/loading-logo.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
3ddf61aa722895814bdfe0e211a1745de9e452c50c45015b36c1a642ff44f98a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.547
ar-cache
BYPASS
ar-sid
6150
content-length
48421
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-bd25"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
4dd635943481f84cf38bef76c034a310
expires
Sat, 15 Apr 2023 09:11:07 GMT
bomb-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/bomb-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
498f98afa444cdbbace7e7b8065c146f7189f223a315618179cf2c0036881a65
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
ar-atime
0.436
ar-cache
BYPASS
ar-sid
6150
content-length
79707
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:15 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f2f-1375b"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
bbcc39aed7b63674e4f7dada9ab72bd9
expires
Sat, 15 Apr 2023 09:11:07 GMT
bomb-sheet1.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/bomb-sheet1.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
2460d20f7ef4953976f30e74459584c170fcce65acb2c9aa9001d88b3a7ba5f1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
ar-atime
0.416
ar-cache
BYPASS
ar-sid
6150
content-length
14577
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-38f1"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
a652216346c1564a95196afdf4f78049
expires
Sat, 15 Apr 2023 09:11:07 GMT
playbtn-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/playbtn-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
f4722497708f35f3d212496f25a79ac5a23b1908c2509d6a8740dac63404934e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
1.063
ar-cache
BYPASS
ar-sid
6150
content-length
4416
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-1140"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
7d5510a906335b6ffbf7f1ef03058363
expires
Sat, 15 Apr 2023 09:11:08 GMT
menubg-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/menubg-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
1ba982518d705e41c07b7574cfbaccc7c7fc33e1cb5ac27661f0897a34855844
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.531
ar-cache
BYPASS
ar-sid
6150
content-length
283239
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-45267"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
7f0f0a6db4b1446cf0f87648091e30b7
expires
Sat, 15 Apr 2023 09:11:07 GMT
ok_popup-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ok_popup-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
f95c81339aeb4ad13b9c0f1e95250f7473807ca4e7bcecfa8f3a7ecf784033ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.539
ar-cache
BYPASS
ar-sid
6150
content-length
38084
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-94c4"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
a7f35f154a15cc25b4a93cd7b4720f2e
expires
Sat, 15 Apr 2023 09:11:07 GMT
ok_popup-sheet1.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ok_popup-sheet1.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
bf723e826cce6c293f10b182bbb6b40be5145cc0a0ae831f158d0e40988c7378
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.538
ar-cache
BYPASS
ar-sid
6150
content-length
39547
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-9a7b"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
7fb182f9d8ab3167be65b389072705cf
expires
Sat, 15 Apr 2023 09:11:07 GMT
popuplogin-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/popuplogin-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
c3cfd1b1200bd903828ffddcab175d2150576fae7f5b7153e95efb3263e0cf22
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.540
ar-cache
BYPASS
ar-sid
6150
content-length
68991
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-10d7f"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
be45f889283c95c0d8714bdc074b7f4e
expires
Sat, 15 Apr 2023 09:11:07 GMT
particlesbomb.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/particlesbomb.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ed4335af20f55032885aba671c1b40927d3d34e82f0398eda945757788a85b8f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.874
ar-cache
BYPASS
ar-sid
6150
content-length
2823
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-b07"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
e631107a5320a1dfa9135d5658025412
expires
Sat, 15 Apr 2023 09:11:08 GMT
popupchanceend-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/popupchanceend-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
2866e49ef521883a1cbda5e47793adcf2d7df8b256b4c9b1a9f09d9017999968
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.537
ar-cache
BYPASS
ar-sid
6150
content-length
53353
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-d069"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
8927d3a8847c715330afc630f67ba3e8
expires
Sat, 15 Apr 2023 09:11:07 GMT
topbar-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/topbar-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
6b7bf9931b7acd8999fbaf50cfbed62374e7735817240e9940596d6c51bf488a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.797
ar-cache
BYPASS
ar-sid
6150
content-length
18670
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-48ee"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
ced1d44602337376a2a6518122630b7e
expires
Sat, 15 Apr 2023 09:11:08 GMT
chancecounttxt.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/chancecounttxt.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4a1779ca65d5db4e000c84232c9aa1fb344a9703cdd4bf179a6784454dfa5b5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
1.442
ar-cache
BYPASS
ar-sid
6150
content-length
2084
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-824"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
d5fdb50d719c1b6d4e5b6617e79234cb
expires
Sat, 15 Apr 2023 09:11:08 GMT
buybtn-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		1016 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/buybtn-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ccdd63f5cc3a887535ac13fa941e0d02bbc6d268cccd3e6cb57ef7b96626b632
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.460
ar-cache
BYPASS
ar-sid
6150
content-length
1016
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-3f8"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
546eb7f272e568cd537c4188143763ee
expires
Sat, 15 Apr 2023 09:11:07 GMT
continuebtn-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/continuebtn-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4bbb6fe6d8db94eb5d96e60ca1a6b24b491a93f93b75b800d7c0957746d39b8a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.456
ar-cache
BYPASS
ar-sid
6150
content-length
2961
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-b91"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
4a391b35a98dea8b32485644643e86c1
expires
Sat, 15 Apr 2023 09:11:07 GMT
winpopupanchor-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		105 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/winpopupanchor-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
a874e18b13b295174a353c06631ee3ab9d3e6f4693153875cc1809ad80b34481
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.709
ar-cache
BYPASS
ar-sid
6150
content-length
105
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-69"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
a8cff30c43fe86ce95568c193e0d8774
expires
Sat, 15 Apr 2023 09:11:08 GMT
winfont.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/winfont.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
42f227c88a30bb1da838cd2b56ecb7427c9a76d6be9faf96a8f49506ea8c582f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
0.453
ar-cache
BYPASS
ar-sid
6150
content-length
2840
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-b18"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
4ae681230bb4358a77cd6d17d37a78fb
expires
Sat, 15 Apr 2023 09:11:07 GMT
overlay-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		629 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/overlay-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
63138ff64cf1d78258e7d544efa8d7316de50e0e3e912b8fccb984cdaee64720
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:09 GMT
x-content-type-options
nosniff
ar-atime
1.746
ar-cache
BYPASS
ar-sid
6150
content-length
629
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-275"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
d723fca7bfdd6061138e482d405426ff
expires
Sat, 15 Apr 2023 09:11:09 GMT
helpbtn-sheet0.png
www.banimode.com/landing/ramadan1401/game_v1.0.1/images/ Frame 4081 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/images/helpbtn-sheet0.png
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
79ae429a25ef254b7317b7edbc1c6ec7b59208dcfcfa10d7597db6db90712849
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
Origin
https://www.banimode.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
x-content-type-options
nosniff
ar-atime
1.027
ar-cache
BYPASS
ar-sid
6150
content-length
8007
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-1f47"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
ar-request-id
4f92dd19d2c74f62e27b8002b141585d
expires
Sat, 15 Apr 2023 09:11:08 GMT
fa.js
client.crisp.chat/static/javascripts/locales/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/fa.js?b554d3d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b554d3d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4cc54da46f5697d2802112cee5aaa4ee29e010e71c1d61cc5b0a8b97acb5589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
64428
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Apr 2022 15:16:43 GMT
server
cloudflare
etag
W/"62583adb-21e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
6fc38d503d9b68f7-FRA
access-control-allow-headers
Content-Type, Origin
expires
Mon, 12 Apr 2032 09:11:07 GMT
complete.js
cdn.yektanet.com/rg_woebegone/scripts_v4/CuRQgJHb/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v4/CuRQgJHb/complete.js?v=2022-04-15T09
Requested by
Host: app.najva.com
URL: https://app.najva.com/static/js/scripts/banimode-1063-90ca362f-2645-4e8a-8bde-6bb78f8518df.js?v=20220301509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
image.crisp.chat/process/thumbnail/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Ff2ec54aabb148000%2Fchat12x_f5qbhz.png&width=240&height=240&1
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee7131fd2c0ac621175695278df6ee4c354f4a98fad42dd17ea5ad0ac6d9c6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
83355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9273
last-modified
Thu, 14 Apr 2022 07:14:52 GMT
server
cloudflare
etag
W/"2439-18026ecc2d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
6fc38d508e945bf9-FRA
expires
Mon, 12 Apr 2032 09:11:07 GMT
p
in-automate.sendinblue.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/p?key=529kytwk8kjj18l430cvhsof&cuid=ca4f62d5-4214-4642-afa4-a980b77770cd&ma_url=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&sib_type=page&ma_title=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&sib_name=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&ma_referrer=&ma_path=%2Flanding%2Framadan1401%2F
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=529kytwk8kjj18l430cvhsof
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
6fc38d511bc3906d-FRA
tag
api.mediaad.org/v1/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mediaad.org/v1/events/tag?fid=fbe784f2-e81c-4861-9a73-c9c176305d68
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.banimode.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
https://www.banimode.com
access-control-expose-headers
x-requested-with
content-length
0
date
Fri, 15 Apr 2022 09:11:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
tag
api.mediaad.org/v1/events/ 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mediaad.org/v1/events/tag?fid=fbe784f2-e81c-4861-9a73-c9c176305d68
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/1354/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
https://www.banimode.com
access-control-expose-headers
x-requested-with
access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length
0
loaded
api.mediaad.org/v2/events/page/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mediaad.org/v2/events/page/loaded
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.banimode.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
https://www.banimode.com
access-control-expose-headers
x-requested-with
content-length
0
date
Fri, 15 Apr 2022 09:11:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
loaded
api.mediaad.org/v2/events/page/ 		0
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mediaad.org/v2/events/page/loaded
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/1354/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 15 Apr 2022 09:11:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.banimode.com
access-control-expose-headers
x-requested-with
access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length
0
6c0e3021-1d44-4394-a290-e05f51e08cea
app.raychat.io/scripts/js/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.raychat.io/scripts/js/6c0e3021-1d44-4394-a290-e05f51e08cea
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.144.131.212 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-131-212.static.hostiran.name
Software
nginx / Raychat
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:05 GMT
server
nginx
x-powered-by
Raychat
etag
W/"32-4adJG0xm3DmFY7kzCvx20g"
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=08AD08573DC74801A310C247569EE6BB&RedC=c.clarity.ms&MXFR=172E91198BCB642C331F809E8FCB6AF8
  • https://c.clarity.ms/c.gif?CtsSyncId=08AD08573DC74801A310C247569EE6BB&MUID=00CE7EEC5CA36CDB2A296F6B5D286D6F
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=08AD08573DC74801A310C247569EE6BB&MUID=00CE7EEC5CA36CDB2A296F6B5D286D6F
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:08 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:07 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 94D9AA9932324F7A9610A99FF16013CB Ref B: FRA31EDGE0614 Ref C: 2022-04-15T09:11:08Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=08AD08573DC74801A310C247569EE6BB&MUID=00CE7EEC5CA36CDB2A296F6B5D286D6F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 08:40:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
1865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 15 Apr 2022 09:40:02 GMT
collect
f.clarity.ms/ 		0
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.banimode.com
date
Fri, 15 Apr 2022 09:11:07 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=369526021&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&ul=en-us&de=UTF-8&dt=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEALAAAAAC~&jid=&gjid=&cid=501035572.1650013868&tid=UA-105066997-1&_gid=2092072911.1650013869&gtm=2wg4d0PN2Q4QJ&z=1060609769
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53547
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
f.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.banimode.com
date
Fri, 15 Apr 2022 09:11:07 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
click.ogg
www.banimode.com/landing/ramadan1401/game_v1.0.1/media/ Frame 4081 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/media/click.ogg
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/c2runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4605d371748313d03d20e1eeac875dfc0ea587586d6012d921cad151972c0768
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:09 GMT
x-content-type-options
nosniff
ar-atime
0.416
ar-cache
BYPASS
ar-sid
6150
content-length
4931
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-1343"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
audio/ogg
accept-ranges
bytes
ar-request-id
22da8a6d965496245f3d7fbc810cd50e
touch.ogg
www.banimode.com/landing/ramadan1401/game_v1.0.1/media/ Frame 4081 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/media/touch.ogg
Requested by
Host: www.banimode.com
URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/c2runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.101 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
c086fffe199383be395d7cbc5b32690d9c90b6dc75f18be0cfb0bdf10307bcb0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 09:11:09 GMT
x-content-type-options
nosniff
ar-atime
0.416
ar-cache
BYPASS
ar-sid
6150
content-length
5902
x-xss-protection
1; mode=block
ar-poweredby
Arvan Cloud (arvancloud.com)
last-modified
Wed, 06 Apr 2022 07:20:56 GMT
server
ArvanCloud
x-frame-options
SAMEORIGIN
etag
"624d3f58-170e"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
audio/ogg
accept-ranges
bytes
ar-request-id
1d4a4316aa8dd8942f87392342e6bd10
sw.js
www.banimode.com/landing/ramadan1401/game_v1.0.1/ Frame 		0
0
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.banimode.com
date
Fri, 15 Apr 2022 09:11:10 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8RCKD3CZEY&gtm=2oe4d0&_p=369526021&sr=1600x1200&_z=ccd.ICB&ul=en-us&cid=501035572.1650013868&_s=2&dl=https%3A%2F%2Fwww.banimode.com%2Flanding%2Framadan1401%2F%3Futm_source%3Dbanigame%26utm_medium%3Dlink%26utm_campaign%3Dramadan1401%26id%3D1889042&dt=%D8%B1%D9%85%D8%B6%D8%A7%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%DA%A9&sid=1650013868&sct=1&seg=0&en=scroll&_et=937&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RCKD3CZEY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banimode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 09:11:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.banimode.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.banimode.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.banimode.com
date
Fri, 15 Apr 2022 09:11:14 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.banimode.com
URL
https://www.banimode.com/landing/ramadan1401/game_v1.0.1/sw.js

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| baseUrl string| localStoragePrefix string| pageName string| srcPrefix string| pageUrl object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| h object| s object| d string| yektanetAnalyticsObject function| yektanet function| hj object| _hjSettings number| retryCount function| textCopy function| copyButtonSelect object| sib object| sendinblue object| $crisp string| CRISP_WEBSITE_ID function| clarity function| onYouTubeIframeAPIReady object| gaGlobal function| Cookies object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaData function| _0xfb0979 function| _0x1902 function| _0x3dc5 object| __SabaEvents function| _SabaEventAjax string| configFile object| _dollar_crisp object| regeneratorRuntime boolean| snj_rc object| Najva

24 Cookies

Domain/Path Name / Value
.mediaad.org/ Name: __cf_bm
Value: H06luzqc7ZsCOV1CyT2c9ur1AtpbOCm0FaenYjYXkqI-1650013866-0-Ad9NVUSDqVEORu/+EKB7HQgZwm11lNGH+pe5jAEydQ1oOBf+cFR5L/lGir5hnQ3oQ9zAC5VvmqhNTpzp51H6kAs=
.yektanet.com/ Name: __cf_bm
Value: oMFeCOcw6szG30kyasteNQVWibMltqF8pmMRLqCsl5s-1650013866-0-Af50JLhWfFyXJdYIRnlAHnGr3fNfnBN5AYB1yIT8XLiMV3HrPOMHiwJ+Gx+qNHEhlzy9cxGc8F6e07ckuNN1pkI=
.www.banimode.com/ Name: sib_cuid
Value: ca4f62d5-4214-4642-afa4-a980b77770cd
.banimode.com/ Name: _ga
Value: GA1.2.501035572.1650013868
.banimode.com/ Name: _gid
Value: GA1.2.2092072911.1650013869
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.banimode.com/ Name: _gat_UA-105066997-1
Value: 1
www.clarity.ms/ Name: CLID
Value: 13b29766621247a2830c6f67f60340a0.20220415.20230415
sibautomation.com/ Name: uuid
Value: 5373428f-434a-4372-a974-c0e4bedd7e24
.banimode.com/ Name: _hjSessionUser_1585268
Value: eyJpZCI6ImNhNjFjOTllLTJjYWYtNWM0My1iMjc1LTVjYTJkNGQ4YzJlMiIsImNyZWF0ZWQiOjE2NTAwMTM4Njg5MTMsImV4aXN0aW5nIjpmYWxzZX0=
.banimode.com/ Name: _hjFirstSeen
Value: 1
.banimode.com/ Name: _hjSession_1585268
Value: eyJpZCI6IjUyMDg5ZThjLTdkMGYtNDg4OC05YWQ5LTY4ZjQ5NzE5ZTQyMyIsImNyZWF0ZWQiOjE2NTAwMTM4NjkxMTUsImluU2FtcGxlIjpmYWxzZX0=
.banimode.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.banimode.com/ Name: _clck
Value: 1mfwuuc|1|f0n|0
.banimode.com/ Name: _ga_8RCKD3CZEY
Value: GS1.1.1650013868.1.0.1650013869.59
.banimode.com/ Name: _clsk
Value: 1pdkyas|1650013869525|1|1|f.clarity.ms/collect
.sanjagh.com/ Name: _r
Value: 200
.sanjagh.com/ Name: _u
Value: wFopOw3rS3y3Vjyorj83oYOS
.sanjagh.com/ Name: _n
Value: 200
www.banimode.com/ Name: _5ef0bc7c0a6247338e23ed93
Value: true
.c.bing.com/ Name: SRM_B
Value: 00CE7EEC5CA36CDB2A296F6B5D286D6F
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 00CE7EEC5CA36CDB2A296F6B5D286D6F
.c.clarity.ms/ Name: ANONCHK
Value: 0

8 Console Messages

Source Level URL
Text
rendering warning URL: https://www.banimode.com/landing/ramadan1401/?utm_source=banigame&utm_medium=link&utm_campaign=ramadan1401&id=1889042(Line 5)
Message:
The value "0'" for key "user-scalable" was truncated to its numeric prefix.
network error URL: https://www.banimode.com/landing/ramadan1401/assets/img/cloud.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/UZlcobuv/rg.complete.js?v=20220301509
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/LTaW5yQW/rg.complete.js?v=20220301509
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.banimode.com/landing/ramadan1401/assets/img/footer-bg-1.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.banimode.com/landing/ramadan1401/assets/img/footer-bg.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.banimode.com/landing/ramadan1401/game_v1.0.1/c2runtime.js(Line 334)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/CuRQgJHb/complete.js?v=2022-04-15T09
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.mediaad.org
api.sanjagh.com
app.najva.com
app.raychat.io
banimode.ir
c.bing.com
c.clarity.ms
cdn.sanjagh.com
cdn.yektanet.com
client.crisp.chat
f.clarity.ms
googleads.g.doubleclick.net
image.crisp.chat
in-automate.sendinblue.com
ma-cdn.pegah.tech
mediacdn.mediaad.org
plus.sabavision.com
s1.mediaad.org
script.hotjar.com
sibautomation.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
van.najva.com
vars.hotjar.com
www.banimode.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.banimode.com
109.206.255.46
142.250.186.66
18.66.139.40
18.66.2.81
185.105.185.162
185.143.234.101
185.147.178.24
185.166.104.3
185.191.77.170
188.114.97.7
20.84.22.197
2606:4700:3034::ac43:dbca
2606:4700:4400::ac40:996f
2606:4700:440e::6812:2fe6
2606:4700::6811:90c
2606:4700::6812:1c5b
2620:1ec:27::cafe:1485
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c00::9c
2a06:98c1:3120::7
45.94.254.24
5.144.131.212
52.142.114.2
52.2.56.64
52.222.236.63
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07b9b0332ed8ff7be9e2ece033679de843a6635788714828637e3f43d27bb860
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0cff5dbd3a7712af7eaa5f1adb0c2688339ca3837ffb0277e83a73ff7269507f
1ba982518d705e41c07b7574cfbaccc7c7fc33e1cb5ac27661f0897a34855844
20381a661aba69019ebf98716c3544ae53f75aa32fecd5081635a0b376c1d44b
22c7b0baea90dd328515c30eedec7c49fec7ede97a0adc74a6362ab19d950f47
2460d20f7ef4953976f30e74459584c170fcce65acb2c9aa9001d88b3a7ba5f1
25e3aae5055f1a6cc768de14e36cc2fbb048f3ff9b44cdd8c9afbe93c0e40e29
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2866e49ef521883a1cbda5e47793adcf2d7df8b256b4c9b1a9f09d9017999968
30d32919e3207b4cf9419f54395955fdb714e60f3c23c69c5c3248d6de22f2f5
34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61
3ddf61aa722895814bdfe0e211a1745de9e452c50c45015b36c1a642ff44f98a
42f227c88a30bb1da838cd2b56ecb7427c9a76d6be9faf96a8f49506ea8c582f
4421b70d090d7d96bb9e8a668eba6f2becc17e9dcca6049d032dd382a3336881
44dbfeeaafb6d4378871deddb11c3bc3886fbc9110cba0bc90644c34e4018007
4605d371748313d03d20e1eeac875dfc0ea587586d6012d921cad151972c0768
498f98afa444cdbbace7e7b8065c146f7189f223a315618179cf2c0036881a65
4a1779ca65d5db4e000c84232c9aa1fb344a9703cdd4bf179a6784454dfa5b5e
4b59b8f306d42c97e5ab58f027e0616808f98cd4feaabbfc2f5041d57f826a8f
4bbb6fe6d8db94eb5d96e60ca1a6b24b491a93f93b75b800d7c0957746d39b8a
5322e837c30fddeb95d3d5b9456b59a41b790467ca1d54adbca6443188041b30
58504513ddc6cae789b4aa7e0d06d17a65fe0754805adbeaa6bdab5e4b1540f6
59d0be357fc1f8f3b7712198b0c12964a5d535a809d2d8c273dad06379213e3a
5b0aa82c6c9ea424ccf73494d91fbdd84ac7a792742c9d4b260a080613982984
5ee7131fd2c0ac621175695278df6ee4c354f4a98fad42dd17ea5ad0ac6d9c6b
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
63138ff64cf1d78258e7d544efa8d7316de50e0e3e912b8fccb984cdaee64720
642e8224ef11697254d79494de1937a13a1bf1bc7b1ab1bcd638d5d1e1b906ff
6736d2937ab00d7100be533fe5ba999a87ee6421121b881898612fd713881710
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6b7bf9931b7acd8999fbaf50cfbed62374e7735817240e9940596d6c51bf488a
71602c21ef83348fd4cc0925ffde8d0b3c172abf2ad40f26d81433f516a6c4dc
733accb610b457e9b1354f5248b6bb3ab72a13ddb2d2ecefa3d28d585a52998f
741b24435d3be7bd3fb577c51623c68fdf97533fbb13e2e6ce3b85d561fafba4
74ef58ce79d88e75a720e58ea11e81c741a4094bc1adfe3ee8014617d53d440e
79ae429a25ef254b7317b7edbc1c6ec7b59208dcfcfa10d7597db6db90712849
7fa1c4f4b5bd359e458e625ae78b81f19e789ce1044afdb20969b87da75d183e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e24863e727246d7d9acf71a82fb75ac38fe93ac6ba2e30042050c19caf7481
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f7a61e400a00272683e9ee20ec19882ec68ef3adcba50f6d929e53c58b53dc7
a090217342502f1a8968b9abbee3ab5e0c3ef07f85fc3c8fa3c467824f69d101
a0a5b4c04ad20eb35d6e1cae06bc87d024c4f9308a04b178b6be0dd71dae4335
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a632dc684383a269349fee1d320cba350a64be6616f1863c615158072d073fe2
a874e18b13b295174a353c06631ee3ab9d3e6f4693153875cc1809ad80b34481
b2e60cfbf27291ba89548982b0c7b8c0951e54eaafbf4d5a7121bd2bdb8f45cf
b6a655a617b533fb5d74ec978465914653a492232633a88bc01157153c049340
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bf723e826cce6c293f10b182bbb6b40be5145cc0a0ae831f158d0e40988c7378
c086fffe199383be395d7cbc5b32690d9c90b6dc75f18be0cfb0bdf10307bcb0
c23af70fed3a2e281e9f0e459fe45b4a8cfe2f33b42c7e1bd4a4edf44a2284df
c3cfd1b1200bd903828ffddcab175d2150576fae7f5b7153e95efb3263e0cf22
c4cc54da46f5697d2802112cee5aaa4ee29e010e71c1d61cc5b0a8b97acb5589
c6802da9e0c0fbdb86422b526dd9e1880c9f6516679736ce4cdc96c9584494e0
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ccdd63f5cc3a887535ac13fa941e0d02bbc6d268cccd3e6cb57ef7b96626b632
d2220cd56bd8f9d4ed017081772412a82df72d7a93ea54058d1f76713316a146
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
db7522457398acf7fe8610d0e61659311094550f7d7da0d1488d16073bb3baca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6aad2869c3c72ddf30f5b03b47ed66866f1196cca111b9dc943c3fc9321df88
ebe4d507c5654de52a9b6151395ece02c052524e65c080499b89e0410d34b995
ed4335af20f55032885aba671c1b40927d3d34e82f0398eda945757788a85b8f
ee7a7f895c1fcd7322019fe9421c4ffc0cf1c47a17bec069e1fc00be578e226c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9260b2f30e5d92f8491ee3b82c2fcc843b3e6e4e2cba824e0a04b9377077e9
f4722497708f35f3d212496f25a79ac5a23b1908c2509d6a8740dac63404934e
f95c81339aeb4ad13b9c0f1e95250f7473807ca4e7bcecfa8f3a7ecf784033ac
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe4be1ad7dcc5ab6c75f39e08a63a3730cebaa9ea8070b5814b56a755a2aeebe
ffff784792f5753f193e34e95d94195521b4d1efcec879e6e47d573eb7f3d841