987112309800029878819323782493094213723487921903210.d.w1z.wtf Open in urlscan Pro
49.13.223.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Submission: On June 12 via api (June 12th 2024, 5:18:42 am UTC) from US — Scanned from DE

Summary HTTP 145 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 21 domains to perform 145 HTTP transactions. The main IP is 49.13.223.108, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is 987112309800029878819323782493094213723487921903210.d.w1z.wtf.
TLS certificate: Issued by E5 on June 10th 2024. Valid for: 3 months.

This is the only time 987112309800029878819323782493094213723487921903210.d.w1z.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	49.13.223.108 49.13.223.108	24940 (HETZNER-AS) (HETZNER-AS)
1	93.115.151.139 93.115.151.139	43754 (ASIATECH) (ASIATECH)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
34	185.143.234.87 185.143.234.87	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
2	185.143.234.120 185.143.234.120	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
1	2606:4700::68... 2606:4700::6810:fb8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:96ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:2546	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.166.104.3 185.166.104.3	202319 (CAFEBAZAAR) (CAFEBAZAAR)
2 4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.94.254.24 45.94.254.24	48551 (SINDAD) (SINDAD)
11	45.94.255.25 45.94.255.25	48551 (SINDAD) (SINDAD)
3	185.143.233.120 185.143.233.120	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	20.10.16.51 20.10.16.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	212.33.197.123 212.33.197.123	43754 (ASIATECH) (ASIATECH)
13	185.166.104.4 185.166.104.4	202319 (CAFEBAZAAR) (CAFEBAZAAR)
1	45.94.254.21 45.94.254.21	48551 (SINDAD) (SINDAD)
2	212.33.197.122 212.33.197.122	43754 (ASIATECH) (ASIATECH)
145	24

52 49.13.223.108 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.108.223.13.49.clients.your-server.de

987112309800029878819323782493094213723487921903210.d.w1z.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.115.151.139 (Tehran, Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)

deemanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 185.143.234.87 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

berozkala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.143.234.120 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

eanjoman.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cashback.takhfifan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fb8 (United States)

ASN13335 (CLOUDFLARENET, US)

mail.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:96ba (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2546 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.166.104.3 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)

cdn.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
van.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.94.254.24 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.org

n1.sanjagh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 45.94.255.25 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.cloud

s1.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ma-cdn.pegah.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.143.233.120 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

analytics.affili.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tavoos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9528 (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

z.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.33.197.123 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)

sniper.tavoos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.166.104.4 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)

audience.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ua.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.94.254.21 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.org

mediacdn.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.33.197.122 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)

sniper.tavoos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	w1z.wtf 987112309800029878819323782493094213723487921903210.d.w1z.wtf	2 MB
34	berozkala.com berozkala.com	682 KB
16	yektanet.com cdn.yektanet.com — Cisco Umbrella Rank: 77269 audience.yektanet.com — Cisco Umbrella Rank: 84660 ua.yektanet.com — Cisco Umbrella Rank: 79787	65 KB
10	mediaad.org s1.mediaad.org — Cisco Umbrella Rank: 139788 mediacdn.mediaad.org — Cisco Umbrella Rank: 151084 api.mediaad.org — Cisco Umbrella Rank: 135859	52 KB
6	najva.com 2 redirects mail.najva.com app.najva.com — Cisco Umbrella Rank: 184523 assets.najva.com — Cisco Umbrella Rank: 188009 van.najva.com — Cisco Umbrella Rank: 128901	86 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 776 z.clarity.ms — Cisco Umbrella Rank: 8162	28 KB
4	tavoos.net cdn.tavoos.net — Cisco Umbrella Rank: 232792 sniper.tavoos.net — Cisco Umbrella Rank: 436457	3 KB
3	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 25334	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	276 KB
2	pegah.tech ma-cdn.pegah.tech — Cisco Umbrella Rank: 151853	7 KB
2	affili.ir analytics.affili.ir	6 KB
1	brevo.com in-automate.brevo.com — Cisco Umbrella Rank: 26221	99 B
1	google.de www.google.de — Cisco Umbrella Rank: 8196	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	286 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078	286 B
1	takhfifan.com cashback.takhfifan.com	2 KB
1	sanjagh.com n1.sanjagh.com — Cisco Umbrella Rank: 673707	50 KB
1	eanjoman.ir eanjoman.ir	531 B
1	deemanetwork.com deemanetwork.com — Cisco Umbrella Rank: 962006	2 KB
0	enamad.ir Failed trustseal.enamad.ir Failed
0	samandehi.ir Failed logo.samandehi.ir Failed
145	21

	Domain	Requested by
52	987112309800029878819323782493094213723487921903210.d.w1z.wtf	987112309800029878819323782493094213723487921903210.d.w1z.wtf n1.sanjagh.com
34	berozkala.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf
10	ua.yektanet.com	cdn.yektanet.com
8	api.mediaad.org	n1.sanjagh.com
3	audience.yektanet.com	n1.sanjagh.com
3	sniper.tavoos.net	cdn.tavoos.net n1.sanjagh.com
3	z.clarity.ms	www.clarity.ms n1.sanjagh.com
3	cdn.yektanet.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf cdn.yektanet.com app.najva.com
3	sibautomation.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf sibautomation.com
3	www.googletagmanager.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf www.googletagmanager.com
2	ma-cdn.pegah.tech	n1.sanjagh.com
2	www.clarity.ms	987112309800029878819323782493094213723487921903210.d.w1z.wtf www.clarity.ms
2	analytics.affili.ir	www.googletagmanager.com analytics.affili.ir
2	van.najva.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf n1.sanjagh.com
2	app.najva.com	2 redirects
1	mediacdn.mediaad.org	n1.sanjagh.com
1	in-automate.brevo.com	sibautomation.com
1	www.google.de	987112309800029878819323782493094213723487921903210.d.w1z.wtf
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.tavoos.net	987112309800029878819323782493094213723487921903210.d.w1z.wtf
1	cashback.takhfifan.com	www.googletagmanager.com
1	s1.mediaad.org	www.googletagmanager.com
1	n1.sanjagh.com	www.googletagmanager.com
1	assets.najva.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf
1	mail.najva.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf
1	eanjoman.ir	987112309800029878819323782493094213723487921903210.d.w1z.wtf
1	deemanetwork.com	987112309800029878819323782493094213723487921903210.d.w1z.wtf
0	trustseal.enamad.ir Failed	987112309800029878819323782493094213723487921903210.d.w1z.wtf
0	logo.samandehi.ir Failed	987112309800029878819323782493094213723487921903210.d.w1z.wtf
145	30

This site contains links to these domains. Also see Links.

Domain
berozkala.com
aghsat.berozkala.com
t.me
igame.ir
www.instagram.com
trustseal.enamad.ir
eanjoman.ir
www.youtube.com
www.aparat.com
shenoto.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
987112309800029878819323782493094213723487921903210.d.w1z.wtf E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
deemanetwork.com Certum Domain Validation CA SHA2	`2024-05-13` - `2025-05-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
berozkala.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
eanjoman.ir R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
mail.najva.com Cloudflare Inc ECC CA-3	`2024-03-07` - `2024-12-31`	10 months	crt.sh
sibautomation.com WE1	`2024-06-07` - `2024-09-05`	3 months	crt.sh
cdn.yektanet.com R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.sanjagh.com R3	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.mediaad.org R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
affili.ir R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
takhfifan.com R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
tavoos.net R3	`2024-03-26` - `2024-06-24`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
brevo.com GTS CA 1P5	`2024-04-23` - `2024-07-22`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.tavoos.net Certum Domain Validation CA SHA2	`2024-06-08` - `2025-06-08`	a year	crt.sh
*.pegah.tech R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
najva.com GTS CA 1P5	`2024-05-12` - `2024-08-10`	3 months	crt.sh
yektanet.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
mediaad.org R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Frame ID: EBF2B694DA18FC7BCEE39CBBCA72445B
Requests: 136 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=wg5gwucbu2djambuiex7l7ry
Frame ID: 20BB2601107199F54EC34734B000BDB0
Requests: 1 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=wg5gwucbu2djambuiex7l7ry
Frame ID: E23A429AF49D8CD886A5CAE35B98A6D2
Requests: 1 HTTP requests in this frame

Frame: https://sniper.tavoos.net/v1/retargeting/broadcast
Frame ID: F910337113B7D6C8B9348C709491EE1F
Requests: 1 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: 4C894A0874AD7CE12253FF8F6E85D260
Requests: 1 HTTP requests in this frame

Frame: https://mediacdn.mediaad.org/static/fingerprint.html
Frame ID: E477E05354BD6D2372648420BFAED554
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

فروشگاه اینترنتی بروزکالا | فروش کالای دیجیتال-فروش گوشی و تبلتفروشگاه اینترنتی بروزکالا | فروش کالای دیجیتال-فروش گوشی و تبلت

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

145
Requests

97 %
HTTPS

35 %
IPv6

21
Domains

30
Subdomains

24
IPs

5
Countries

2831 kB
Transfer

6106 kB
Size

21
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://berozkala.com/promotions

Search URL Search Domain Scan URL

URL: http://aghsat.berozkala.com/

Search URL Search Domain Scan URL

URL: https://t.me/berozkalashop
Title: کانال تلگرام بروزکالا را در تلگرام دنبال کنید@berozkalacom

Search URL Search Domain Scan URL

URL: https://igame.ir/?utm_medium=banner&utm_source=beroozkala&utm_campaign=mcq2&utm_term=cobranding

Search URL Search Domain Scan URL

URL: https://www.instagram.com/berozkalashop/
Title: صفحه اینستاگرام مارادر اینستاگرام دنبال کنید#berozkala

Search URL Search Domain Scan URL

URL: https://trustseal.enamad.ir/?id=281987&Code=zz7AnOdrNtfPJr7TuS2Z

Search URL Search Domain Scan URL

URL: https://eanjoman.ir/member/HWfTquSBriPFBKF5LWiYfKEb9

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCHFgfFwna3FFjdYK0Henugg
Title: کانال یوتیوب بروزکالا

Search URL Search Domain Scan URL

URL: https://www.aparat.com/berozkalashop
Title: کانال آپارات بروزکالا

Search URL Search Domain Scan URL

URL: https://shenoto.com/channel/berozkalashop?lang=fa
Title: کانال شنوتو

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/berozkalacom
Title: لینکدین

Search URL Search Domain Scan URL

URL: https://twitter.com/berozkalashop
Title: توئیتر

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://app.najva.com/static/css/local-messaging.css?v=20240501207 HTTP 302
https://assets.najva.com/webpush/static/css/local-messaging.css?v=20240501207

Request Chain 73

https://app.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js?v=20240501207 HTTP 301
https://van.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js?v=20240501207

145 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/ 419 KB
32 KB 640ms
605ms Document
text/html 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

ae7a5f10ddd86339a6190a0993837956a2ca3805f03b62d68518a4b6e640a56d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 05:18:33 GMT
server: nginx/1.26.1
server-timing: total;dur=550
vary: Accept-Encoding Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
x-request-id: b91ac69b568368d52c4de312c1b5d345
x-sid: 6110
x-xss-protection: 1; mode=block

GET
H2 200 plugins-theme.css
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/ 196 KB
39 KB 197ms
196ms Stylesheet
text/css 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

9f981cc05a542bce9861abd280c975c3f5b5e153d4a3df5e39e8f60caf4f583f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 00:06:03 GMT
server: nginx/1.26.1
etag: W/"1d63f84184ef7d3"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: max-age=31536000
server-timing: total;dur=147
x-xss-protection: 1; mode=block
x-request-id: ead3e6dcf00cfdd91d6d0a2826d5e718
x-sid: 6110

GET
H2 200 kalastore.css
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/ 105 KB
20 KB 196ms
195ms Stylesheet
text/css 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/kalastore.css

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

dcbe5644530c54042582270e7ec55f721e731e2886ea0ffc4819e582b5461541

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 00:06:01 GMT
server: nginx/1.26.1
etag: W/"1d63f84171d19a4"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: max-age=31536000
server-timing: total;dur=146
x-xss-protection: 1; mode=block
x-request-id: 99668ce3ddb399a50d1c9f8a3772242e
x-sid: 6110

GET
H2 200 styles.css
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/ 374 KB
59 KB 202ms
202ms Stylesheet
text/css 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/styles.css?v=9184

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

9c94ba36f87c064597df98c4b3e6f399282ddb6f7db03ba5e45b012e7e376f3a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
content-encoding: br
last-modified: Sat, 18 May 2024 09:28:42 GMT
server: nginx/1.26.1
etag: W/"1daa905c5d299f5"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: max-age=31536000
server-timing: total;dur=152
x-xss-protection: 1; mode=block
x-request-id: 59a3041276c6402d26b1ebe7682b0a62
x-sid: 6110

GET
H2 200 jquery.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/lib/jquery/dist/ 136 KB
41 KB 79ms
78ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/lib/jquery/dist/jquery.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

61b7da509ac8fda16cb0f3bbab7719076d6c9cbafb7b9bd927aed15f924b0b1b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:37 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
content-encoding: br
last-modified: Tue, 03 Nov 2020 08:02:48 GMT
server: nginx/1.26.1
etag: W/"1d6b1b7b81e6623"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=10
x-xss-protection: 1; mode=block
x-request-id: 28c4674b15b5a5be78ea6aab5eea39fd
x-sid: 6110

GET
H2 200 sweetalert2.all.min.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/ 65 KB
18 KB 56ms
55ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/sweetalert2.all.min.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

ab42da0875f43f2898480182ff7197267e4b4345302f79d22c69eac123205f77

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:37 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
content-encoding: br
last-modified: Wed, 10 Jun 2020 16:31:40 GMT
server: nginx/1.26.1
etag: W/"1d63f449e4b3b20"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 3dfca17942d94e657ef5d8178a7f8a37
x-sid: 6110

GET
H2 200 sweetAlert.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/ 167 B
473 B 62ms
61ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/sweetAlert.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

d7ecd3ce93686bbbc2798befbc31ba6fb516af84764586d15e4f872036442958

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:37 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
content-encoding: br
last-modified: Sun, 05 Apr 2020 00:07:16 GMT
server: nginx/1.26.1
etag: W/"1d60ade2a23930c"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 4b4da24cf30737d820aa0adc0dab8840
x-sid: 6110

GET
H/1.1 200
OK 8724.js Show response
deemanetwork.com/pxjs/ 3 KB
2 KB 323ms
101ms Script
application/javascript 93.115.151.139
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL

https://deemanetwork.com/pxjs/8724.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

93.115.151.139 Tehran, Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),

Reverse DNS

Software

openresty /

Resource Hash

ae1db7cfd2268dfe3a71b44fd7eed54a4bff6f45774f89e99f5fb316e8837ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 05:18:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive

GET
H2 200 8ffdafe111ac4c7c93148185bb139048.png
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/temp/ 2 KB
2 KB 53ms
53ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/temp/8ffdafe111ac4c7c93148185bb139048.png

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

ce6e347488f4ee1d40d43a316682f3919813890fa5cb85b1fc6685d0e1ef8fb1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 25 Jun 2024 07:44:25 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
last-modified: Wed, 03 Apr 2024 07:16:04 GMT
server: nginx/1.26.1
etag: W/"1da8596c9ea1833"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=4
accept-ranges: bytes
content-length: 1556
x-xss-protection: 1; mode=block
x-request-id: b7ae799a2bd9add0742d7779efb8ffc7
x-sid: 6110

GET
H2 200 logo.png
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/images/ 9 KB
9 KB 199ms
199ms Image
image/png 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/images/logo.png?v=1

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

0e7badef2da4d3c67f26c08e59741aba8027e39cb780350426569501eb4f9d4a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:33 GMT
last-modified: Thu, 03 Nov 2022 09:00:00 GMT
server: nginx/1.26.1
etag: "1d8ef62a74b4bf5"
x-powered-by: ASP.NET
x-cache: BYPASS
content-type: image/png
cache-control: max-age=31536000
server-timing: total;dur=146
accept-ranges: bytes
content-length: 9205
x-xss-protection: 1; mode=block
x-request-id: 81cfda726ae84ec73edfa1fc4fbc7615
x-sid: 6110

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 284 KB
98 KB 72ms
47ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K33TNFC

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd039e7558864e0ef52d0e42d1118d26ab6a2230a3bcfb3bd5fc820258f91a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99562
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 05:18:34 GMT

GET
H2 200 398c000fd16a454c99b754a2184d48f2.jpg
berozkala.com/Upload/slide/2024/6/8// 20 KB
21 KB 167ms
76ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/6/8//398c000fd16a454c99b754a2184d48f2.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

ab5c84622c2defc8338434dca944ceb50c786cf8cb7d1c0a319e0e6abb130218

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:46 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sat, 08 Jun 2024 10:23:41 GMT
server: ArvanCloud
etag: W/"1dab98deedb620e"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 20654
x-xss-protection: 1; mode=block
x-request-id: 788f9d061f7b9fc415255ecd4c125828
x-sid: 4102

GET
H2 200 8ea082a047ea4334876cffd00c54d752.jpg
berozkala.com/Upload/slide/2024/6/8// 22 KB
22 KB 54ms
53ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/6/8//8ea082a047ea4334876cffd00c54d752.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

084cbbf4cc2b72845e0cee478416f8797c37798ad580e08627b7e3c8bd164a7e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:46 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sat, 08 Jun 2024 10:30:40 GMT
server: ArvanCloud
etag: W/"1dab98ee899f740"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 22458
x-xss-protection: 1; mode=block
x-request-id: e1d4cf4a276f07f2233b9e1ae7e56d34
x-sid: 4102

GET
H2 200 88fd3a5cbbfe4a5395abc8560cdde75b.jpg
berozkala.com/Upload/slide/2024/6/8// 25 KB
25 KB 51ms
51ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/6/8//88fd3a5cbbfe4a5395abc8560cdde75b.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

720fcafbf0f97bf34398b793fcff84dc9668a267b788ccdc5d31a7cfa775fb26

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sat, 08 Jun 2024 10:25:20 GMT
server: ArvanCloud
etag: W/"1dab98e29e5f65d"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 25292
x-xss-protection: 1; mode=block
x-request-id: 87df35a6224c4da03877d080193e1cf1
x-sid: 4102

GET
H2 200 7c9e88d4b09f41c2bd3b3053921d9c6e.jpg
berozkala.com/Upload/slide/2024/6/11// 26 KB
26 KB 49ms
44ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/6/11//7c9e88d4b09f41c2bd3b3053921d9c6e.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

6b0ed37c928657535364f7894f26f966ee72e336523d106ccca9d237a64da67d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Tue, 11 Jun 2024 14:13:06 GMT
server: ArvanCloud
etag: W/"1dabc097ab57a79"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 26734
x-xss-protection: 1; mode=block
x-request-id: c7cb298d0206b955dc69c59733036136
x-sid: 4102

GET
H2 200 c68795423edd47c5be2c7b17424d62db.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 25 KB
25 KB 80ms
75ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/c68795423edd47c5be2c7b17424d62db.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

a79719bbc130d2ce96df58fe09fdcae088a5889f1c013f422a909c8067687759

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 09 Jul 2024 15:59:02 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 29 May 2023 09:52:49 GMT
server: nginx/1.26.1
etag: W/"1d9921353ad52ab"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 25088
x-xss-protection: 1; mode=block
x-request-id: e2bcd4562d42945f35b2479de42c980d
x-sid: 6110

GET
H2 200 1d3fa4bb-ad6c-4b18-8d59-9e10563bdf68.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/ 14 KB
15 KB 96ms
91ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/1d3fa4bb-ad6c-4b18-8d59-9e10563bdf68.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

da010434c98ca4ccf025eeec961ef3eb12da341df57e08c9a5b56ea0f5a52605

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 08 Jul 2019 11:17:46 GMT
server: nginx/1.26.1
etag: W/"1d5357ec4ba18fe"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
server-timing: total;dur=2
accept-ranges: bytes
content-length: 14552
x-xss-protection: 1; mode=block
x-request-id: 8c41fbb2ce8396b9e107266bd0c5f8f0
x-sid: 6110

GET
H2 200 a51cd0d2416840f08f6d72333efa21fe.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 146 KB
146 KB 90ms
85ms Image
image/jpeg 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/a51cd0d2416840f08f6d72333efa21fe.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

1e1d438a1bad38cc73792f6acafe0de35fdc5b45753b6ae594f53053ef97325b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 08 Jul 2024 16:52:15 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Wed, 19 Oct 2022 10:44:53 GMT
server: nginx/1.26.1
etag: W/"1d8e3a7d206873c"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/jpeg
cache-control: public,max-age=2592000
server-timing: total;dur=2
accept-ranges: bytes
content-length: 149436
x-xss-protection: 1; mode=block
x-request-id: 3a0d53b950f2c3f0c1b36b5820655042
x-sid: 6110

GET
H2 200 0f490d3b0a1f44e8bbde117388ad9549.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 5 KB
5 KB 85ms
80ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/0f490d3b0a1f44e8bbde117388ad9549.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

43d1e2b6fbed2e971d13edc3652cb1bd0cba8906b244ca4843e131361c7f064f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 09:13:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 10 Dec 2023 11:08:07 GMT
server: nginx/1.26.1
etag: W/"1da2b59272a5629"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=4
accept-ranges: bytes
content-length: 4788
x-xss-protection: 1; mode=block
x-request-id: f6bf344b8b43cb2e0381a68745362036
x-sid: 6110

GET
H2 200 3bb2225c6dd94decb99709329e7cad6d.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 17 KB
18 KB 90ms
86ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/3bb2225c6dd94decb99709329e7cad6d.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

3bbb3f67848f33268b516ce9e9e990dab429a8138b1d3854e015bbe5300eff15

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 09:13:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Fri, 16 Dec 2022 08:25:40 GMT
server: nginx/1.26.1
etag: W/"1d91127fb323eb5"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 17760
x-xss-protection: 1; mode=block
x-request-id: 4c6b8397caa1402618cb0961b9848d33
x-sid: 6110

GET
H2 200 e07ef8218acf4c4d9604c6b9a21a2cde.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 12 KB
12 KB 80ms
76ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/e07ef8218acf4c4d9604c6b9a21a2cde.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

951b256d95cec948398e4a4eb3a2c77c31b65074d16a9a4ddc77918aeb5f39df

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 07:21:39 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 06 May 2024 13:20:05 GMT
server: nginx/1.26.1
etag: W/"1da9fb81bcab92e"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 12008
x-xss-protection: 1; mode=block
x-request-id: 8c12bb2ff6a89af4d987c4e2330c4e5b
x-sid: 6110

GET
H2 200 7106e6c7ec41482b88f541a4ee9b0635.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 5 KB
5 KB 81ms
76ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/7106e6c7ec41482b88f541a4ee9b0635.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

c8093c305f9c8b63deef727a84b231de6f7ea7eb7d131fb63ff0df331e8ca243

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 07:21:18 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 14 Mar 2022 19:07:54 GMT
server: nginx/1.26.1
etag: W/"1d837d6ced4c3b6"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 4870
x-xss-protection: 1; mode=block
x-request-id: 7cf8e267bf730bc2373e50bea07e3526
x-sid: 6110

GET
H2 200 ae395017a8a643878bd176eb374bb8da.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 12 KB
13 KB 83ms
79ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ae395017a8a643878bd176eb374bb8da.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

8d299b825d03eff63d8bd84dbee5599e8c519265e3ae8c6750b64cee6e3afed4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 06:27:02 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Thu, 15 Oct 2020 17:43:03 GMT
server: nginx/1.26.1
etag: W/"1d6a31aa19e9589"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 12528
x-xss-protection: 1; mode=block
x-request-id: d96bb9cf6da3f73173bfdf9fa741f1b9
x-sid: 6110

GET
H2 200 d137788d2c0b42b0abe3f174097565a1.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 27 KB
28 KB 87ms
83ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/d137788d2c0b42b0abe3f174097565a1.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

2ad742b8a65165e5cc65154505622c33f1b3f09ae5451f43f395f7f5222e0595

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 09 Jul 2024 15:02:42 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Wed, 16 Aug 2023 09:49:20 GMT
server: nginx/1.26.1
etag: W/"1d9d026edbe03a5"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 27960
x-xss-protection: 1; mode=block
x-request-id: a66803ffb278766aa9a32c54c4e64b74
x-sid: 6110

GET
H2 200 1e884a574d314755b0f01fca0f08dd0e.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 23 KB
23 KB 2014ms
2009ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/1e884a574d314755b0f01fca0f08dd0e.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

c82da55a7f70a756e962e32daea90ee10cdb03e46eac9833e9dc0945a66b49f8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 09:13:35 GMT
date: Wed, 12 Jun 2024 05:18:36 GMT
last-modified: Mon, 11 Dec 2023 05:54:07 GMT
server: nginx/1.26.1
etag: W/"1da2bf6740f432e"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1839
accept-ranges: bytes
content-length: 23438
x-xss-protection: 1; mode=block
x-request-id: 1438deca888e2882d038ceb8b204ee05
x-sid: 6110

GET
H2 200 479f01f4-e8a8-47aa-a330-dc8784d7045f.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/ 10 KB
10 KB 95ms
91ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/479f01f4-e8a8-47aa-a330-dc8784d7045f.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

81b52306ff060d6b18a29e01af467ec63cd32a3b306bec4de71431ec62e7cf8b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 04 May 2020 13:37:16 GMT
server: nginx/1.26.1
etag: W/"1d622191ff985c2"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
server-timing: total;dur=6
accept-ranges: bytes
content-length: 10334
x-xss-protection: 1; mode=block
x-request-id: d13cb3447790ce238668bcebed8c5b31
x-sid: 6110

GET
H2 200 5d07a1f8002c4afcb4d6b85a1ee711a9.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 8 KB
8 KB 83ms
79ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/5d07a1f8002c4afcb4d6b85a1ee711a9.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

3a0557af7e4da0755051959205526d9e07688c018624288684bd3288e9e9c137

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 08 Jul 2024 09:44:46 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Wed, 12 Jan 2022 22:36:16 GMT
server: nginx/1.26.1
etag: W/"1d80804cf673f07"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 7820
x-xss-protection: 1; mode=block
x-request-id: b245714cb7df6a6b99304de8c6a440aa
x-sid: 6110

GET
H2 200 8fd46c20-dbde-4012-b04c-ebe0bf7364dd.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/ 2 KB
2 KB 103ms
99ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/8fd46c20-dbde-4012-b04c-ebe0bf7364dd.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

4d528a7305c794009a94a29ad1ed86b90c138dff906f4eb3d9b2e37abb604d25

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Wed, 04 Mar 2020 12:04:16 GMT
server: nginx/1.26.1
etag: W/"1d5f21d06d6876e"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
server-timing: total;dur=5
accept-ranges: bytes
content-length: 2172
x-xss-protection: 1; mode=block
x-request-id: 7c47b52e3fa96cf60771ec699c199b6a
x-sid: 6110

GET
H2 200 4478a31084014940a8022cb2b620f55f.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 52 KB
52 KB 91ms
87ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/4478a31084014940a8022cb2b620f55f.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

4d293eae52afcc041b171be0b6dc7162231b773d9e92ec82270d2c5d26d3a003

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 05 Jul 2024 12:37:23 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Thu, 30 May 2024 08:15:54 GMT
server: nginx/1.26.1
etag: W/"1dab2699745e879"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 53236
x-xss-protection: 1; mode=block
x-request-id: 898bea995e8d50779a4207d11704d772
x-sid: 6110

GET
H2 200 bba54d1dd40e44a59516b3fed8b063ec.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 12 KB
12 KB 86ms
83ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/bba54d1dd40e44a59516b3fed8b063ec.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

62145c31c37e4bbddd05155e0d95daa0d006a65376799c6cff1dbb5f1adaa6c6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 09:12:21 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 10 Dec 2023 10:30:59 GMT
server: nginx/1.26.1
etag: W/"1da2b53f72cb49b"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 12252
x-xss-protection: 1; mode=block
x-request-id: 0569f0727ed6bc9a4f015e9d8554e93d
x-sid: 6110

GET
H2 200 4b2a94289ee64e7c9ddd9fccb3ebfc1e.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 39 KB
39 KB 90ms
86ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/4b2a94289ee64e7c9ddd9fccb3ebfc1e.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

b4d7bf31ce12962d88cead060c3cfbe151d596824e00c87910829a2c5fc62f18

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 09 Jul 2024 15:59:02 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Tue, 08 Aug 2023 11:07:38 GMT
server: nginx/1.26.1
etag: W/"1d9c9e88aa6cf49"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=2
accept-ranges: bytes
content-length: 39740
x-xss-protection: 1; mode=block
x-request-id: b2c55625ca5e4c4cb5c9d98270533097
x-sid: 6110

GET
H2 200 1370926c9ea14312af1e89462988c835.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 41 KB
42 KB 92ms
88ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/1370926c9ea14312af1e89462988c835.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

9663eecd08a2ceb2acce2025f436f5a3f0f7f742a5073ca5aa41faf337dd54a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 09 Jul 2024 18:53:05 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 02 Oct 2023 07:12:30 GMT
server: nginx/1.26.1
etag: W/"1d9f4ffce5b7577"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 42432
x-xss-protection: 1; mode=block
x-request-id: 4a0ba85ca0ad0164d8346e1394bf1cd3
x-sid: 6110

GET
H2 200 718d488fc1f046bc845a20a27609647b.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 11 KB
11 KB 90ms
86ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/718d488fc1f046bc845a20a27609647b.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

2960bbd368b142b59814a78f99044364618f688f4edcb0114da1404744b1cbcd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 10 Jul 2024 07:59:57 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 29 Apr 2024 09:25:43 GMT
server: nginx/1.26.1
etag: W/"1da9a17354d92cf"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 11352
x-xss-protection: 1; mode=block
x-request-id: 4505b950e402b5fb9240da19d40f00c8
x-sid: 6110

GET
H2 200 c301f3a4c9a7438a80a8cae539a902f9.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/ 24 KB
25 KB 86ms
82ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/products/c301f3a4c9a7438a80a8cae539a902f9.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

583f79c19af878e2cfc478d00812817c72bdd8c5f9118e738800289afaf4a054

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 09 Jul 2024 18:50:09 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 26 Nov 2023 11:54:13 GMT
server: nginx/1.26.1
etag: W/"1da205f460b7a64"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 25042
x-xss-protection: 1; mode=block
x-request-id: 402b19df9c0f8abae1e9618eda16b935
x-sid: 6110

GET
H2 200 8a447de8-cd51-4a14-ba09-4831c9946723.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/ 12 KB
13 KB 90ms
87ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/images/upload/product/category/8a447de8-cd51-4a14-ba09-4831c9946723.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

b8c8853612f8a1c2a2b087d1624e43e445a2a4af4a8bde40ba8be1775fa3ff77

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 04 May 2020 13:00:18 GMT
server: nginx/1.26.1
etag: W/"1d62213f5f18725"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
server-timing: total;dur=2
accept-ranges: bytes
content-length: 12642
x-xss-protection: 1; mode=block
x-request-id: f2805252842916ed0c28d765f99452bf
x-sid: 6110

GET
H2 200 9c556f09d5964d908b360f02fb1d4239.jpg
berozkala.com/Upload/slide/2024/5/26// 8 KB
9 KB 55ms
53ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/5/26//9c556f09d5964d908b360f02fb1d4239.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

865115787ee79485cbc24a9dd00eae0be1aebfac2c653e60da7f2aebf274ff7a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 26 May 2024 07:43:25 GMT
server: ArvanCloud
etag: W/"1daaf4063eae89d"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 8548
x-xss-protection: 1; mode=block
x-request-id: 380f2894a71320b8d385a8a5c278c96a
x-sid: 4102

GET
H2 200 af66535ccc25407db6b86152a84a9535.jpg
berozkala.com/Upload/slide/2024/6/11// 12 KB
12 KB 61ms
58ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/6/11//af66535ccc25407db6b86152a84a9535.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

039f8a102bcdc3195867eb744749d14b851ae974d60e8814dee3902dc008cb6d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Tue, 11 Jun 2024 14:20:58 GMT
server: ArvanCloud
etag: W/"1dabc0a9407ef92"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 12090
x-xss-protection: 1; mode=block
x-request-id: 162acd63ad85b12b0e36c8fbf10bad6b
x-sid: 4102

GET
H2 200 1e2f779a122a4a4988e6c4ef0137109b.jpg
berozkala.com/Upload/slide/2024/5/26// 12 KB
12 KB 69ms
66ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/5/26//1e2f779a122a4a4988e6c4ef0137109b.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

54d6762aeb51bdabc2b8310080b3bf58b0f85237ea327b25c3a1daff40c9ab3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 26 May 2024 07:42:30 GMT
server: ArvanCloud
etag: W/"1daaf40432204ec"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 12142
x-xss-protection: 1; mode=block
x-request-id: 3f2221dcda00b5f55212b6a518f724c8
x-sid: 4102

GET
H2 200 a6855818459144fea9f46c29a7726dd1.jpg
berozkala.com/Upload/slide/2024/5/26// 7 KB
7 KB 52ms
49ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/5/26//a6855818459144fea9f46c29a7726dd1.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

b4fc1b9344cec0a3c2c5f79f79eb0afdd79ad82bc1141f69f2d2c4f378dd3a88

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 26 May 2024 07:43:06 GMT
server: ArvanCloud
etag: W/"1daaf4058989fbf"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 6694
x-xss-protection: 1; mode=block
x-request-id: f3f89363502d4a5d8e4f5698dfe97d32
x-sid: 4102

GET
H2 200 4a1253fedba64d9e9b954fc82fc36c09.jpg
berozkala.com/Upload/slide/2024/5/26// 6 KB
7 KB 57ms
55ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/5/26//4a1253fedba64d9e9b954fc82fc36c09.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

3d2429c50dd6270ea7abab090d1e06c31475fd3947b87e5f92772d26a480bf47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 26 May 2024 07:42:19 GMT
server: ArvanCloud
etag: W/"1daaf403c944009"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 6652
x-xss-protection: 1; mode=block
x-request-id: b6db76c4775b518b9e4058fce5fc5dde
x-sid: 4102

GET
H2 200 2bf752133a614a498f258085ccbeb7fe.jpg
berozkala.com/Upload/slide/2024/5/26// 9 KB
9 KB 64ms
62ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/5/26//2bf752133a614a498f258085ccbeb7fe.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

408bdad5add5382f349c00c692ded14903c6db95a163dba47aae997acca3df7a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 26 May 2024 07:44:11 GMT
server: ArvanCloud
etag: W/"1daaf407f57c928"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 9182
x-xss-protection: 1; mode=block
x-request-id: 961a9de4ec2d4647d0dc6c64d31fa265
x-sid: 4102

GET
H2 200 a7ff1c5ca1ef4e699279f2587cff2d24.jpg
berozkala.com/Upload/slide/2024/5/26// 11 KB
11 KB 84ms
81ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/5/26//a7ff1c5ca1ef4e699279f2587cff2d24.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

c7365cde761c9060154c26ff57be8036bcdba884f88ed3541f4190e02b75acff

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 26 May 2024 07:43:58 GMT
server: ArvanCloud
etag: W/"1daaf4077978ee7"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 11078
x-xss-protection: 1; mode=block
x-request-id: 0d248a4295687634ab5053be43cb345a
x-sid: 4102

GET
H2 200 5381e8cef93f452a9ac30edd52c870e7.png
berozkala.com/Upload/slide/2024/3/3// 17 KB
17 KB 87ms
84ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/slide/2024/3/3//5381e8cef93f452a9ac30edd52c870e7.png

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

532fb954d7074504eea5e5c250700db7001bef628d0eeddca292cfef1d14bad5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:47 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 03 Mar 2024 07:21:10 GMT
server: ArvanCloud
etag: W/"1da6d3b5d7d479e"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 17364
x-xss-protection: 1; mode=block
x-request-id: 79893b1a3117a30bd8e5745285bf5d02
x-sid: 4102

GET logo.aspx
logo.samandehi.ir/ 0
0

GET logo.aspx
trustseal.enamad.ir/ 0
0

GET
H2 200 script
eanjoman.ir/api/ 0
531 B 325ms
200ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eanjoman.ir/api/script?code=HWfTquSBriPFBKF5LWiYfKEb9

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
x-content-type-options: nosniff
x-cache: BYPASS
server-timing: total;dur=162
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 44f2e01e1ab858aa7c32f75c2060602a
x-sid: 4102
pragma: no-cache
server: ArvanCloud
access-control-max-age: 3600
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
accept-ranges: bytes
access-control-allow-headers: access-token, authorization, content-type
expires: 0

GET
H2 200 da7f0b379b4247d9b488ffaf28c3e91c.png
berozkala.com/Upload/Files/png/ 9 KB
9 KB 90ms
89ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/Files/png/da7f0b379b4247d9b488ffaf28c3e91c.png

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

0a87e3c80afbc51fd16c5793095df8625185e898e0230efa86cfdbe45e31088a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 18:58:54 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Sun, 09 Jul 2023 09:38:34 GMT
server: ArvanCloud
etag: W/"1d9b24920fd8e69"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=3
accept-ranges: bytes
content-length: 8808
x-xss-protection: 1; mode=block
x-request-id: ae991eb244f3ca10b7325ab88faede45
x-sid: 4102

GET
H2 200 loading.svg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/ 28 KB
2 KB 89ms
87ms Image
image/svg+xml 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/loading.svg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

992a3c05b754151253538206c4683b61a96a29bc4340ada642f96dd3cfe1d1c8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:40 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Mon, 20 Jan 2020 10:03:27 GMT
server: nginx/1.26.1
etag: W/"1d5cf78dbec71d7"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: public,max-age=2592000
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 4427ebad255db0706b9ee35dfe87c2a6
x-sid: 6110

GET
H2 200 subscribe-validate.js Show response
mail.najva.com/public/theme/version4/assets/js/src/ 112 KB
37 KB 61ms
17ms Script
application/javascript 2606:4700::6810:fb8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.najva.com/public/theme/version4/assets/js/src/subscribe-validate.js?v=1669537416

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fb8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71eef60770728127c4414aff80648ed7417d57fafc50d26b8b695c494e66bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-sib-server: tcplb-1
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 06 Jun 2024 10:21:14 GMT
server: cloudflare
age: 29
etag: W/"66618d9a-1be8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8927618abec09f40-FRA
x-xss-protection: 1
expires: Wed, 12 Jun 2024 09:18:34 GMT

GET
H2 200 plugins.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/ 534 KB
155 KB 194ms
193ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/plugins.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

d4a722483eded84ce39e922818082409f9c3af6e081955872b7a25ceb5d1e45b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 00:12:06 GMT
server: nginx/1.26.1
etag: W/"1d63f84f0a31749"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/javascript
cache-control: max-age=31536000
server-timing: total;dur=153
x-xss-protection: 1; mode=block
x-request-id: c190372a5e41d53640af3727ca40ab29
x-sid: 6110

GET
H2 200 main.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/ 21 KB
5 KB 179ms
179ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/main.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

2e7ccf100c0c97b1eb4925f6dbaf633c5f9d85f509f40cedca6ad573e9487577

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:34 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 00:11:52 GMT
server: nginx/1.26.1
etag: W/"1d63f84e85346e9"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/javascript
cache-control: max-age=31536000
server-timing: total;dur=142
x-xss-protection: 1; mode=block
x-request-id: 112e786d6f4de09a52f75e8dfa9bc583
x-sid: 6110

GET
H2 200 site.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/ 230 B
511 B 86ms
79ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/site.js?v=4q1jwFhaPaZgr8WAUSrux6hAuh0XDg9kPS3xIVq36I0

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:40 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Mon, 11 Nov 2019 05:33:42 GMT
server: nginx/1.26.1
etag: W/"1d5985193fe7fe6"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=5
x-xss-protection: 1; mode=block
x-request-id: fe6f9850769cdff16bfc13158d704184
x-sid: 6110

GET
H2 200 website.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/home/ 131 B
441 B 80ms
74ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/home/website.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

079137118e713af60919a7eba0f99555adfe15ecf9c49cca4c427de221d48c9c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:41 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Wed, 12 Feb 2020 03:40:58 GMT
server: nginx/1.26.1
etag: W/"1d5e1563cc0c1c3"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 04fde65a6ac9069781c36d90eb1d436e
x-sid: 6110

GET
H2 200 jquery.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/ 95 KB
34 KB 95ms
89ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/jquery.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:41 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Sat, 04 Apr 2020 10:21:56 GMT
server: nginx/1.26.1
etag: W/"1d60a6addea4069"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: dc6c68a9d2c0dbbe8dc0f0ccbcebabad
x-sid: 6110

GET
H2 200 jquery-migrate.min.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/ 10 KB
4 KB 84ms
78ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/jquery-migrate.min.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 12:51:41 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Sat, 04 Apr 2020 10:22:20 GMT
server: nginx/1.26.1
etag: W/"1d60a6aec397148"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 06ed5b7b249daf245b86a90605840fa4
x-sid: 6110

GET
H2 200 plugins-theme.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/ 675 KB
203 KB 225ms
219ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/plugins-theme.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

81af577e38dffac17aa700000199a9e43d3550f3a2cd8a9065c1f4bd2a1d74a9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 00:12:06 GMT
server: nginx/1.26.1
etag: W/"1d63f84f0a1c4dd"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/javascript
cache-control: max-age=31536000
server-timing: total;dur=144
x-xss-protection: 1; mode=block
x-request-id: 0078ca94e48d868ce0a1ad51d93aaa39
x-sid: 6110

GET
H2 200 my-script.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/ 50 KB
13 KB 221ms
215ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/js/my-script.js

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

6ff708caa2a0d2fdb176d291deb599dfa57c8b7381bd8254703411e37b976014

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 00:11:59 GMT
server: nginx/1.26.1
etag: W/"1d63f84ec7ff888"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/javascript
cache-control: max-age=31536000
server-timing: total;dur=141
x-xss-protection: 1; mode=block
x-request-id: 4b6e9b48e04f4c5cfb38a32550375c65
x-sid: 6110

GET
H2 200 Core2020.js Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/ 75 KB
13 KB 103ms
97ms Script
application/javascript 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/js/Core2020.js?v=12

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

d2c4718e6348e557521c94e6a5e21bf78b733a6953ecc94971f9e9f7ba6015d2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 10 Jun 2024 11:49:06 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Sat, 11 May 2024 11:47:26 GMT
server: nginx/1.26.1
etag: W/"1daa398fe71b65a"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=2592000
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 489e5e3cb83c82fd52e6859ab18501d7
x-sid: 6110

GET
H2 200 sa.js Show response
sibautomation.com/ 8 KB
3 KB 55ms
28ms Script
text/javascript 2606:4700:4400::ac40:96ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=wg5gwucbu2djambuiex7l7ry
Requested by: Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:96ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: e0d8625a7d4e594de501868b9349637e93a119b02872ff1705f95b0924ac8c64

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 6423
cf-polished: origSize=11135
etag: W/"2b7f-XeJSYdLrifI7JSoC8YukTjziGQc"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 8927618c2f3e8f2e-FRA
expires: Wed, 12 Jun 2024 05:19:34 GMT

GET
H2 200 d4a61527843f447696df9b31a0dfb7c4.jpg
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/temp/ 10 KB
10 KB 83ms
83ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/temp/d4a61527843f447696df9b31a0dfb7c4.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

5d22d81508680ebb745ecb47170cf599b90b7a8fd91e0e17d8fd0fd9b64cd2dc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 25 Jun 2024 07:44:40 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Wed, 03 Apr 2024 07:16:04 GMT
server: nginx/1.26.1
etag: W/"1da8596c9eb4500"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 10152
x-xss-protection: 1; mode=block
x-request-id: b88ef7219cbbf57b8408e574ab18e310
x-sid: 6110

GET
H2 200 Dana-Medium.woff
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/font1401/ 36 KB
36 KB 223ms
222ms Font
application/font-woff 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/font1401/Dana-Medium.woff

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/styles.css?v=9184

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

d0241b30295201eaca1337bed034866c044478578a131675a39c80348b7acfc5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/styles.css?v=9184
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Sun, 04 Sep 2022 03:39:12 GMT
server: nginx/1.26.1
etag: W/"1d8c00fe5ce3f98"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/font-woff
cache-control: max-age=31536000
server-timing: total;dur=151
x-xss-protection: 1; mode=block
x-request-id: f76448becf6c13e86885800aad05065e
x-sid: 6110

GET
H2 200 67da9d2a9e6d4e1bb6af7863b69698b5.png
987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/temp/ 6 KB
6 KB 85ms
85ms Image
image/webp 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/Upload/temp/67da9d2a9e6d4e1bb6af7863b69698b5.png

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

768afdde218d54473fe2b6db6b8baee751b9d6f7da0bdc95b0d484b951c1ef98

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 25 Jun 2024 07:44:40 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Wed, 03 Apr 2024 07:16:04 GMT
server: nginx/1.26.1
etag: W/"1da8596c9ea2b4f"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1
accept-ranges: bytes
content-length: 5730
x-xss-protection: 1; mode=block
x-request-id: ec32698ec3152d3d8ccef772e3d2695d
x-sid: 6110

GET
H2 200 fa-light-300.woff2
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/ 153 KB
154 KB 223ms
223ms Font
font/woff2 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/fa-light-300.woff2

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

ecaf1bdac83aed4f44449b88c396b8fbbe2854bad9e1d65343af86ac35f88abf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Thu, 11 Jun 2020 00:07:09 GMT
server: nginx/1.26.1
etag: "1d63f843fa6d1d0"
x-powered-by: ASP.NET
x-cache: BYPASS
content-type: font/woff2
cache-control: max-age=31536000
server-timing: total;dur=146
accept-ranges: bytes
content-length: 157008
x-xss-protection: 1; mode=block
x-request-id: 819d9ff38c7ff45d7c4df3f8a523ac12
x-sid: 6110

GET
H2 200 DanaFaNum-Medium.woff
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/font1401/ 51 KB
51 KB 223ms
222ms Font
application/font-woff 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/font1401/DanaFaNum-Medium.woff

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/styles.css?v=9184

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

ef38d7bfbf024b884a699be968ffa3008c14726fdb19f5200f49c50c42d3813d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/styles.css?v=9184
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
content-encoding: br
last-modified: Sun, 04 Sep 2022 03:39:12 GMT
server: nginx/1.26.1
etag: W/"1d8c00fe5ce7ad0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/font-woff
cache-control: max-age=31536000
server-timing: total;dur=152
x-xss-protection: 1; mode=block
x-request-id: bb90ff709123866f5904bb02c6aeb711
x-sid: 6110

GET
H2 200 fa-brands-400.woff2
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/ 73 KB
73 KB 209ms
208ms Font
font/woff2 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/fa-brands-400.woff2

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

554a6afbe6416e8556e2735042512e57d021e00e49a964d84de15eb72b16504c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Thu, 11 Jun 2020 00:06:47 GMT
server: nginx/1.26.1
etag: "1d63f843286e61c"
x-powered-by: ASP.NET
x-cache: BYPASS
content-type: font/woff2
cache-control: max-age=31536000
server-timing: total;dur=148
accept-ranges: bytes
content-length: 74652
x-xss-protection: 1; mode=block
x-request-id: 93fd85c714ce44f690d5b33831a83b7a
x-sid: 6110

GET
H2 200 fontawesome-webfont.woff2
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/ 75 KB
76 KB 222ms
222ms Font
font/woff2 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Thu, 11 Jun 2020 00:07:27 GMT
server: nginx/1.26.1
etag: "1d63f844a5e64e8"
x-powered-by: ASP.NET
x-cache: BYPASS
content-type: font/woff2
cache-control: max-age=31536000
server-timing: total;dur=152
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block
x-request-id: b723789bb09266070fcdd81727983882
x-sid: 6110

GET
H2 200 75c95adbaf2e4ab9a8b9a0007f7a3b79.jpg
berozkala.com/Upload/articles/ 19 KB
20 KB 63ms
63ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/articles/75c95adbaf2e4ab9a8b9a0007f7a3b79.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

a50e7c9f4afe66f9076f2a5ada2dc549f0224433d4ef3f8b7eb999fd40a5c71d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 22:27:45 GMT
date: Wed, 12 Jun 2024 05:18:34 GMT
last-modified: Mon, 03 Jun 2024 10:06:54 GMT
server: ArvanCloud
etag: W/"1dab59dc297bd8d"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1
accept-ranges: bytes
content-length: 19784
x-xss-protection: 1; mode=block
x-request-id: 6211bf13ba4ba2bc9e57b93e16fefae6
x-sid: 4102

GET
H2 200 7f502b067a9c4bddb65beb2b67a5ec77.jpg
berozkala.com/Upload/articles/ 23 KB
24 KB 692ms
692ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/articles/7f502b067a9c4bddb65beb2b67a5ec77.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

3c4ade41ad55da339c12e9e63577c014dc1e56dafa2787172ae034dd73a5a135

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:35 GMT
last-modified: Mon, 03 Jun 2024 10:02:47 GMT
server: ArvanCloud
etag: W/"1dab59d2f5c5710"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=639
accept-ranges: bytes
content-length: 23968
x-xss-protection: 1; mode=block
x-request-id: 41c3aa12ff263a0a08ddc2c82e9e7d32
x-sid: 4102

GET
H2 200 a1f4a18a3c4e4a57ae9325e129c422c2.jpg
berozkala.com/Upload/articles/ 21 KB
21 KB 682ms
682ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/articles/a1f4a18a3c4e4a57ae9325e129c422c2.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

ff9616336f4cadaaeabdc6d25c808134d1c5d7fc4fd773889e441b0a345f2469

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:35 GMT
date: Wed, 12 Jun 2024 05:18:35 GMT
last-modified: Mon, 27 May 2024 10:02:37 GMT
server: ArvanCloud
etag: W/"1dab01d00824cd5"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=629
accept-ranges: bytes
content-length: 21566
x-xss-protection: 1; mode=block
x-request-id: 9517aab7d7c25ddcd7fbc009a20e66ae
x-sid: 4102

GET
H2 200 cm.html
sibautomation.com/ Frame 20BB 0
0 80ms
64ms Document
text/html 2606:4700:4400::6812:2546
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=wg5gwucbu2djambuiex7l7ry
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=wg5gwucbu2djambuiex7l7ry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2546 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 21578
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8927618c79db9244-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 05:18:35 GMT
expires: Wed, 12 Jun 2024 07:18:35 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
96 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DNMRPFBZK6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K33TNFC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8e78445df5c13cb7120f17b7bcf07cd61f6c9cc54d0b9d8e02b33427f7d6b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jun 2024 05:18:35 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
82 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-653189604&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K33TNFC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

100305017ace70592c12720fbee2ec26863502fedec6ea7bf0adcecffc68a09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83545
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 05:18:35 GMT

GET
H2 200 rg.complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v3/S90y2gYA/ 91 KB
22 KB 450ms
265ms Script
application/javascript 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v3/S90y2gYA/rg.complete.js?v=20240501207

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

9063e80fcb68ba43ef73b8dfe54c05f5e015922298e07e2a82e4970243a5a8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: REVALIDATED
last-modified: Sun, 02 Jun 2024 10:57:10 GMT
server: Delivery
x-amz-request-id: tx00000de32258f63babe62-0066691ed8-a11e6c4-default
etag: W/"90c3028021897c9fa2913d57d46313a2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-encoding: br
x-rgw-object-type: Normal
cache-control: public, max-age=3600
x-zrk-us: 200
x-zrk-sn: 4001

GET
H2

200

local-messaging.css
assets.najva.com/webpush/static/css/
Redirect Chain

https://app.najva.com/static/css/local-messaging.css?v=20240501207
https://assets.najva.com/webpush/static/css/local-messaging.css?v=20240501207

10 KB
2 KB

284ms
86ms

Stylesheet
text/css

185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.najva.com/webpush/static/css/local-messaging.css?v=20240501207

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
content-encoding: br
x-zrk-cs: HIT
strict-transport-security: max-age=31536000
x-amz-request-id: tx00000983b9fdf840dfccc-00666449a7-210ffd7-ir-tbz-sh1
x-cache: BYPASS
x-zrk-us: 200
server-timing: total;dur=304
x-zrk-sn: 4001
x-xss-protection: 1; mode=block
x-request-id: d7def0f74b11994c046f0fa6470dadad
x-sid: 6111
last-modified: Mon, 13 Feb 2023 15:10:16 GMT
server: Delivery
etag: W/"20685ae09d2ce2a080031240f15c7725"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-meta-mtime: 1674484809.295193216

Redirect headers

date: Wed, 12 Jun 2024 05:18:35 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://assets.najva.com/webpush/static/css/local-messaging.css?v=20240501207
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NgWmI04Gh7auOWZY2%2BzrT6CIi5YwFs9mTNyhQMlZrxmuS%2BunURNgmrGPQo%2Bp4UXA0LkGtZxzJxvsjrv0WojaVGNlmqO%2BDulsTsDFHOb1KEu3gfo7xx8yTlVY5zLldaYF"}],"group":"cf-nel","max_age":604800}
cf-ray: 8927618d0b551973-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3

200

berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js Show response
van.najva.com/static/js/scripts/
Redirect Chain

https://app.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js?v=20240501207
https://van.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js?v=20240501207

176 KB
45 KB

510ms
500ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js?v=20240501207

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0075a137d3f70f5d84c7d4f84a6d1f55f74d5fce06a5d94338f7f29fc59706d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: HIT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000001c090f193d58c847-006667d687-a0cf68b-default
content-encoding: br
x-zrk-us: 200
x-zrk-sn: 4101
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jun 2024 03:49:54 GMT
server: cloudflare
etag: W/"8096fab8c0ec46a1eb8b3d9d5ef166a8"
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XhMwyDbr4GMFaIYslvNvQL4VOsjJvObg06OdcN2KXApZf8J0opNT8IWmf3o23tTEDo7EgEqaPJr%2BggLmUyuyEIiNiNQB49xXa1dxTUffDWtNTzwHICsxb5%2Fxhw34HB1Q"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
x-rgw-object-type: Normal
cache-control: public, max-age=14400
access-control-max-age: 10
cf-ray: 8927618d4b8f1973-FRA
access-control-allow-headers: *

Redirect headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:35 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlijwW86BNrNv94HRJMDVFW4QJZ4c1NrH2USLWeS3IXblWwJEirBqW5pJCBdlT1Kb0L%2FTNh93ed1Mmis8wWEX5spKXq%2BVsIEb%2BEAAODlNOqYr2RGfh0fs4%2BpmRHsYoch"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://van.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js?v=20240501207
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8927618d0b581973-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 retargeting.js Show response
n1.sanjagh.com/serve/62451/ 139 KB
50 KB 300ms
109ms Script
application/javascript 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://n1.sanjagh.com/serve/62451/retargeting.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K33TNFC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

fd9e5d30d94e0addee2fd8e58244705a6a360c65267c56192143ed9587a8f868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-pcache-status: HIT
last-modified: Sun, 02 Jun 2024 12:34:12 GMT
etag: W/"665c66c4-22ac1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200

GET
H2 200 retargeting.js Show response
s1.mediaad.org/serve/1504/ 139 KB
50 KB 318ms
110ms Script
application/javascript 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.mediaad.org/serve/1504/retargeting.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K33TNFC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

fd9e5d30d94e0addee2fd8e58244705a6a360c65267c56192143ed9587a8f868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-pcache-status: HIT
last-modified: Sun, 02 Jun 2024 12:34:12 GMT
etag: W/"665c66c4-22ac1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200

GET
H2 200 gprlg-affili-v2.js Show response
analytics.affili.ir/scripts/ 4 KB
2 KB 124ms
40ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.affili.ir/scripts/gprlg-affili-v2.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K33TNFC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / Express

Resource Hash

baf5833335e7c8484c418344959750248b7ca1c47cc179e247d652d40c0bc880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-powered-by: Express
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 07f5592a3bce009b7ecc2bea7fd24e2d
x-sid: 4102
last-modified: Thu, 29 Jun 2023 12:55:08 GMT
server: ArvanCloud
etag: W/"1146-1890738c606"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 12 Jun 2024 06:18:35 GMT

GET
H2 200 cashback.js Show response
cashback.takhfifan.com/112626/ 4 KB
2 KB 379ms
294ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://cashback.takhfifan.com/112626/cashback.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K33TNFC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

dbd8ffba14fccee682f073a4bb914a30e1558cf4440cc1052b670986f4dbaabe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
age: 0
x-cache: MISS, REVALIDATED
server-timing: total;dur=255
x-xss-protection: 1; mode=block
x-request-id: edf5589ca6a67d8621176c6af3e93535
x-sid: 4102
last-modified: Tue, 21 Nov 2023 09:33:32 GMT
server: ArvanCloud
etag: W/"655c796c-e8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 5316133
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
expires: Tue, 11 Jun 2024 22:44:45 GMT

GET
H2 200 sniper.js Show response
cdn.tavoos.net/services/retargeting/2659/ 5 KB
2 KB 356ms
274ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tavoos.net/services/retargeting/2659/sniper.js?v=20240501207

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

1c2fba3bdce71a4967313d38c5984034807adf410361149de04295f5f56926d1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
content-encoding: gzip
x-tavoos-cdn: HIT
x-cache: MISS
server-timing: total;dur=235
x-tavoos-region: TEHRAN
x-xss-protection: 1; mode=block
x-request-id: de9182fc91514847e5f3e13ddee0fe61
x-sid: 4102
last-modified: Tue, 09 Jan 2024 13:46:49 GMT
server: ArvanCloud
etag: W/"659d4e49-1257"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=36000
x-tavoos-server: FASTCLICK-MILAD-TOWER
expires: Wed, 12 Jun 2024 15:18:35 GMT

GET
H2 200 j10zhd5wyc Show response
www.clarity.ms/tag/ 637 B
1001 B 147ms
100ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/j10zhd5wyc?ref=gtm2
Requested by: Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 886524b2d20e40396918b096430db240d373eb96f87439df41bf9e676d3c7214

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Wed, 12 Jun 2024 05:18:35 GMT
x-azure-ref: 20240612T051835Z-16577d9575dkdvtn1fu9bs4rs00000000dd000000000fzqh
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 cm.html
sibautomation.com/ Frame E23A 0
0 18ms
18ms Document
text/html 2606:4700:4400::6812:2546
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=wg5gwucbu2djambuiex7l7ry
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=wg5gwucbu2djambuiex7l7ry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2546 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 21578
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8927618cea409244-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 05:18:35 GMT
expires: Wed, 12 Jun 2024 07:18:35 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

POST
H2 204 collect
region1.analytics.google.com/g/ 0
286 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DNMRPFBZK6&gtm=45je46a0v897826802z8830340590za200zb830340590&_p=1718169514363&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=676479032.1718169515&ecid=1532581173&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1718169515&sct=1&seg=0&dl=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&dt=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1419
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNMRPFBZK6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
286 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DNMRPFBZK6&cid=676479032.1718169515&gtm=45je46a0v897826802z8830340590za200zb830340590&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNMRPFBZK6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
18ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DNMRPFBZK6&cid=676479032.1718169515&gtm=45je46a0v897826802z8830340590za200zb830340590&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=137370870

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p Show response
in-automate.brevo.com/ 0
99 B 58ms
39ms XHR
text/plain 2606:4700:4400::ac40:9528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=wg5gwucbu2djambuiex7l7ry&cuid=234cbbee-7705-45a0-aae7-666a734d8c3d&ma_url=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&sib_type=page&ma_title=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&sib_name=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&ma_referrer=&ma_path=%2F
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=wg5gwucbu2djambuiex7l7ry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 12 Jun 2024 05:18:35 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8927618e98d43835-FRA

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 14ms
13ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/j10zhd5wyc?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240612T051835Z-16577d9575dkdvtn1fu9bs4rs00000000dd000000000fzqq
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6c728f9f-801e-0015-2192-b53968000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
325 B 305ms
104ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Date: Wed, 12 Jun 2024 05:18:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 UpdateStatics Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/api/ 0
189 B 189ms
188ms XHR
text/plain 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/api/UpdateStatics

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: */*
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
server: nginx/1.26.1
x-powered-by: ASP.NET
x-cache: BYPASS
server-timing: total;dur=151
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: abb26a02b118301b852b13d94e8bd4fc
x-sid: 6110

GET
H2 200 MakeToken Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/api/Users/ 0
280 B 186ms
186ms XHR
text/plain 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/api/Users/MakeToken?_=1718169515222

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: */*
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
server: nginx/1.26.1
x-powered-by: ASP.NET
x-cache: BYPASS
server-timing: total;dur=151
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 75153527b071074f96f808334fa4526a
x-sid: 6110

GET
H2 200 anymousOrder Show response
987112309800029878819323782493094213723487921903210.d.w1z.wtf/api/Order/ 1 B
262 B 183ms
183ms XHR
application/json 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/api/Order/anymousOrder?_=1718169515223

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: */*
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:35 GMT
content-encoding: br
server: nginx/1.26.1
x-powered-by: ASP.NET
vary: Accept-Encoding, Accept-Encoding
x-cache: BYPASS
content-type: application/json; charset=utf-8
server-timing: total;dur=150
x-xss-protection: 1; mode=block
x-request-id: a13fabb2707388d5203c57a6747d56fd
x-sid: 6110

GET
H2 200 support-info.png
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/images/ 6 KB
6 KB 178ms
178ms Image
image/png 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/images/support-info.png

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/styles.css?v=9184

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

e91ec2cf1281102bd55d067ea5f5fa3e68850254cc12c7f6cd3352831374b93b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/styles.css?v=9184
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:35 GMT
last-modified: Thu, 11 Jun 2020 00:10:04 GMT
server: nginx/1.26.1
etag: "1d63f84a7f38164"
x-powered-by: ASP.NET
x-cache: BYPASS
content-type: image/png
cache-control: max-age=31536000
server-timing: total;dur=144
accept-ranges: bytes
content-length: 5988
x-xss-protection: 1; mode=block
x-request-id: 850e468cc6344b3dfb5c3a2040aa8915
x-sid: 6110

GET
H2 200 star.woff
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/ 1 KB
2 KB 189ms
188ms Font
application/font-woff 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/fonts/star.woff

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/kalastore.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/kalastore.css
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:35 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 00:09:35 GMT
server: nginx/1.26.1
etag: W/"1d63f8496aa8c98"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/font-woff
cache-control: max-age=31536000
server-timing: total;dur=152
x-xss-protection: 1; mode=block
x-request-id: 20c8e346469a1221c0df46bc6db34087
x-sid: 6110

GET
H2 200 bx_loader.gif
987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/images/ 847 B
1 KB 175ms
175ms Image
image/gif 49.13.223.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/images/bx_loader.gif

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.13.223.108 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.223.13.49.clients.your-server.de

Software

nginx/1.26.1 / ASP.NET

Resource Hash

65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/assets/css/plugins-theme.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:35 GMT
last-modified: Thu, 11 Jun 2020 00:09:56 GMT
server: nginx/1.26.1
etag: "1d63f84a32ee14f"
x-powered-by: ASP.NET
x-cache: BYPASS
content-type: image/gif
cache-control: max-age=31536000
server-timing: total;dur=142
accept-ranges: bytes
content-length: 847
x-xss-protection: 1; mode=block
x-request-id: 9f6d0754e7cee92f3d006795af81a437
x-sid: 6110

GET
H2 200 broadcast
sniper.tavoos.net/v1/retargeting/ Frame F910 0
0 280ms
97ms Document
text/html 212.33.197.123
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL: https://sniper.tavoos.net/v1/retargeting/broadcast
Requested by: Host: cdn.tavoos.net
URL: https://cdn.tavoos.net/services/retargeting/2659/sniper.js?v=20240501207
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.33.197.123 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software: nginx / FastClick
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 05:18:36 GMT
server: nginx
vary: Accept-Encoding Origin
x-fast-app: 1
x-fast-e-build: 2024-06-08T11:09:19Z
x-fast-e-node: 2
x-powered-by: FastClick

GET
H2 200 advertiser.json Show response
ma-cdn.pegah.tech/v1/retargeting/62451/ 26 KB
3 KB 285ms
90ms XHR
application/json 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://ma-cdn.pegah.tech/v1/retargeting/62451/advertiser.json

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

7b1665a590d5ad01655b57d2ae21e96fdbba7c3a49f820249d3702aef44b0adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 advertiser.json Show response
ma-cdn.pegah.tech/v1/retargeting/1504/ 27 KB
3 KB 282ms
88ms XHR
application/json 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://ma-cdn.pegah.tech/v1/retargeting/1504/advertiser.json

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

26b4d957b7e47baa2926b023b2c088ec6bc1d825932c4522b7143e814e6dfbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 8f42906f-f655-4c7d-bda9-0c8ec2fcdc50.jpg
berozkala.com/images/upload/product/category/ 8 KB
9 KB 762ms
759ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/images/upload/product/category/8f42906f-f655-4c7d-bda9-0c8ec2fcdc50.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

16cfd4651f6c49cf10c96844a2f644be9d281b4736238f101622f06beb9cf910

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:36 GMT
last-modified: Sat, 23 Jun 2018 12:12:24 GMT
server: ArvanCloud
etag: W/"1d40aeb7198bd06"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
server-timing: total;dur=720
accept-ranges: bytes
content-length: 8496
x-xss-protection: 1; mode=block
x-request-id: c484be308608b8ad9d056a33d76af086
x-sid: 4102

GET
H2 200 edee3de08d20407a907da5b13a6861c0.jpg
berozkala.com/Upload/products/ 20 KB
21 KB 1382ms
1380ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/edee3de08d20407a907da5b13a6861c0.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

9624249bc23c6d602224a818dc3db857377075d29bfeb80f59df4e36236dc715

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Sun, 17 Sep 2023 13:17:52 GMT
server: ArvanCloud
etag: W/"1d9e9695cae93ee"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1342
accept-ranges: bytes
content-length: 20730
x-xss-protection: 1; mode=block
x-request-id: 84b48e0d82a217962050d1d037b7ea9a
x-sid: 4102

GET
H2 200 8e31e1725042439e9ba919f963b5ec39.jpg
berozkala.com/Upload/products/ 16 KB
16 KB 44ms
42ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/8e31e1725042439e9ba919f963b5ec39.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

b9dfec3eb3c72ffb4dbac219f3a9f64c9c1334df6a2936b952d64f5b82af8082

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 19:56:47 GMT
date: Wed, 12 Jun 2024 05:18:36 GMT
last-modified: Sun, 14 May 2023 13:43:32 GMT
server: ArvanCloud
etag: W/"1d9866a128d6fb3"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 16368
x-xss-protection: 1; mode=block
x-request-id: 1fa69cd2d3f942b267f8afb826649b5d
x-sid: 4102

GET
H2 200 4485d57f2aec4dd6b2d84d0da03e6c96.jpg
berozkala.com/Upload/products/ 22 KB
22 KB 1736ms
1734ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/4485d57f2aec4dd6b2d84d0da03e6c96.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

3cff08e7d55f628b1face6fd22cf2020fb22a2a6205ec5ab3c47f936eee5bbad

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Tue, 23 Apr 2024 06:18:48 GMT
server: ArvanCloud
etag: W/"1da95461a28b0e0"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1693
accept-ranges: bytes
content-length: 22194
x-xss-protection: 1; mode=block
x-request-id: b270b7724e9b72fe515ea8dd434934c1
x-sid: 4102

GET
H2 200 8b17e7f814d646bba774581b1622364c.jpg
berozkala.com/Upload/products/ 12 KB
12 KB 1005ms
1003ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/8b17e7f814d646bba774581b1622364c.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

b2fe3a6d9ec57f7f861e06f2deaf0f3178139d38e2f74dccf4e1b6ebee8aab08

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Tue, 16 Feb 2021 13:15:13 GMT
server: ArvanCloud
etag: W/"1d70465c260b91e"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=963
accept-ranges: bytes
content-length: 12104
x-xss-protection: 1; mode=block
x-request-id: 074d6f93fbe0a788b5369e374c6e00d7
x-sid: 4102

GET
H2 200 4e3d5a11816f41268527eeeab8514e20.jpg
berozkala.com/Upload/products/ 7 KB
7 KB 935ms
933ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/4e3d5a11816f41268527eeeab8514e20.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

abbce7fdd130b8f1f57b2127ea4c4e8eae59c578057b300e7d4dc4f8247c29fc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Wed, 12 Apr 2023 20:35:05 GMT
server: ArvanCloud
etag: W/"1d96d7e43811604"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=893
accept-ranges: bytes
content-length: 7310
x-xss-protection: 1; mode=block
x-request-id: e1c7f61af8c8849427ca3128c1ed4a87
x-sid: 4102

GET
H2 200 d4c65eb8fcae46338da60bd5eb17616c.jpg
berozkala.com/Upload/products/ 17 KB
17 KB 46ms
45ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/d4c65eb8fcae46338da60bd5eb17616c.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

4a2586b49ca7336b45db80f85c9a60b791dba96b804b346a29ce03ca4eddb5d4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 11 Jul 2024 19:57:54 GMT
date: Wed, 12 Jun 2024 05:18:36 GMT
last-modified: Wed, 06 Apr 2022 18:20:19 GMT
server: ArvanCloud
etag: W/"1d849e2f89eb8ba"
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=0
accept-ranges: bytes
content-length: 17166
x-xss-protection: 1; mode=block
x-request-id: 19d82ce525cfdc73d58dd7a54ca773e4
x-sid: 4102

GET
H2 200 6f3ae8df90434340aafd8cb673b23e9b.jpg
berozkala.com/Upload/products/ 21 KB
21 KB 1090ms
1089ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/6f3ae8df90434340aafd8cb673b23e9b.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

f0bee28b70a5314f8b7cc01abb32e1c535cbb7dc0614503cbf5a954ed14eb70c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Thu, 11 Nov 2021 09:36:41 GMT
server: ArvanCloud
etag: W/"1d7d6dfa1b84da7"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1047
accept-ranges: bytes
content-length: 21448
x-xss-protection: 1; mode=block
x-request-id: d15afca33ec06dac8e53ff474e31fe43
x-sid: 4102

GET
H2 200 7cf97553a3e349cea264776a72f14cd7.jpg
berozkala.com/Upload/products/ 16 KB
17 KB 917ms
916ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/7cf97553a3e349cea264776a72f14cd7.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

89c2cff25fa246f013c800b633ce556c3d2bcc995e7621d2ca54a6ad61197710

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Wed, 15 Feb 2023 20:43:25 GMT
server: ArvanCloud
etag: W/"1d9417e2665a707"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=875
accept-ranges: bytes
content-length: 16604
x-xss-protection: 1; mode=block
x-request-id: 06b29b7b3d551fcf6a2ffb133c75ba0a
x-sid: 4102

GET
H2 200 5adbf47b-6a09-4cf3-aee3-d1ceddcefe65.jpg
berozkala.com/images/upload/product/category/ 20 KB
20 KB 671ms
670ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/images/upload/product/category/5adbf47b-6a09-4cf3-aee3-d1ceddcefe65.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

9e1f95bb43d5e7a3ac0f4a67ce92480e489c235eb626fea2f75f7fe8c51c5fc6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:36 GMT
last-modified: Tue, 30 Jul 2019 10:09:12 GMT
server: ArvanCloud
etag: W/"1d546bed5ae26fc"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
server-timing: total;dur=629
accept-ranges: bytes
content-length: 20108
x-xss-protection: 1; mode=block
x-request-id: ad915201d9685a21d1c07ded83eae016
x-sid: 4102

GET
H2 200 dc3b16a12926477f82bd9b0e08c9580a.jpg
berozkala.com/Upload/products/ 40 KB
40 KB 1043ms
1042ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/dc3b16a12926477f82bd9b0e08c9580a.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

7b9b8854393856d197478fb36d413c70bccdaa5376ba194513f133c21fb605f7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Tue, 14 Nov 2023 05:50:18 GMT
server: ArvanCloud
etag: W/"1da16be726b0066"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=964
accept-ranges: bytes
content-length: 40864
x-xss-protection: 1; mode=block
x-request-id: 971650a9452983a1e66b0c047df6d290
x-sid: 4102

GET
H2 200 43580a5946e648d48d253f17304a7c01.jpg
berozkala.com/Upload/products/ 20 KB
21 KB 1131ms
1130ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/43580a5946e648d48d253f17304a7c01.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

c7b97226e6f675a9b9e58ae15423ca7d6b359f56d53643bb8f35c7cda81d1d5a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Wed, 06 Apr 2022 17:04:52 GMT
server: ArvanCloud
etag: W/"1d849d86e51f0fd"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1052
accept-ranges: bytes
content-length: 20682
x-xss-protection: 1; mode=block
x-request-id: 5a129670e3e3c84f713dd27f8d9cd540
x-sid: 4102

GET
H2 200 6d48cdd32e704bef8975f86826d83a51.jpg
berozkala.com/Upload/products/ 10 KB
10 KB 860ms
859ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/6d48cdd32e704bef8975f86826d83a51.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

01d79900f4dbc70746684096dff010360fb67fe720f17535b42a21c11ca99fec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:36 GMT
last-modified: Sun, 18 Dec 2022 08:23:49 GMT
server: ArvanCloud
etag: W/"1d912ba0dddbbcf"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=782
accept-ranges: bytes
content-length: 10266
x-xss-protection: 1; mode=block
x-request-id: cda8a8c25229ceaa351a06fc72c47ba2
x-sid: 4102

GET
H2 200 ca645aaa6d264a81a754eb69e30e56fc.jpg
berozkala.com/Upload/products/ 10 KB
10 KB 1458ms
1457ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/ca645aaa6d264a81a754eb69e30e56fc.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

c86c792d5fa13e5878719331f176f6328758f9dca4437144ab7b4556e7d376c2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Thu, 24 Jun 2021 15:46:37 GMT
server: ArvanCloud
etag: W/"1d769101dbcb3d1"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1380
accept-ranges: bytes
content-length: 10184
x-xss-protection: 1; mode=block
x-request-id: a55aebf8fa3529663b74a2239b8a68e9
x-sid: 4102

GET
H2 200 cc280fc53dff4a0f93ef77f0190179ab.jpg
berozkala.com/Upload/products/ 22 KB
23 KB 831ms
830ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/cc280fc53dff4a0f93ef77f0190179ab.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

c3b61b967addf738fefe3e409265d79aa0b020c599e5ca5faea4f678591b805f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:36 GMT
last-modified: Fri, 09 Jul 2021 19:28:48 GMT
server: ArvanCloud
etag: W/"1d774f8a3d3ad24"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=752
accept-ranges: bytes
content-length: 22800
x-xss-protection: 1; mode=block
x-request-id: c4bdb89dc73ee7b512b23096135b4a43
x-sid: 4102

GET
H2 200 4e9a0d67a534428c8ab9270cfda86d0e.jpg
berozkala.com/Upload/products/ 67 KB
67 KB 1442ms
1442ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/4e9a0d67a534428c8ab9270cfda86d0e.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

0d08747a06820413a7616ccabdeac372fc2af85dfd27bbaf87799a066d891b63

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:36 GMT
date: Wed, 12 Jun 2024 05:18:37 GMT
last-modified: Wed, 02 Aug 2023 08:33:34 GMT
server: ArvanCloud
etag: W/"1d9c51c06513cbd"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=1364
accept-ranges: bytes
content-length: 68512
x-xss-protection: 1; mode=block
x-request-id: db624de7cba86e01045e6c0ed30879fb
x-sid: 4102

GET
H2 200 affili-v2.js Show response
analytics.affili.ir/scripts/ 8 KB
3 KB 38ms
38ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.affili.ir/scripts/affili-v2.js

Requested by

Host: analytics.affili.ir
URL: https://analytics.affili.ir/scripts/gprlg-affili-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / Express

Resource Hash

0ac4f5bc936021b978c138c023fff421301f3ca0c5c2f2c2904838317c568aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-powered-by: Express
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: d2de3997cd6f0cf30e10b0d670c4c66c
x-sid: 4102
last-modified: Sat, 23 Sep 2023 16:08:07 GMT
server: ArvanCloud
etag: W/"1fda-18ac2cc5ad2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 12 Jun 2024 06:18:36 GMT

GET
H3 200 berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.json Show response
van.najva.com/static/js/scripts/ 3 KB
2 KB 905ms
886ms Fetch
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.json?v=2024-06-12T05

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98b6e480cf425f31e3c57fc10cbd7854fdca75622a4d86a47bf0b4ed3ac2b01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000072e3f90bde58df8f-0066692fac-9ed6b02-default
content-encoding: br
x-zrk-us: 200
x-zrk-sn: 4101
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jun 2024 03:51:28 GMT
server: cloudflare
etag: W/"c1e19ae4e6fe17eb52db4eb08214c918"
vary: Accept-Encoding, Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzxwsGi2v%2BTwsjO2hfO7v1RqkjKiDT4Py7NRJQh0%2BHnEYLUNGSf9BP8h4CBpQWSjHhmJy%2BR5qSfe0Ol7PnCW7i%2FUKu5kszp9jraucqXM9ct%2FZz0lTDoOWnk951mu7ePt"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
x-rgw-object-type: Normal
cache-control: public, max-age=3600
access-control-max-age: 10
cf-ray: 89276194eee1bb59-FRA
access-control-allow-headers: *

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
443 B 448ms
261ms XHR
application/json 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=fBulDNTr

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=0
x-zrk-cs: BYPASS
x-zrk-us: 200
x-zrk-sn: 4001
content-length: 5
pragma: no-cache
server: Delivery
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: Authorization
expires: 0

GET
H2 200 /
ua.yektanet.com/cookie/iframe/ Frame 4C89 0
0 456ms
251ms Document
text/html 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/cookie/iframe/

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/S90y2gYA/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: br
content-type: text/html
date: Wed, 12 Jun 2024 05:18:36 GMT
expires: 0
last-modified: Wednesday, 12-Jun-2024 05:18:36 GMT
pragma: no-cache
server: Delivery
strict-transport-security: max-age=0
vary: Accept-Encoding
x-zrk-cs: BYPASS
x-zrk-sn: 4001
x-zrk-us: 200

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 455ms
254ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=de584847-9d93-4deb-bc16-524bbb47c63f&abj=0&aed=adv&abh=3742&sv=3&st=rg.complete.js&fis=1&ffu=1&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=fBulDNTr&aec=3701&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6124&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/S90y2gYA/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:36 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
659 B 451ms
252ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=1d317f23-ae51-4c0c-8ba7-b5ef8202699a&abj=1&aed=adv&abh=3742&sv=3&st=rg.complete.js&fis=1&ffu=1&psc=1282&psi=1308&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=fBulDNTr&aec=3701&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6124&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/S90y2gYA/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:36 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
325 B 390ms
296ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Date: Wed, 12 Jun 2024 05:18:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 rg.complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v3/5WaBwJ1b/ 42 KB
14 KB 692ms
692ms Script
application/javascript 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v3/5WaBwJ1b/rg.complete.js?v=20240501207

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/S90y2gYA/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

b2b84ca99ab01115545edf44a62a76fb235360baf9500b658d404eef3ce1b906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: REVALIDATED
last-modified: Wed, 24 Apr 2024 10:03:56 GMT
server: Delivery
x-amz-request-id: tx000004e6c36888b30f3fe-0066691ee1-a1d8eea-default
etag: W/"cc7aa659b75c928248abea48cb4936d7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-encoding: br
x-rgw-object-type: Normal
cache-control: public, max-age=3600
x-zrk-us: 200
x-zrk-sn: 4001

GET
H2 200 fingerprint.html
mediacdn.mediaad.org/static/ Frame E477 0
0 274ms
88ms Document
text/html 45.94.254.21
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://mediacdn.mediaad.org/static/fingerprint.html

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.21 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=7200
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-pcache-status: HIT

GET
H2 200 tags Show response
sniper.tavoos.net/v1/retargeting/ 15 B
554 B 408ms
129ms XHR
application/json 212.33.197.122
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL: https://sniper.tavoos.net/v1/retargeting/tags?id=zY4V2ypeef&tavoosuid=66692fac56e49
Requested by: Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.33.197.122 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software: nginx / FastClick
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:36 GMT
content-encoding: gzip
x-fast-e-node: 1
server: nginx
x-fast-app: 1
x-powered-by: FastClick
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
cache-control: no-cache, private
access-control-allow-credentials: true
x-fast-e-build: 2024-06-08T11:09:20Z

OPTIONS
H2 200 tag
api.mediaad.org/v1/events/ Frame 0
0 299ms
85ms Preflight 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=0cf282fe-e93b-45ba-b3ad-43e2d986841f&c=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 tag Show response
api.mediaad.org/v1/events/ 0
510 B 97ms
96ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=0cf282fe-e93b-45ba-b3ad-43e2d986841f&c=false

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 0
530 B 98ms
97ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 tag Show response
api.mediaad.org/v1/events/ 0
510 B 97ms
96ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=0cf282fe-e93b-45ba-b3ad-43e2d986841f&c=false

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 0
530 B 98ms
97ms XHR
text/plain 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 299ms
85ms Preflight 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 tag
api.mediaad.org/v1/events/ Frame 0
0 298ms
84ms Preflight 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=0cf282fe-e93b-45ba-b3ad-43e2d986841f&c=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 298ms
84ms Preflight 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 12 Jun 2024 05:18:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
442 B 254ms
254ms XHR
application/json 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=li5ASWXK

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=0
x-zrk-cs: BYPASS
x-zrk-us: 200
x-zrk-sn: 4001
content-length: 5
pragma: no-cache
server: Delivery
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: Authorization
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 257ms
257ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=b12342ff-ad0a-4ed6-8138-76de507b0e25&abj=1&aed=adv&abh=&sv=3&st=rg.complete.js&psc=719&psi=2655&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&ba=00145772-25c1a-a0d7b-b7625-5ba1ebe641ece&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=li5ASWXK&aec=147830&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6125&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/5WaBwJ1b/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:37 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 257ms
257ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=E&abf=4d02d565-a901-4030-ab31-917a46a1d596&abj=0&aed=adv&abh=&sv=3&st=rg.complete.js&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&ba=00145772-25c1a-a0d7b-b7625-5ba1ebe641ece&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=li5ASWXK&aec=147830&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6125&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/5WaBwJ1b/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:37 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

GET
H2 200 complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v4/slihPoW7/ 85 KB
21 KB 86ms
86ms Script
application/javascript 185.166.104.3
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v4/slihPoW7/complete.js?v=2024-06-12T05

Requested by

Host: app.najva.com
URL: https://app.najva.com/static/js/scripts/berozkala343-website-6005-bf930aed-f1e0-4e46-b9ad-50cccef07338.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

019888e6e1146d94b9d35b6f7fba90df4cc4ce8f8ec80337c92e5abe5e34edaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=31536000
x-zrk-cs: HIT
last-modified: Wed, 24 Apr 2024 17:14:20 GMT
server: Delivery
x-amz-request-id: tx0000007d22e64507ede93-0066692da9-a11e5ad-default
etag: W/"8f649db55348ad6f91e577b59f6377c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-encoding: br
x-rgw-object-type: Normal
cache-control: public, max-age=3600
x-zrk-us: 200
x-zrk-sn: 4001

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
442 B 253ms
252ms XHR
application/json 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=slihPoW7

Requested by

Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=0
x-zrk-cs: BYPASS
x-zrk-us: 200
x-zrk-sn: 4001
content-length: 5
pragma: no-cache
server: Delivery
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: Authorization
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 256ms
254ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=aeb7670a-cdee-4938-ae16-43c0339f5418&abj=1&aed=pub&abh=&sv=4&st=complete.js&psc=135&psi=3481&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&ba=00145772-25c1a-a0d7b-b7625-5ba1ebe641ece&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=slihPoW7&aec=62335&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6125&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/slihPoW7/complete.js?v=2024-06-12T05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:37 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 253ms
253ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=E&abf=c9adb6e6-8e1c-4f85-afc8-6c23288ca531&abj=0&aed=pub&abh=&sv=4&st=complete.js&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&ba=00145772-25c1a-a0d7b-b7625-5ba1ebe641ece&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=slihPoW7&aec=62335&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6125&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/slihPoW7/complete.js?v=2024-06-12T05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:37 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:37 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
325 B 297ms
296ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
Date: Wed, 12 Jun 2024 05:18:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
658 B 300ms
299ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=I&abf=7ae1c8d4-a727-4aae-a0b7-b662e115c832&abj=0&aed=adv&abh=3742&sv=3&st=rg.complete.js&fis=1&ffu=1&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&ba=00145772-25c1a-a0d7b-b7625-5ba1ebe641ece&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=fBulDNTr&aec=3701&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6125&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/S90y2gYA/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:39 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:39 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
657 B 263ms
263ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=I&abf=142bb564-2314-4ef6-9b62-b70fe60ec120&abj=0&aed=adv&abh=&sv=3&st=rg.complete.js&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&ba=00145772-25c1a-a0d7b-b7625-5ba1ebe641ece&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=li5ASWXK&aec=147830&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6125&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/5WaBwJ1b/rg.complete.js?v=20240501207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:40 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:40 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
657 B 259ms
258ms Ping
image/gif 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=I&abf=0430c458-12f5-495e-96e2-30a6b5366a93&abj=0&aed=pub&abh=&sv=4&st=complete.js&ac=https%3A%2F%2F987112309800029878819323782493094213723487921903210.d.w1z.wtf%2F&ae=%7B%7D&ad=987112309800029878819323782493094213723487921903210.d.w1z.wtf&ba=00145772-25c1a-a0d7b-b7625-5ba1ebe641ece&as=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%DA%A9%D8%A7%D9%84%D8%A7%20%7C%20%D9%81%D8%B1%D9%88%D8%B4%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84-%D9%81%D8%B1%D9%88%D8%B4%20%DA%AF%D9%88%D8%B4%DB%8C%20%D9%88%20%D8%AA%D8%A8%D9%84%D8%AA&aef=slihPoW7&aec=62335&ai=75876437-7740-c9c2-a2d5-e035bc207421&abw=1600&abb=6125&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%81%D8%B1%D9%88%D8%B4%DA%AF%D8%A7%D9%87%20%D8%A7%DB%8C%D9%86%D8%AA%D8%B1%D9%86%D8%AA%DB%8C%20%D8%A8%D8%B1%D9%88%D8%B2%20%DA%A9%D8%A7%D9%84%D8%A7%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%DA%A9%D8%A7%D9%84%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/slihPoW7/complete.js?v=2024-06-12T05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Delivery /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 05:18:40 GMT
strict-transport-security: max-age=0
last-modified: Wednesday, 12-Jun-2024 05:18:40 GMT
server: Delivery
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us: 200
accept-ranges: bytes, bytes
x-zrk-sn: 4001
content-length: 42
expires: 0

GET
H2 200 701ada06-ab6e-41bc-aea7-3f37c13a5d9e.jpg
berozkala.com/images/upload/product/category/ 15 KB
16 KB 708ms
708ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/images/upload/product/category/701ada06-ab6e-41bc-aea7-3f37c13a5d9e.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

3f33ec00b98984a04b97bb053130afc4a8b96e7d4af0995f5af5baa924c81342

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 12 Jun 2025 05:18:41 GMT
date: Wed, 12 Jun 2024 05:18:41 GMT
last-modified: Fri, 16 Aug 2019 06:25:10 GMT
server: ArvanCloud
etag: W/"1d553fb5aa5dbcf"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
server-timing: total;dur=668
accept-ranges: bytes
content-length: 15664
x-xss-protection: 1; mode=block
x-request-id: 742622cb2a1876d99c69f58d45c50672
x-sid: 4102

GET
H2 200 3e1995cccdd5423294fcdb267cdfe58c.jpg
berozkala.com/Upload/products/ 81 KB
81 KB 839ms
839ms Image
image/webp 185.143.234.87
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berozkala.com/Upload/products/3e1995cccdd5423294fcdb267cdfe58c.jpg

Requested by

Host: 987112309800029878819323782493094213723487921903210.d.w1z.wtf
URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.87 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

aa9f1793655e7cfd3bbae12a52224e0709d6e2024325aa5c8e501ffaf3529ebf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 12 Jul 2024 05:18:41 GMT
date: Wed, 12 Jun 2024 05:18:41 GMT
last-modified: Sat, 30 Sep 2023 07:06:50 GMT
server: ArvanCloud
etag: W/"1d9f36caedcf295"
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/webp
cache-control: public,max-age=2592000
server-timing: total;dur=800
accept-ranges: bytes
content-length: 82634
x-xss-protection: 1; mode=block
x-request-id: aec92dd05255fad9561ca70a618e0c17
x-sid: 4102

GET
H2 200 tags Show response
sniper.tavoos.net/v1/retargeting/ 15 B
553 B 193ms
193ms XHR
application/json 212.33.197.122
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL: https://sniper.tavoos.net/v1/retargeting/tags?id=gQRwpX7HRQ&tavoosuid=66692fac56e49
Requested by: Host: n1.sanjagh.com
URL: https://n1.sanjagh.com/serve/62451/retargeting.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.33.197.122 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software: nginx / FastClick
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 05:18:41 GMT
content-encoding: gzip
x-fast-e-node: 1
server: nginx
x-fast-app: 1
x-powered-by: FastClick
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf
cache-control: no-cache, private
access-control-allow-credentials: true
x-fast-e-build: 2024-06-08T11:09:20Z

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: logo.samandehi.ir
URL: https://logo.samandehi.ir/logo.aspx?id=318838&p=qftinbpdaqgwaqgwqftiaqgw

Domain: trustseal.enamad.ir
URL: https://trustseal.enamad.ir/logo.aspx?id=281987&Code=zz7AnOdrNtfPJr7TuS2Z

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.987112309800029878819323782493094213723487921903210.d.w1z.wtf/	1970-01-21 01:37:52	Name: sib_cuid Value: 234cbbee-7705-45a0-aae7-666a734d8c3d
.w1z.wtf/	1970-01-20 23:25:45	Name: _gcl_au Value: 1.1.1716581646.1718169515
sibautomation.com/	1970-01-21 01:37:56	Name: uuid Value: 5b68eac0-6ec1-41f6-93c5-c9194117ae0a
.w1z.wtf/	1970-01-21 06:52:09	Name: _ga_DNMRPFBZK6 Value: GS1.1.1718169515.1.0.1718169515.60.0.1532581173
.w1z.wtf/	1970-01-21 06:52:09	Name: _ga Value: GA1.1.676479032.1718169515
.deemanetwork.com/	1969-12-31 23:59:59	Name: UID Value: 1718169515144-979875784761-000047-000-006568
.deemanetwork.com/	1969-12-31 23:59:59	Name: SID Value: 1718169515144-979875784761-000047-000-006569
www.clarity.ms/	1970-01-21 06:01:45	Name: CLID Value: 1996a741d25947819b6baf07caaaae6b.20240612.20250612
.w1z.wtf/	1970-01-21 06:01:45	Name: _clck Value: 1noapri%7C2%7Cfmk%7C0%7C1624
987112309800029878819323782493094213723487921903210.d.w1z.wtf/	1970-01-21 06:01:45	Name: Core2020Token Value: 81c129e6-e217-49d4-b6c4-7ab009508727
.w1z.wtf/	1970-01-20 21:17:35	Name: _clsk Value: 143viow%7C1718169516163%7C1%7C1%7Cz.clarity.ms%2Fcollect
987112309800029878819323782493094213723487921903210.d.w1z.wtf/	1970-01-21 06:01:45	Name: analytics_token Value: d33fdf1d-b305-fb73-1f07-6cf8a7866622
987112309800029878819323782493094213723487921903210.d.w1z.wtf/	1970-01-20 21:16:11	Name: analytics_session_token Value: 75876437-7740-c9c2-a2d5-e035bc207421
987112309800029878819323782493094213723487921903210.d.w1z.wtf/	1970-01-20 21:17:35	Name: yektanet_session_last_activity Value: 6/12/2024
987112309800029878819323782493094213723487921903210.d.w1z.wtf/	1969-12-31 23:59:59	Name: _yngt_iframe Value: 1
.tavoos.net/	1970-01-21 06:01:45	Name: tavoosuid Value: 66692fac56e49
.mediaad.org/	1970-01-21 06:52:09	Name: USER_ID Value: 0cf282fe-e93b-45ba-b3ad-43e2d986841f
.yektanet.com/	1970-01-21 06:52:09	Name: gearbox_ad_token Value: 00145772-25c1a-a0d7b-b7625-5ba1ebe641ece
.yektanet.com/	1970-01-21 06:52:09	Name: analytics_global_token Value: 00145772-25c1a-a0d7b-b7625-5ba1ebe641ece
.tavoos.net/	1970-01-21 06:01:45	Name: _rt Value: 1
987112309800029878819323782493094213723487921903210.d.w1z.wtf/	1970-01-20 21:59:21	Name: _yngt Value: 00145772-25c1a-a0d7b-b7625-5ba1ebe641ece

65 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://987112309800029878819323782493094213723487921903210.d.w1z.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

987112309800029878819323782493094213723487921903210.d.w1z.wtf
analytics.affili.ir
api.mediaad.org
app.najva.com
assets.najva.com
audience.yektanet.com
berozkala.com
cashback.takhfifan.com
cdn.tavoos.net
cdn.yektanet.com
deemanetwork.com
eanjoman.ir
in-automate.brevo.com
logo.samandehi.ir
ma-cdn.pegah.tech
mail.najva.com
mediacdn.mediaad.org
n1.sanjagh.com
region1.analytics.google.com
s1.mediaad.org
sibautomation.com
sniper.tavoos.net
stats.g.doubleclick.net
trustseal.enamad.ir
ua.yektanet.com
van.najva.com
www.clarity.ms
www.google.de
www.googletagmanager.com
z.clarity.ms
logo.samandehi.ir
trustseal.enamad.ir
142.250.186.99
185.143.233.120
185.143.234.120
185.143.234.87
185.166.104.3
185.166.104.4
188.114.96.3
20.10.16.51
2001:4860:4802:34::36
212.33.197.122
212.33.197.123
2606:4700:4400::6812:2546
2606:4700:4400::ac40:9528
2606:4700:4400::ac40:96ba
2606:4700::6810:fb8
2620:1ec:bdf::45
2a00:1450:4001:828::2008
2a00:1450:400c:c0d::9c
45.94.254.21
45.94.254.24
45.94.255.25
49.13.223.108
93.115.151.139
0075a137d3f70f5d84c7d4f84a6d1f55f74d5fce06a5d94338f7f29fc59706d3
019888e6e1146d94b9d35b6f7fba90df4cc4ce8f8ec80337c92e5abe5e34edaf
01d79900f4dbc70746684096dff010360fb67fe720f17535b42a21c11ca99fec
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
039f8a102bcdc3195867eb744749d14b851ae974d60e8814dee3902dc008cb6d
079137118e713af60919a7eba0f99555adfe15ecf9c49cca4c427de221d48c9c
084cbbf4cc2b72845e0cee478416f8797c37798ad580e08627b7e3c8bd164a7e
0a87e3c80afbc51fd16c5793095df8625185e898e0230efa86cfdbe45e31088a
0ac4f5bc936021b978c138c023fff421301f3ca0c5c2f2c2904838317c568aa2
0d08747a06820413a7616ccabdeac372fc2af85dfd27bbaf87799a066d891b63
0e7badef2da4d3c67f26c08e59741aba8027e39cb780350426569501eb4f9d4a
100305017ace70592c12720fbee2ec26863502fedec6ea7bf0adcecffc68a09d
16cfd4651f6c49cf10c96844a2f644be9d281b4736238f101622f06beb9cf910
1c2fba3bdce71a4967313d38c5984034807adf410361149de04295f5f56926d1
1e1d438a1bad38cc73792f6acafe0de35fdc5b45753b6ae594f53053ef97325b
26b4d957b7e47baa2926b023b2c088ec6bc1d825932c4522b7143e814e6dfbd6
2960bbd368b142b59814a78f99044364618f688f4edcb0114da1404744b1cbcd
2ad742b8a65165e5cc65154505622c33f1b3f09ae5451f43f395f7f5222e0595
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e7ccf100c0c97b1eb4925f6dbaf633c5f9d85f509f40cedca6ad573e9487577
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
3a0557af7e4da0755051959205526d9e07688c018624288684bd3288e9e9c137
3bbb3f67848f33268b516ce9e9e990dab429a8138b1d3854e015bbe5300eff15
3c4ade41ad55da339c12e9e63577c014dc1e56dafa2787172ae034dd73a5a135
3cff08e7d55f628b1face6fd22cf2020fb22a2a6205ec5ab3c47f936eee5bbad
3d2429c50dd6270ea7abab090d1e06c31475fd3947b87e5f92772d26a480bf47
3f33ec00b98984a04b97bb053130afc4a8b96e7d4af0995f5af5baa924c81342
408bdad5add5382f349c00c692ded14903c6db95a163dba47aae997acca3df7a
43d1e2b6fbed2e971d13edc3652cb1bd0cba8906b244ca4843e131361c7f064f
4a2586b49ca7336b45db80f85c9a60b791dba96b804b346a29ce03ca4eddb5d4
4d293eae52afcc041b171be0b6dc7162231b773d9e92ec82270d2c5d26d3a003
4d528a7305c794009a94a29ad1ed86b90c138dff906f4eb3d9b2e37abb604d25
532fb954d7074504eea5e5c250700db7001bef628d0eeddca292cfef1d14bad5
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
54d6762aeb51bdabc2b8310080b3bf58b0f85237ea327b25c3a1daff40c9ab3b
554a6afbe6416e8556e2735042512e57d021e00e49a964d84de15eb72b16504c
583f79c19af878e2cfc478d00812817c72bdd8c5f9118e738800289afaf4a054
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5d22d81508680ebb745ecb47170cf599b90b7a8fd91e0e17d8fd0fd9b64cd2dc
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61b7da509ac8fda16cb0f3bbab7719076d6c9cbafb7b9bd927aed15f924b0b1b
62145c31c37e4bbddd05155e0d95daa0d006a65376799c6cff1dbb5f1adaa6c6
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
6b0ed37c928657535364f7894f26f966ee72e336523d106ccca9d237a64da67d
6ff708caa2a0d2fdb176d291deb599dfa57c8b7381bd8254703411e37b976014
720fcafbf0f97bf34398b793fcff84dc9668a267b788ccdc5d31a7cfa775fb26
768afdde218d54473fe2b6db6b8baee751b9d6f7da0bdc95b0d484b951c1ef98
7b1665a590d5ad01655b57d2ae21e96fdbba7c3a49f820249d3702aef44b0adb
7b9b8854393856d197478fb36d413c70bccdaa5376ba194513f133c21fb605f7
81af577e38dffac17aa700000199a9e43d3550f3a2cd8a9065c1f4bd2a1d74a9
81b52306ff060d6b18a29e01af467ec63cd32a3b306bec4de71431ec62e7cf8b
865115787ee79485cbc24a9dd00eae0be1aebfac2c653e60da7f2aebf274ff7a
886524b2d20e40396918b096430db240d373eb96f87439df41bf9e676d3c7214
89c2cff25fa246f013c800b633ce556c3d2bcc995e7621d2ca54a6ad61197710
8d299b825d03eff63d8bd84dbee5599e8c519265e3ae8c6750b64cee6e3afed4
9063e80fcb68ba43ef73b8dfe54c05f5e015922298e07e2a82e4970243a5a8df
951b256d95cec948398e4a4eb3a2c77c31b65074d16a9a4ddc77918aeb5f39df
9624249bc23c6d602224a818dc3db857377075d29bfeb80f59df4e36236dc715
9663eecd08a2ceb2acce2025f436f5a3f0f7f742a5073ca5aa41faf337dd54a4
98b6e480cf425f31e3c57fc10cbd7854fdca75622a4d86a47bf0b4ed3ac2b01f
992a3c05b754151253538206c4683b61a96a29bc4340ada642f96dd3cfe1d1c8
9c94ba36f87c064597df98c4b3e6f399282ddb6f7db03ba5e45b012e7e376f3a
9e1f95bb43d5e7a3ac0f4a67ce92480e489c235eb626fea2f75f7fe8c51c5fc6
9f981cc05a542bce9861abd280c975c3f5b5e153d4a3df5e39e8f60caf4f583f
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a50e7c9f4afe66f9076f2a5ada2dc549f0224433d4ef3f8b7eb999fd40a5c71d
a79719bbc130d2ce96df58fe09fdcae088a5889f1c013f422a909c8067687759
aa9f1793655e7cfd3bbae12a52224e0709d6e2024325aa5c8e501ffaf3529ebf
ab42da0875f43f2898480182ff7197267e4b4345302f79d22c69eac123205f77
ab5c84622c2defc8338434dca944ceb50c786cf8cb7d1c0a319e0e6abb130218
abbce7fdd130b8f1f57b2127ea4c4e8eae59c578057b300e7d4dc4f8247c29fc
ae1db7cfd2268dfe3a71b44fd7eed54a4bff6f45774f89e99f5fb316e8837ffd
ae7a5f10ddd86339a6190a0993837956a2ca3805f03b62d68518a4b6e640a56d
b2b84ca99ab01115545edf44a62a76fb235360baf9500b658d404eef3ce1b906
b2fe3a6d9ec57f7f861e06f2deaf0f3178139d38e2f74dccf4e1b6ebee8aab08
b4d7bf31ce12962d88cead060c3cfbe151d596824e00c87910829a2c5fc62f18
b4fc1b9344cec0a3c2c5f79f79eb0afdd79ad82bc1141f69f2d2c4f378dd3a88
b8c8853612f8a1c2a2b087d1624e43e445a2a4af4a8bde40ba8be1775fa3ff77
b9dfec3eb3c72ffb4dbac219f3a9f64c9c1334df6a2936b952d64f5b82af8082
baf5833335e7c8484c418344959750248b7ca1c47cc179e247d652d40c0bc880
c3b61b967addf738fefe3e409265d79aa0b020c599e5ca5faea4f678591b805f
c71eef60770728127c4414aff80648ed7417d57fafc50d26b8b695c494e66bfd
c7365cde761c9060154c26ff57be8036bcdba884f88ed3541f4190e02b75acff
c7b97226e6f675a9b9e58ae15423ca7d6b359f56d53643bb8f35c7cda81d1d5a
c8093c305f9c8b63deef727a84b231de6f7ea7eb7d131fb63ff0df331e8ca243
c82da55a7f70a756e962e32daea90ee10cdb03e46eac9833e9dc0945a66b49f8
c86c792d5fa13e5878719331f176f6328758f9dca4437144ab7b4556e7d376c2
ce6e347488f4ee1d40d43a316682f3919813890fa5cb85b1fc6685d0e1ef8fb1
d0241b30295201eaca1337bed034866c044478578a131675a39c80348b7acfc5
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d2c4718e6348e557521c94e6a5e21bf78b733a6953ecc94971f9e9f7ba6015d2
d4a722483eded84ce39e922818082409f9c3af6e081955872b7a25ceb5d1e45b
d7ecd3ce93686bbbc2798befbc31ba6fb516af84764586d15e4f872036442958
d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a
d8e78445df5c13cb7120f17b7bcf07cd61f6c9cc54d0b9d8e02b33427f7d6b7a
da010434c98ca4ccf025eeec961ef3eb12da341df57e08c9a5b56ea0f5a52605
dbd8ffba14fccee682f073a4bb914a30e1558cf4440cc1052b670986f4dbaabe
dcbe5644530c54042582270e7ec55f721e731e2886ea0ffc4819e582b5461541
e0d8625a7d4e594de501868b9349637e93a119b02872ff1705f95b0924ac8c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91ec2cf1281102bd55d067ea5f5fa3e68850254cc12c7f6cd3352831374b93b
ecaf1bdac83aed4f44449b88c396b8fbbe2854bad9e1d65343af86ac35f88abf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef38d7bfbf024b884a699be968ffa3008c14726fdb19f5200f49c50c42d3813d
f0bee28b70a5314f8b7cc01abb32e1c535cbb7dc0614503cbf5a954ed14eb70c
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd039e7558864e0ef52d0e42d1118d26ab6a2230a3bcfb3bd5fc820258f91a7e
fd9e5d30d94e0addee2fd8e58244705a6a360c65267c56192143ed9587a8f868
ff9616336f4cadaaeabdc6d25c808134d1c5d7fc4fd773889e441b0a345f2469

987112309800029878819323782493094213723487921903210.d.w1z.wtf Open in urlscan Pro 49.13.223.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

145 Requests

97 %HTTPS

35 %IPv6

21 Domains

30 Subdomains

24 IPs

5 Countries

2831 kBTransfer

6106 kBSize

21 Cookies

12 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

987112309800029878819323782493094213723487921903210.d.w1z.wtf Open in urlscan Pro
49.13.223.108 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

97 %
HTTPS

35 %
IPv6

21
Domains

30
Subdomains

24
IPs

5
Countries

2831 kB
Transfer

6106 kB
Size

21
Cookies

145 HTTP transactions
0 data transactions