bankcardsms.hasanjafari1251.workers.dev Open in urlscan Pro
172.67.183.31  Public Scan

URL: https://bankcardsms.hasanjafari1251.workers.dev/
Submission: On December 01 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 73 IPs in 8 countries across 77 domains to perform 277 HTTP transactions. The main IP is 172.67.183.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is bankcardsms.hasanjafari1251.workers.dev.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.
This is the only time bankcardsms.hasanjafari1251.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
39 172.67.183.31 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 23.212.249.78 20940 (AKAMAI-AS...)
46 144.217.180.146 16276 (OVH OVH SAS)
2 2607:f8b0:400... 15169 (GOOGLE)
6 104.21.67.22 13335 (CLOUDFLAR...)
5 142.251.163.155 15169 (GOOGLE)
1 23.62.164.208 16625 (AKAMAI-AS)
1 1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.179.157 15169 (GOOGLE)
1 44.239.49.12 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2620:100:a00b... 19750 (AS-CRITEO)
2 74.119.117.17 19750 (AS-CRITEO)
4 141.95.98.64 16276 (OVH OVH SAS)
2 34.228.175.96 14618 (AMAZON-AES)
1 2 15.197.193.217 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 8.28.7.92 62713 (AS-PUBMATIC)
1 52.36.224.135 16509 (AMAZON-02)
2 142.251.179.100 15169 (GOOGLE)
2 141.95.98.65 16276 (OVH OVH SAS)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 142.251.111.97 15169 (GOOGLE)
1 23.218.218.157 20940 (AKAMAI-AS...)
1 2a02:6ea0:cc2... 60068 (CDN77 Dat...)
7 104.19.131.76 13335 (CLOUDFLAR...)
1 19 104.18.41.104 13335 (CLOUDFLAR...)
1 142.251.179.155 15169 (GOOGLE)
4 2600:1408:c40... 20940 (AKAMAI-AS...)
3 108.138.112.90 16509 (AMAZON-02)
3 142.251.163.154 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.3.197.195 14618 (AMAZON-AES)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 3 104.18.26.193 13335 (CLOUDFLAR...)
5 135.148.152.193 16276 (OVH OVH SAS)
1 96.46.186.57 7979 (SERVERS-COM)
1 3.168.73.15 16509 (AMAZON-02)
1 3 68.67.179.164 29990 (ASN-APPNEX)
1 125.253.89.182 19437 (SS-ASH)
1 23.55.205.47 16625 (AKAMAI-AS)
4 52.2.11.170 14618 (AMAZON-AES)
1 34.120.63.153 396982 (GOOGLE-CL...)
5 64.31.35.94 46475 (LIMESTONE...)
6 212.36.83.246 15699 (AS_ADAM A...)
1 2a02:6ea0:e20... 60068 (CDN77 Dat...)
1 2 63.251.28.230 26558 (FREEWHEEL)
1 2 18.173.132.23 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.251.167.156 15169 (GOOGLE)
1 135.148.2.48 16276 (OVH OVH SAS)
1 108.138.106.108 16509 (AMAZON-02)
1 18.238.58.231 16509 (AMAZON-02)
1 13.224.214.30 16509 (AMAZON-02)
1 104.94.117.85 16625 (AKAMAI-AS)
2 108.138.128.46 16509 (AMAZON-02)
1 104.18.28.101 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 44.195.166.242 14618 (AMAZON-AES)
1 172.253.122.105 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
1 1 172.240.155.116 7979 (SERVERS-COM)
20 172.64.146.152 13335 (CLOUDFLAR...)
1 1 35.214.196.202 19527 (GOOGLE-2)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 54.205.12.230 14618 (AMAZON-AES)
1 1 2607:f350:3:2... 27630 (AS-XFERNET)
1 1 74.214.194.131 19189 (PULSEPOINT)
1 1 3.87.46.209 14618 (AMAZON-AES)
1 1 69.194.240.13 26120 (RHYTHMONE)
2 2 35.211.202.130 15169 (GOOGLE)
2 2 35.207.24.140 15169 (GOOGLE)
1 1 2620:112:f008... 26120 (RHYTHMONE)
2 2 52.223.22.214 16509 (AMAZON-02)
1 1 34.193.195.41 14618 (AMAZON-AES)
2 2 34.225.46.123 14618 (AMAZON-AES)
1 1 2600:9000:284... 16509 (AMAZON-02)
1 1 143.244.222.249 14061 (DIGITALOC...)
1 185.167.164.52 198622 (ADFORM Ad...)
1 1 44.205.182.185 14618 (AMAZON-AES)
1 1 23.105.12.142 30633 (LEASEWEB-...)
1 104.19.133.76 13335 (CLOUDFLAR...)
1 172.64.153.183 13335 (CLOUDFLAR...)
277 73
Apex Domain
Subdomains
Transfer
46 eluniversal.com
mmedia.eluniversal.com
2 MB
39 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 872
cd.connatix.com — Cisco Umbrella Rank: 4528
cds.connatix.com — Cisco Umbrella Rank: 4423
ins.connatix.com Failed
vid.connatix.com Failed
cks.connatix.com — Cisco Umbrella Rank: 6845
442 KB
39 workers.dev
bankcardsms.hasanjafari1251.workers.dev
308 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
pubads.g.doubleclick.net — Cisco Umbrella Rank: 438
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
153 KB
8 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9340
c.mgid.com — Cisco Umbrella Rank: 7409
cdn.mgid.com — Cisco Umbrella Rank: 11787
servicer.mgid.com — Cisco Umbrella Rank: 9455
s-img.mgid.com — Cisco Umbrella Rank: 9960
134 KB
8 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 43894
d.vidoomy.com — Cisco Umbrella Rank: 84439
vpaid.vidoomy.com — Cisco Umbrella Rank: 5380
a.vidoomy.com Failed
124 KB
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1998
www15.smartadserver.com — Cisco Umbrella Rank: 34860
use2.smartadserver.com — Cisco Umbrella Rank: 11556
ssbsync.smartadserver.com — Cisco Umbrella Rank: 775
11 KB
6 newdreamglobal.com
tags.newdreamglobal.com — Cisco Umbrella Rank: 150966
230 KB
5 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4166
951 B
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
93 KB
5 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 14400
ced-ns.sascdn.com — Cisco Umbrella Rank: 3127
43 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
32 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
1 KB
4 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2708
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
27 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
mug.criteo.com — Cisco Umbrella Rank: 3746
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
391 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1329
lexicon.33across.com — Cisco Umbrella Rank: 1453
ssc-cms.33across.com Failed
7 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
secure.adnxs.com — Cisco Umbrella Rank: 495
11 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 496
ssum.casalemedia.com — Cisco Umbrella Rank: 1646
2 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 26596
ui.cleverwebserver.com — Cisco Umbrella Rank: 26605
call.cleverwebserver.com — Cisco Umbrella Rank: 27678
22 KB
3 google.com
script.google.com — Cisco Umbrella Rank: 17004
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
12 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 615
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 941
899 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
461 B
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2753
1 KB
2 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1519
288 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3779
128 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
904 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 3460
mp.4dex.io — Cisco Umbrella Rank: 2752
20 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
196 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
621 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
1 KB
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1040
postrelease.com — Cisco Umbrella Rank: 922
717 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 570
t.pubmatic.com — Cisco Umbrella Rank: 3005
87 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 332
33 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
33 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
82 KB
1 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 14805
137 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 899
522 B
1 adform.net
c1.adform.net — Cisco Umbrella Rank: 611
521 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2391
418 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
467 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 576
529 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 959
460 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
239 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 530
362 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 665
1 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 915
680 B
1 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 11279
440 B
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 13934
424 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
278 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1839
697 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1791
12 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
17 KB
1 kiosked.com
scripts.kiosked.com — Cisco Umbrella Rank: 44282
events.kiosked.com Failed
186 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1618
239 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1005
cs.media.net Failed
595 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1737
534 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 788
1 KB
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4219
556 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2167
912 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 780
378 B
1 googleusercontent.com
script.googleusercontent.com — Cisco Umbrella Rank: 47969
586 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4120
186 KB
0 liadm.com Failed
i.liadm.com Failed
0 intentiq.com Failed
sync.intentiq.com Failed
0 openx.net Failed
us-u.openx.net Failed
0 rlcdn.com Failed
id.rlcdn.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 yellowblue.io Failed
cs-server-s2s.yellowblue.io Failed
0 rubiconproject.com Failed
eus.rubiconproject.com Failed
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1060 Failed
0 adtelligent.com Failed
ghb.adtelligent.com Failed
277 77
Domain Requested by
46 mmedia.eluniversal.com bankcardsms.hasanjafari1251.workers.dev
39 bankcardsms.hasanjafari1251.workers.dev bankcardsms.hasanjafari1251.workers.dev
tags.newdreamglobal.com
20 cks.connatix.com blank
10 cds.connatix.com cd.connatix.com
cds.connatix.com
8 capi.connatix.com 1 redirects cds.connatix.com
blank
6 d.vidoomy.com tags.newdreamglobal.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ced-ns.sascdn.com
vpaid.vidoomy.com
6 tags.newdreamglobal.com bankcardsms.hasanjafari1251.workers.dev
tags.newdreamglobal.com
5 shb.richaudience.com tags.newdreamglobal.com
4 g2.gumgum.com tags.newdreamglobal.com
4 ced-ns.sascdn.com ced.sascdn.com
ced-ns.sascdn.com
bankcardsms.hasanjafari1251.workers.dev
4 id5-sync.com ads.pubmatic.com
vpaid.vidoomy.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com bankcardsms.hasanjafari1251.workers.dev
www.google-analytics.com
tags.newdreamglobal.com
www.googletagmanager.com
3 prg.smartadserver.com tags.newdreamglobal.com
3 c.amazon-adsystem.com tags.newdreamglobal.com
c.amazon-adsystem.com
2 ssum.casalemedia.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 eb2.3lift.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 x.bidswitch.net 2 redirects
2 vop.sundaysky.com 2 redirects
2 lexicon.33across.com 1 redirects blank
2 id.hadron.ad.gt vpaid.vidoomy.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 tags.crwdcntrl.net bankcardsms.hasanjafari1251.workers.dev
cds.connatix.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 cdn.mgid.com
2 www15.smartadserver.com ced.sascdn.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 c.mgid.com jsc.mgid.com
2 sb.scorecardresearch.com 1 redirects
2 ads.stickyadstv.com 1 redirects
2 ib.adnxs.com tags.newdreamglobal.com
2 jsc.mgid.com tags.newdreamglobal.com
jsc.mgid.com
2 pagead2.googlesyndication.com tags.newdreamglobal.com
pagead2.googlesyndication.com
2 lb.eu-1-id5-sync.com ads.pubmatic.com
vpaid.vidoomy.com
2 match.adsrvr.org 1 redirects ads.pubmatic.com
2 mug.criteo.com bankcardsms.hasanjafari1251.workers.dev
2 gum.criteo.com 1 redirects
2 www.googletagservices.com bankcardsms.hasanjafari1251.workers.dev
tags.newdreamglobal.com
2 fonts.googleapis.com bankcardsms.hasanjafari1251.workers.dev
2 maxcdn.bootstrapcdn.com bankcardsms.hasanjafari1251.workers.dev
2 cdnjs.cloudflare.com bankcardsms.hasanjafari1251.workers.dev
cdnjs.cloudflare.com
1 cl.imghosts.com blank
1 s-img.mgid.com blank
1 bcp.crwdcntrl.net vpaid.vidoomy.com
1 ssbsync.smartadserver.com 1 redirects
1 secure.adnxs.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 c1.adform.net cds.connatix.com
1 sync.resetdigital.co 1 redirects
1 s.ad.smaato.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 ad.turn.com 1 redirects
1 sync.1rx.io 1 redirects
1 match.sharethrough.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 connatix-supply-partners.tremorhub.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.colossusssp.com 1 redirects
1 use2.smartadserver.com
1 www.google.com ep2.adtrafficquality.google
1 servicer.mgid.com jsc.mgid.com
1 cdn.id5-sync.com bankcardsms.hasanjafari1251.workers.dev
1 cdn.hadronid.net bankcardsms.hasanjafari1251.workers.dev
1 cdn-ima.33across.com bankcardsms.hasanjafari1251.workers.dev
1 secure.cdn.fastclick.net bankcardsms.hasanjafari1251.workers.dev
1 scripts.kiosked.com bankcardsms.hasanjafari1251.workers.dev
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 cadmus.script.ac script.4dex.io
1 call.cleverwebserver.com
1 vpaid.vidoomy.com ads.vidoomy.com
1 prebid.media.net tags.newdreamglobal.com
1 a.teads.tv tags.newdreamglobal.com
1 prebid.a-mo.net tags.newdreamglobal.com
1 hb.undertone.com tags.newdreamglobal.com
1 ads.betweendigital.com tags.newdreamglobal.com
1 htlb.casalemedia.com tags.newdreamglobal.com
1 mp.4dex.io tags.newdreamglobal.com
1 ap.lijit.com tags.newdreamglobal.com
1 script.4dex.io tags.newdreamglobal.com
1 ui.cleverwebserver.com scripts.cleverwebserver.com
1 cd.connatix.com bankcardsms.hasanjafari1251.workers.dev
1 ads.vidoomy.com tags.newdreamglobal.com
1 ced.sascdn.com tags.newdreamglobal.com
1 scripts.cleverwebserver.com bankcardsms.hasanjafari1251.workers.dev
1 fundingchoicesmessages.google.com tags.newdreamglobal.com
1 postrelease.com s.ntv.io
1 t.pubmatic.com ads.pubmatic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 id.crwdcntrl.net ads.pubmatic.com
1 jadserve.postrelease.com s.ntv.io
1 pubads.g.doubleclick.net tags.newdreamglobal.com
1 script.googleusercontent.com bankcardsms.hasanjafari1251.workers.dev
1 script.google.com 1 redirects
1 ads.pubmatic.com s.ntv.io
cds.connatix.com
1 s.ntv.io bankcardsms.hasanjafari1251.workers.dev
0 events.kiosked.com Failed vpaid.vidoomy.com
0 i.liadm.com Failed
0 sync.intentiq.com Failed
0 cs.media.net Failed
0 us-u.openx.net Failed
0 id.rlcdn.com Failed
0 pixel.tapad.com Failed blank
0 ssc-cms.33across.com Failed cds.connatix.com
0 secure-assets.rubiconproject.com Failed cds.connatix.com
0 cs-server-s2s.yellowblue.io Failed cds.connatix.com
0 vid.connatix.com Failed cds.connatix.com
0 ins.connatix.com Failed cds.connatix.com
0 eus.rubiconproject.com Failed bankcardsms.hasanjafari1251.workers.dev
0 a.vidoomy.com Failed blank
0 ghb.adtelligent.com Failed tags.newdreamglobal.com
277 117

This site contains no links.

Subject Issuer Validity Valid
hasanjafari1251.workers.dev
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
eluniversal.com
R10
2024-09-09 -
2024-12-08
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
newdreamglobal.com
WE1
2024-10-19 -
2025-01-17
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2024-11-27 -
2025-11-30
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M03
2024-07-31 -
2025-08-30
a year crt.sh
id5-sync.com
E6
2024-11-11 -
2025-02-09
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
eu-1-id5-sync.com
R11
2024-11-11 -
2025-02-09
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cleverwebserver.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-16 -
2025-07-16
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2024-09-19 -
2025-08-31
a year crt.sh
mgid.com
WE1
2024-11-02 -
2025-01-31
3 months crt.sh
capi.connatix.com
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
connatix.com
WE1
2024-10-23 -
2025-01-21
3 months crt.sh
cds.connatix.com
WE1
2024-10-07 -
2025-01-05
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03
2024-11-19 -
2025-12-18
a year crt.sh
script.4dex.io
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
*.lijit.com
Amazon RSA 2048 M03
2024-02-11 -
2025-03-12
a year crt.sh
mp.4dex.io
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
casalemedia.com
E6
2024-10-13 -
2025-01-11
3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-07 -
2025-02-12
a year crt.sh
*.undertone.com
Amazon RSA 2048 M02
2024-07-02 -
2025-07-29
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
*.a-mo.net
R10
2024-11-28 -
2025-02-26
3 months crt.sh
teads.tv
R10
2024-11-25 -
2025-02-23
3 months crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02
2024-10-17 -
2025-11-15
a year crt.sh
prebid.media.net
WR3
2024-10-05 -
2025-01-03
3 months crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1
2024-02-14 -
2025-02-25
a year crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-09 -
2025-02-08
a year crt.sh
script.ac
E5
2024-10-19 -
2025-01-17
3 months crt.sh
adtrafficquality.google
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
*.kiosked.com
GeoTrust TLS RSA CA G1
2024-08-08 -
2025-09-08
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2024-09-05 -
2025-09-30
a year crt.sh
hadronid.net
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2024-10-27 -
2025-11-25
a year crt.sh
id.hadron.ad.gt
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-03 -
2025-09-24
a year crt.sh
cl.imghosts.com
WE1
2024-10-31 -
2025-01-29
3 months crt.sh

This page contains 16 frames:

Primary Page: https://bankcardsms.hasanjafari1251.workers.dev/
Frame ID: 95D4D0589083AA0007F1523284538CE9
Requests: 232 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 44E224F5689A1DE8669A149290321A7F
Requests: 1 HTTP requests in this frame

Frame: https://tags.newdreamglobal.com/viewability/gtsur.newglobal.dfp1.2.0.min.js?v=1.1.4.3
Frame ID: A2043D3C29F4115840CFDC14E57438E7
Requests: 4 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Frame ID: C96EC94B5FC08AC5764FF659786BD8F5
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 74A6B8AA26C9E798850E8A35BC0C34CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 612FBB5E7ADB2C6AE5E6C5C89A202E1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665000277262253&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733064418&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733064418629&bpp=4&bdt=4379&idt=340&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=667408221051&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088128%2C31088581%2C31088961%2C42531705%2C42532524%2C95348620%2C31088249%2C95345966&oid=2&pvsid=2493823566595107&tmod=226180128&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=367
Frame ID: 24CD63DAA4908F4E51F26A9E7DF3CAA6
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Frame ID: F81E6995A1DDAD0F27D089825AA2696E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 09008255B1E3AD7A48E574EEB2831009
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 5AEF7F24E25017DF4F590004497B9736
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FE94036208FDA16E415BD377F49E372
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EB3236A9E67F857852CA59FFB9BE475B
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=null&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: EB8234102D7700D24A1F041C7243745C
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: 92EEB48A3E43705D9E88C843F3E33AB4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D41e10f4484344f4cabf32abfc6e41c0b%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Frame ID: EA2B6F81044E69FB046288783C39EC4E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D41e10f4484344f4cabf32abfc6e41c0b%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Frame ID: 76CB7993760A618B970D1A295EA1792F
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

277
Requests

81 %
HTTPS

25 %
IPv6

77
Domains

117
Subdomains

73
IPs

8
Countries

4727 kB
Transfer

11879 kB
Size

107
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://script.google.com/macros/s/AKfycbyd5AcbAnWi2Yn0xhFRbyzS4qMq1VucMVgVvhul5XqS9HkAyJY/exec?tz=America/Caracas&callback=jQuery21405377636915510533_1733064415460&_=1733064415461 HTTP 302
  • https://script.googleusercontent.com/macros/echo?user_content_key=BCY5aGfUCt_hzxW3Ty3XsY27YWajw23qyFub4kVM8Slg0n0b_8wTnHw_Do3RaArg-oFjP3gaTT-h1NRgeLQTrYij4qv4NuDyOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa3yyHzWbGFEItHPvr8Vf9wV-tOgp4HKMJaknxR_EkoqjD61LlwzLHe9q_j9_f45VQzIdATC5zMF1HRVYnt67Q2CQZr8P5LEnvJ6h9Y8h7y-XerrIPQvspQpHfqzMny4vUvzcn0AowRUSbLKSH_luTb-TXKrKsh8AQzzE5nLCo6nzt0jxlANKLpPA4R6jvBPFAw&lib=MwxUjRcLr2qLlnVOLh12wSNkqcO1Ikdrk
Request Chain 98
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&domain=bankcardsms.hasanjafari1251.workers.dev&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=CS55dXxUelR4T3p5WXp6b2Z2Z0V3RlpZV2lYTlVwSEIyNXpDVkxOVkNxYVpBUFZUZEViWTJpK2NJOE16SzZic2NkL2tnSjU1UGp3azhFOWJuMDFzS3JWWm5rSXRObkpzNmRUazJ1elVrYlZxNGFEUzhPdzZIVDY4MkdRcGNTZ2dJZ1oxR2ExK3c2eDFjM1VabTN0YS9TTWZ0aXhqQmpvYnFMNi9PQm5jL2RSSXpnUVBmU0VSM2NlbmtaR3lYVmlQS1JDY0VGSENUU3VCVVB2anJPblFzZURaTXg3OGsyOTNBL0J2U0ZEUG00MVkxa1Y2akVuK3g0ajdUOHAxd2lBTEdMQS96aU5MVk1DbDJvbmgzcFdZQWk4Z25PdWZ0QVpuT3l4LzQwQllValM2djRHaz18&cppv=2
Request Chain 173
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=69486442-654b-4588-9b37-fc02e031a760 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=69486442-654b-4588-9b37-fc02e031a760 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a042d596-c8c1-4193-8090-cb06f0ff3bd6&user_group=1&ssp=vidoomy&bsw_param=69486442-654b-4588-9b37-fc02e031a760 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=69486442-654b-4588-9b37-fc02e031a760
Request Chain 175
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=681189&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1733064418 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=681189&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1733064418
Request Chain 212
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=2
Request Chain 215
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 225
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LgiuWAAR&src=aps&ver=1.14.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LgiuWAAR&src=aps&ver=1.14.0&b=1&tp=LKbEsDSfmPoQ0nJ181gYNEAqFw00R5biDwa2hGkb53A%3D
Request Chain 231
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=41e10f4484344f4cabf32abfc6e41c0b&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DColossus%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=34&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Colossus&api-tier=2&uid=e6b429a3-e437-4f00-8253-6b897c4dce3f
Request Chain 232
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=LoopMe&api-tier=2&uid=b2bcaee4-0e7c-4eef-82f3-c722fda911b9&pubid=11186&gdpr=0
Request Chain 233
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=41e10f4484344f4cabf32abfc6e41c0b&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DTelaria%26api-tier%3D2%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Telaria&api-tier=2&uid=87554730bd2d4b968b42e1c00a2e5fb5
Request Chain 234
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Crimtan&api-tier=2&uid=06b6d6d8b26543b399748ffd5188b3cd
Request Chain 235
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=SundaySky&api-tier=2&uid=d6.557c3d65b36e4a408b0b5cbddd97972d
Request Chain 237
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Sonobi&api-tier=2&uid=ad0e1355-7176-4eb6-bc45-52a3703759a4
Request Chain 238
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=PulsePoint&api-tier=2&uid=buSDwkN6q2Vn
Request Chain 239
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3dSharethrough%26api-tier%3d2%26uid%3d%7BUSER_ID%7D HTTP 302
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=617fd5c3-4175-4be8-a5a3-5d8d001b1640&gdpr=0&gdpr_consent=null
Request Chain 241
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DNexxen%26api-tier%3D2%26uid%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=44&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Nexxen&api-tier=2&uid=OPTOUT
Request Chain 242
  • https://x.bidswitch.net/sync?ssp=connatix&user_id=41e10f4484344f4cabf32abfc6e41c0b&gdpr=0 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=66230c4e-afe4-431d-bde8-e9a5ca4039a5&ssp=connatix&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 243
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Amobee&api-tier=2&uid=8477176392545376485
Request Chain 245
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=TripleLift&api-tier=2&uid=2974361485253787731724
Request Chain 246
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=YieldMo&api-tier=2&uid=VzEYkccQmYclf0cj0815&gdpr=0
Request Chain 247
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Beeswax&api-tier=2&uid=AAGQvU7OmO4AABaVuOKVLQ&gdpr=0
Request Chain 248
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=null&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d48%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3dSmaato%26api-tier%3d2%26uid%3D%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=48&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Smaato&api-tier=2&uid=e9454ed0a3
Request Chain 249
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=ResetDigital&api-tier=2&uid=000001696CBA3C16
Request Chain 251
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Index&api-tier=2&uid=Z0x25MAoJHEAACe0AwVLJwAA%261559
Request Chain 252
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=6d7483223ee9285b74b68e6130fe6f11&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 254
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DAdelphic%26api-tier%3D2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Adelphic&api-tier=2&uid=8c283a19-3b48-48e0-b668-9d05ba3f791b
Request Chain 255
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=AppNexus&api-tier=2&uid=6984802009774031328=&gdpr=0
Request Chain 256
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D41e10f4484344f4cabf32abfc6e41c0b%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553%2526gdpr%253D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCentro%26api-tier%3D2%26uid%3D7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553%26gdpr%3D0
Request Chain 257
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=df65a03f-4b82-4fcf-92ce-834a74e02676&ttl=1735656419
Request Chain 258
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&nwid=3630&gdpr=0&gdpr_consent=null&url=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d40%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3dSmartAdServer%26api-tier%3d2%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://capi.connatix.com/us/pixel?puid=5596743279597712944&pId=40&gdpr=0&gdpr_consent=

277 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bankcardsms.hasanjafari1251.workers.dev/
329 KB
29 KB
Document
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56fb86d599e41968b4ce853040f4976762883abed9e19724960607f066421dcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb3de843c4d742d-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 01 Dec 2024 14:46:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ndjz2MIJZA1am0LyNqqR00T8%2BetNvHldo0zrgSqE%2FiG8W6J9IBGibanySRqpDhXXsVo5uM6PLh5WpIGknhOSf%2BaD%2B8ilrFgmmujn0BpIXhTSJkqLelJlijnNWS2wy285jWo9VktrrktddpYQHYJZMjFVmliwVH1u9o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29828&min_rtt=29588&rtt_var=4853&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4504&delivery_rate=507&cwnd=12000&unsent_bytes=0&cid=3980baa025a879c4&ts=1433&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
354296
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOX53TX0a1Gsj5t9Bi8Giw2DEhJCTjimmvimR0B3AxUJmElUjenaHNZWXEP%2B8XSiL6R8jAH%2FfQo4Atb0Er0ZF%2BXq889Vb2HQ%2FxIjZzqGKaRp2ELoP%2BUQtFK%2FN92oQallETBWD%2BJc"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 14:46:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8eb3de8dfb54334f-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
22 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
W/"ec3bb52a00e176a7181d454dffaea219"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:54 GMT
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
06/21/2024 18:24:30
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7223f5b5f16dd341519cb5f37c867dc5
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8eb3de8e08ba5f1f-MIA
access-control-allow-origin
*
cdn-edgestorageid
878
server
cloudflare
cdn-requestcountrycode
US
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 01 Dec 2024 13:42:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
3 KB
586 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Catamaran:300,400,100
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
faa493371e9749cfd0352795c4e8452c36eed75d898ae5f65de4d0174818b9ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 01 Dec 2024 14:45:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fonts2.css
bankcardsms.hasanjafari1251.workers.dev/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56026585b93261fff004ebdd07bfc05fd25c8632ad3264d6173e39395299e8f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"165f-5a7bd6cc412c0-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkZh7xqEwFJ2xnBIijJsxShMRdvCoEQNHmK%2BCy9KNRm6JTb4gy6OZSIZ39nRjW9Xgzk0WnL8lI9RMi3SdFQPqy83fKL%2FisJ%2Bm8kZFcwzjuwTgm%2FK1TeOo7u0Q%2Fl%2FOCUh5xTTrjWPbZ4iwNrvglpYxYpt4h%2F1KxUMcfA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33299&min_rtt=29588&rtt_var=4135&sent=72&recv=52&lost=0&retrans=0&sent_bytes=62373&recv_bytes=13940&delivery_rate=8166&cwnd=24000&unsent_bytes=0&cid=3980baa025a879c4&ts=2353&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/css
last-modified
Wed, 10 Jun 2020 16:34:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc883742d-MIA
accept-ranges
bytes
content-length
1003
server
cloudflare
header.css
bankcardsms.hasanjafari1251.workers.dev/css/
0
0
Stylesheet
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/css/header.css?ver=1.0
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PhsQTjlaHvJnwmqFEeuTMutNbPcYO%2B6h1gygQCmZgOlnUu2wsV%2FEDiZRmTe7tEtRPuOo6cqDf8NocesqFzPAtXAYI6dEZCHl8DogWuNnD3EjJNXsV1fKj9L99EXvrngTi%2B2Id6w9VaJTf3O%2BQFesKkZciSFgbDimzg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc885742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32312&min_rtt=29588&rtt_var=2211&sent=179&recv=87&lost=0&retrans=0&sent_bytes=167071&recv_bytes=15482&delivery_rate=538722&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=2615&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
style1.css
bankcardsms.hasanjafari1251.workers.dev/css/
349 KB
45 KB
Stylesheet
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/css/style1.css?ver=1.13
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4db621709f4a919193ccf084cc430d473a7374141f1ecf8393c32dc63ee1f62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"57233-5fb3249581840-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keNCAxqj1a8jYDQIM2TWe48Oxa8OMit7Zm2K5NRPTTCITQxhNahALyby0rBHemQzyQiZ11Sudjfef67RVEQQ9xUhdt06CV5d8gAqoUz8lD9eHRxvN4UZkD0PSaaVd1foI1bAktT%2FN%2BT6UfnVemnwCfir4L%2FnNqZOh%2BY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33456&min_rtt=29588&rtt_var=2458&sent=135&recv=81&lost=0&retrans=0&sent_bytes=117540&recv_bytes=15214&delivery_rate=284915&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2583&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/css
last-modified
Mon, 08 May 2023 17:51:21 GMT
vary
Accept-Encoding
priority
u=0,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc887742d-MIA
accept-ranges
bytes
content-length
45195
server
cloudflare
icons.css
bankcardsms.hasanjafari1251.workers.dev/css/
0
0
Stylesheet
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/css/icons.css?ver=1.0
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umno1%2F0vnieoTA%2Be7KA4ZnIqMDjxOcy0crMXkYq6MctLnyElKh6JpvjtxdDXIBLaBFUac1xAOPDNJa3FwQB49V5Hkmnd7Yl8jHdaiuJJtXE8qB0cSOM5c2aTosj8sxq0msps%2BttOwV9f%2F4qqOkd40B4jAuFvnvBMew4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc889742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=116&recv=80&lost=0&retrans=0&sent_bytes=107023&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2548&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
home.css
bankcardsms.hasanjafari1251.workers.dev/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/css/home.css?ver=1.0
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9052edc3bff2b191d321f54706ec8d7e8a1688e8ec9c2955aa0214cf53340eaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"41e9-5a7bd6cc412c0-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoKOI9d1qsfRFpXTxATQDhp7kVXCiqFZRXiO9zZfjtNSkXxgC2fLdXZzyHYPw1PlwDzPdK9D7PhiCMmKeiDqwwHhkiJX7bv7Me%2F4PqGtkEPWApV2Quft%2F9zy2OoK5MJX0YvDD0f9mHytwAWLcMr1xJ%2FrggnPEK9fCsY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31723&min_rtt=29588&rtt_var=1683&sent=56&recv=49&lost=0&retrans=0&sent_bytes=46211&recv_bytes=13811&delivery_rate=417593&cwnd=20400&unsent_bytes=0&cid=3980baa025a879c4&ts=2332&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/css
last-modified
Wed, 10 Jun 2020 16:34:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc88b742d-MIA
accept-ranges
bytes
content-length
3642
server
cloudflare
modernizr.js
bankcardsms.hasanjafari1251.workers.dev/js/vendor/
11 KB
5 KB
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/modernizr.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf84d2e8da27f328180acc0f3f36766c1ff2a4acef7ccb077b81d41fb00be52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2c08-5a7bd6ce29740-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1H7n%2B5HMTRY1WOjaYM1UUx%2BdJHPe2no9yvYm4z1N6sgJAZqYCeu6hHTqdfq9QaaVjbEOUVpsLZNsV9LRiOT975aDQVAAqxvmo3A0qQWX0BuBPVdAR9prtBoV7C4y7brCdPcAv0NvbbV0HoSbc9EPPgkit%2BjfjTP7rw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31723&min_rtt=29588&rtt_var=1683&sent=51&recv=49&lost=0&retrans=0&sent_bytes=40733&recv_bytes=13811&delivery_rate=417593&cwnd=20400&unsent_bytes=0&cid=3980baa025a879c4&ts=2323&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Jun 2020 16:35:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc88d742d-MIA
accept-ranges
bytes
content-length
4637
server
cloudflare
jquery.js
bankcardsms.hasanjafari1251.workers.dev/js/
83 KB
30 KB
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/jquery.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d421553afa9368b8f95a052a1716d3e654017fd6780e8e7a1e225ac4a252762

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"14cfc-5a7bd6ce29740-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0sVko1YE5OAzIE7uY%2FeeSczfCnJ2bYjHstE%2Fmdri6WhxUCXrY34V8zP0dkZ87h%2FCE8EZBIsRlw8jTIqOwyFjJIIr7vLPuJHZ4HU%2F1oEuUSxbui4vpNFnn7MP8rmjWuQNCCOIh9ZuEMoH1p5E6R7kJlM%2FLxuNNUeQVE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36039&min_rtt=29588&rtt_var=3349&sent=86&recv=69&lost=0&retrans=0&sent_bytes=72109&recv_bytes=14684&delivery_rate=415312&cwnd=24000&unsent_bytes=0&cid=3980baa025a879c4&ts=2463&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Jun 2020 16:35:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc88e742d-MIA
accept-ranges
bytes
content-length
30087
server
cloudflare
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/
35 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"8c237312864d2e4c4f03544cd4f9b195"
age
1654352
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:54 GMT
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 14:10:51
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
54e785df1b0bb9d55baed0b6aa769fb2
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8eb3de8e08125c6a-MIA
access-control-allow-origin
*
cdn-edgestorageid
625
server
cloudflare
cdn-requestcountrycode
US
cx.js
bankcardsms.hasanjafari1251.workers.dev/js/
9 KB
3 KB
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/cx.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca92e3bb206118e38753ec00041d0e430d6b83f331f829614be67b691053997

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"254d-5a7bd6cf1d980-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pch%2FDpkWAkKD5xuOIdSPtPXHOtb9x%2FSjyRthNg6qGxBeJxNEDFK6oC0ofmKxGK77IDU7N7cPjY%2FJA0cLmOf0C6U9BDLw0bA5yphTX2JKEN1tJKm6qkqFNagfpxaOn%2BLjI1N%2F3%2BIe7MVlVFIpgggFp5kxj6oWdruQ89M%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31723&min_rtt=29588&rtt_var=1683&sent=45&recv=49&lost=0&retrans=0&sent_bytes=34701&recv_bytes=13811&delivery_rate=417593&cwnd=20400&unsent_bytes=0&cid=3980baa025a879c4&ts=2309&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Jun 2020 16:35:02 GMT
vary
Accept-Encoding
priority
u=1,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc890742d-MIA
accept-ranges
bytes
content-length
2195
server
cloudflare
gpt.js
www.googletagservices.com/tag/js/
107 KB
33 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce652a6f02f6574375e69db7945de0f0d95bfce9f7f83f7649a5a455f4d6d4da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
etag
312 / 20058 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33296
x-xss-protection
0
server
cafe
load.js
s.ntv.io/serve/
596 KB
186 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.78 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-78.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
421944cfcb82db447af1669be631f6e474df45749095e807d518e69e56d329cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Content-Encoding
gzip
ETag
"975526d94364cba29bc2a1f22c83a9cb"
Access-Control-Allow-Methods
GET
Date
Sun, 01 Dec 2024 14:46:54 GMT
Last-Modified
Mon, 25 Nov 2024 18:26:21 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
x-amz-id-2
CKxGmtrC1ARi6mJw0A+UJN9xdEXfYKB3t92U5NZzF7kj6iiZEMNDTO7cf+lYEGAt5vGGJHYtgpfmlwHoGesQ6g==
Transfer-Encoding
chunked
Access-Control-Allow-Headers
*
Cache-Control
public, max-age=3600
Connection
keep-alive, Transfer-Encoding
x-amz-request-id
TKEBEWHWQZ8KW9HE
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Server
AmazonS3
x-amz-server-side-encryption
AES256
modaal.min.css
bankcardsms.hasanjafari1251.workers.dev/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/css/modaal.min.css
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321fba50919529e4bec2cfaaac7bd82c3d88120a8a30968769031027f3eaa178

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"350c-5b995485eeec0-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uoeUxeGv0jygCzznT%2F%2BmlpPAePclz4uNdwvmb6QzabQf12k6giNnhcmsDFL%2FfdaBNY4eGwafGOTinveqNHgQyrMDLifLFHIqxfplSskBDRcGsVd%2F4HS2IUHySrBDSiwfTGI8QBAnhzY%2BMbYw9s0lKGlf9fXuWZ6R120%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31723&min_rtt=29588&rtt_var=1683&sent=48&recv=49&lost=0&retrans=0&sent_bytes=37696&recv_bytes=13811&delivery_rate=417593&cwnd=20400&unsent_bytes=0&cid=3980baa025a879c4&ts=2319&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/css
last-modified
Sat, 23 Jan 2021 18:14:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc893742d-MIA
accept-ranges
bytes
content-length
2269
server
cloudflare
logo-eluniversal.svg
bankcardsms.hasanjafari1251.workers.dev/img/
5 KB
2 KB
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/logo-eluniversal.svg?v=1.0
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79eb85c3d0c5d8ef7acb0014e79912eb4f9682b35430314362a2520a891ec2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"13ed-5b30169dd4000"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJ1hSuRF4xsOU2zHWR1dhM4F3mgX%2FnORByNe%2FdzKBKcGKFcWlL2dJumjIkWQS76BPe0BppwCh3COVh1elqV00t45ClunZueoKo3%2F4tlav5f1gYHHTQYkSrqacelSR75mrPGRPXLseBFWI5tlzuvO4UWzh%2BvSAIsUUr8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc895742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35656&min_rtt=29588&rtt_var=6413&sent=77&recv=54&lost=0&retrans=0&sent_bytes=66824&recv_bytes=14026&delivery_rate=14664&cwnd=24000&unsent_bytes=0&cid=3980baa025a879c4&ts=2356&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
image/svg+xml
last-modified
Sun, 01 Nov 2020 01:18:56 GMT
vary
Accept-Encoding
priority
u=2,i
logo-eluniversal.svg
bankcardsms.hasanjafari1251.workers.dev/img/
608 B
608 B
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/logo-eluniversal.svg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e78d66dceb735565164965c6074c76349cc32f6c59d6b275d3bca0a34ccf654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oSy8TqHeUFeUavad7yqJn1PdXor7QQQ4YaCJo%2B%2FVHAYEdlA%2Ftn6E5jmYfo42vUxiOvrAayWS%2BH7GbcV6jtKJHqBVDH91xNf%2FFuE0tG6ik%2Fk%2FT1J%2B9xZ5PMU6qrMD%2FIHQE2TSLYiElHZMzoM04JaqFMMiOep98M1QPIU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc896742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35656&min_rtt=29588&rtt_var=6413&sent=81&recv=54&lost=0&retrans=0&sent_bytes=69473&recv_bytes=14026&delivery_rate=14664&cwnd=24000&unsent_bytes=0&cid=3980baa025a879c4&ts=2361&x=1", cfExtPri, cfHdrFlush;dur=1
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i
social-media2.png
bankcardsms.hasanjafari1251.workers.dev/img/
8 KB
9 KB
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/social-media2.png
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239f24399aae464ead4e601be3c4a4eb9f4ef2424e900a9c4d862814d07289ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"1f57-5afecb72ee600"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlsX7%2BhaFB5GTYTheLWKAf4c6M%2FRaCkKqszhoADEO1BKsMgQCCjJq5Sw7VbmG96RpnxeysesclsKOZ0Y6x1n4G83%2FDKajl4WZynWdNfexNn1fYpsv84fqhJje5B%2Fhy6wvzW1t1Q1MdkVTxsuqS2RTGf%2By9j7KsFarIg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc897742d-MIA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31482&min_rtt=29588&rtt_var=1744&sent=63&recv=50&lost=0&retrans=0&sent_bytes=53441&recv_bytes=13854&delivery_rate=3249&cwnd=20400&unsent_bytes=0&cid=3980baa025a879c4&ts=2348&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
8023
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
image/png
last-modified
Tue, 22 Sep 2020 20:21:44 GMT
vary
Accept-Encoding
priority
u=2,i
afiliacion-no-ws.js
bankcardsms.hasanjafari1251.workers.dev/js/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/afiliacion-no-ws.js?v=0.20
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYgh6EnHpeLtcLGnN2B9q4suKRZ4J19pNc7wG0JSuAjhOnjwo32cXhN84R9XITl1vBYv79HyPPYMaRfVNT4qsc%2FfimXHnXmLXrp899WndB789SkJ6o9HsXDcKM9C0lgOfS59ZmP3IwXeVxkyS5T4QloJc5wyyxs5Iuc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc899742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=123&recv=80&lost=0&retrans=0&sent_bytes=110966&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2555&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
modaal.js
bankcardsms.hasanjafari1251.workers.dev/js/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/modaal.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKJc78k%2BcTlqG%2FigN4LYaZ5wXIGvu3DJULD%2Baa2OVQtHr110Hsor4TCkKamBQlAELMBP%2BkI6taTtjZ0q1%2FNnH8vSytvf%2BKtlHvXVfvk2ukA9oGjdw5ij5Wi3233HYH9yFf%2BdMruXfupOZNE5rmBOxlqPGfa2xM%2BHRKY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8dc89a742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=131&recv=80&lost=0&retrans=0&sent_bytes=114923&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2562&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
ejercito-sirio-expulsa-a-terroristas-de-varias-areas-en-la-provincia-de-hama-163640.jpeg
mmedia.eluniversal.com/20058/
238 KB
238 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20058/ejercito-sirio-expulsa-a-terroristas-de-varias-areas-en-la-provincia-de-hama-163640.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
d87bac2ac64fb24ce0814432e2212e5e35e75ed8239a0d76553c8e726151f1f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674c5eac-3b615"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
243221
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 01 Dec 2024 13:03:40 GMT
server
nginx
inameh-pronostica-nubosidad-parcial-y-lluvias-en-algunas-zonas-del-pais-para-este-jueves-158616_400.jpg
mmedia.eluniversal.com/19985/
9 KB
9 KB
Image
General
Full URL
https://mmedia.eluniversal.com/19985/inameh-pronostica-nubosidad-parcial-y-lluvias-en-algunas-zonas-del-pais-para-este-jueves-158616_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
a92ae2fcfdda4cd0c75c7b62578d96ddce3b8cb62a21e95c3339473942dfe901

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"66ec2703-2521"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
9505
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Thu, 19 Sep 2024 13:28:35 GMT
server
nginx
donald-trump-elige-a-kash-patel-para-dirigir-el-fbi-163642_400.jpeg
mmedia.eluniversal.com/20058/
14 KB
14 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20058/donald-trump-elige-a-kash-patel-para-dirigir-el-fbi-163642_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
48c0ae849c5b482f3caedc129033c412b7d394ba4aea7d0788c88f4a9185cbaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674c6a3f-3675"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
13941
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 01 Dec 2024 13:53:03 GMT
server
nginx
paises-de-alba-tcp-firman-en-venezuela-nuevos-acuerdos-turisticos-163639_400.jpg
mmedia.eluniversal.com/20058/
19 KB
19 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20058/paises-de-alba-tcp-firman-en-venezuela-nuevos-acuerdos-turisticos-163639_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
ad7480eaa99330b13140ba5613bf81cebbf02af5a929f209e924293d9f432159

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674c65bf-4a7c"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
19068
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 01 Dec 2024 13:33:51 GMT
server
nginx
canciller-yvan-gil-mas-de-280-acuerdos-han-sido-firmados-entre-iran-y-venezuela-162864.jpg
mmedia.eluniversal.com/20045/
83 KB
83 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20045/canciller-yvan-gil-mas-de-280-acuerdos-han-sido-firmados-entre-iran-y-venezuela-162864.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
29aa85d1113f27b49ad59cf950473c1aca5b8ed1229db044aa3a7307a5b7445f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"673b8688-14aeb"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
84715
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Mon, 18 Nov 2024 18:25:12 GMT
server
nginx
senador-estadounidense-chris-murphy-victima-de-amenaza-de-bomba-163611.jpeg
mmedia.eluniversal.com/20057/
256 KB
257 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/senador-estadounidense-chris-murphy-victima-de-amenaza-de-bomba-163611.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
b79638e26b4124ecb1fc840d9cb1dca3ec64c9b35a83ecf1e6856b3c76b44cee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b276a-40106"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
262406
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 14:55:38 GMT
server
nginx
zelenski-admite-estar-dispuesto-a-entregar-territorio-a-rusia-163593.jpg
mmedia.eluniversal.com/20057/
65 KB
65 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/zelenski-admite-estar-dispuesto-a-entregar-territorio-a-rusia-163593.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
2ba6a0f4a6093e54c5415326258758beb93cbf1a9ae05dc561224305fcb2193f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b0d46-103be"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
66494
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 13:04:06 GMT
server
nginx
santa-claus-de-la-cota-mil-dara-la-bienvenida-a-la-navidad-este-domingo-163598.jpg
mmedia.eluniversal.com/20057/
96 KB
96 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/santa-claus-de-la-cota-mil-dara-la-bienvenida-a-la-navidad-este-domingo-163598.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
ef2bff82ea7357e2213a20261e84fad7e4017e2733e35fd148b9f7f6c97555ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b1529-17fcc"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
98252
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 13:37:45 GMT
server
nginx
tiroteo-en-centro-comercial-de-arkansas-durante-black-friday-deja-3-heridos-163595.jpeg
mmedia.eluniversal.com/20057/
227 KB
228 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/tiroteo-en-centro-comercial-de-arkansas-durante-black-friday-deja-3-heridos-163595.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
875a645667f482ff079187784ae37413a12e7edc2aded0b535ce029db0df99dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b0edc-38d66"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
232806
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 13:10:52 GMT
server
nginx
left-arrow.png
bankcardsms.hasanjafari1251.workers.dev/img/
2 KB
3 KB
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/left-arrow.png
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff6b9a349fa126dbfcb3e7320a9ad405fe1ec7b084078d3c12536fb5db33e29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"7fc-5a7bd6cf1d980"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcFGHQcMWFfT3K8kHZT803TQVUXN2M926ZTCzziu9jBcVI2zNRImjxrZshLL1GOg2T6WsbpWhpgA212BhUjVGa53V9Vsu5LNM37cXq%2B8evys4FfkVHh1sjY0Qc41pBGAYweCGg0csvyni8egt1rNxW3vVE6AffihJkI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8df8b9742d-MIA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31482&min_rtt=29588&rtt_var=1744&sent=60&recv=50&lost=0&retrans=0&sent_bytes=50645&recv_bytes=13854&delivery_rate=3249&cwnd=20400&unsent_bytes=0&cid=3980baa025a879c4&ts=2340&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
2044
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
image/png
last-modified
Wed, 10 Jun 2020 16:35:02 GMT
vary
Accept-Encoding
priority
u=3,i
right-arrow.png
bankcardsms.hasanjafari1251.workers.dev/img/
608 B
608 B
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/right-arrow.png
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e78d66dceb735565164965c6074c76349cc32f6c59d6b275d3bca0a34ccf654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GVY7QQWaecvGPfJ9XjYXg5koWCeGuMWL1a6d9qaQDzZ7us0z0abTg1r7xATjbwts%2FxQy1gCgjuQCFFUJ7Kelob%2FfDgVOFpxiQvVu1fRa8doTywWkYZCSRPCN%2FeFPAq4Ix%2FYKvK31cvQGvu6dfsrMM8tzRdHUqoJrzSg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8df8bc742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=128&recv=80&lost=0&retrans=0&sent_bytes=113595&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2556&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
maduro-163442_400.jpg
mmedia.eluniversal.com/20054/
15 KB
15 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20054/maduro-163442_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
554d41b07ae5de8cb61b9f7a1f6bda6128ac6e924a09734fba8142adb83b982c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6747a4e3-3c29"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
15401
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Wed, 27 Nov 2024 23:01:55 GMT
server
nginx
recuperacion-de-planta-muscar-va-paulatinamente-163353_400.jpg
mmedia.eluniversal.com/20053/
20 KB
20 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20053/recuperacion-de-planta-muscar-va-paulatinamente-163353_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
26549bb2d200405654c95eacd379f11d1216689be4d50862eccb218256e23059

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6745d759-4f7b"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
20347
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Tue, 26 Nov 2024 14:12:41 GMT
server
nginx
jorge-rodriguez-con-la-ley-libertador-simon-bolivar-nuestro-pais-no-tolerara-ninguna-agresion-163528_400.jpg
mmedia.eluniversal.com/20055/
8 KB
8 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20055/jorge-rodriguez-con-la-ley-libertador-simon-bolivar-nuestro-pais-no-tolerara-ninguna-agresion-163528_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
64c583761c94f41e31ff697347b1e0bf3b7fe373b7c07392cc633384332e9457

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6748ff1b-212c"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
8492
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Thu, 28 Nov 2024 23:39:07 GMT
server
nginx
rafael-martinez-nestares-23236_400.jpg
mmedia.eluniversal.com/18024/
12 KB
13 KB
Image
General
Full URL
https://mmedia.eluniversal.com/18024/rafael-martinez-nestares-23236_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
a973e499a4929f6c1d2faa35f1eef7698d95217c96d2b31046b4a28fee9a492a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"5f40df14-31c6"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
12742
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 22 Aug 2020 09:02:12 GMT
server
nginx
rafael-rangel-aldao-140476_400.jpg
mmedia.eluniversal.com/19727/
22 KB
22 KB
Image
General
Full URL
https://mmedia.eluniversal.com/19727/rafael-rangel-aldao-140476_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
a8bfb4613ee191dc7420b756a26db3a17afb2a2fdb893c0ce3e6d32a6f2b4f40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6598d069-5735"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
22325
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 06 Jan 2024 04:00:41 GMT
server
nginx
jose-luis-cordeiro-3026_400.jpg
mmedia.eluniversal.com/17767/
9 KB
10 KB
Image
General
Full URL
https://mmedia.eluniversal.com/17767/jose-luis-cordeiro-3026_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
7839276c6d4c7f5b1c033828e4a21929788349c14dfb2d71a1ce78b4dd52c741

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"5e896870-2561"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
9569
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 05 Apr 2020 05:11:12 GMT
server
nginx
hallacas-89702_400.jpg
mmedia.eluniversal.com/18957/
34 KB
34 KB
Image
General
Full URL
https://mmedia.eluniversal.com/18957/hallacas-89702_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
d038302b0d31aa16245735f2dc0ed1303003924fbff2fcee640d6b4865f76b69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"61a157a8-8654"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
34388
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Fri, 26 Nov 2021 21:54:48 GMT
server
nginx
centros-comerciales-extienden-horarios-por-el-black-friday-89690_400.jpg
mmedia.eluniversal.com/18957/
26 KB
26 KB
Image
General
Full URL
https://mmedia.eluniversal.com/18957/centros-comerciales-extienden-horarios-por-el-black-friday-89690_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
3549833fcca4a65bdda7574e82cf61cfe719b8d240ddbdcb7cbef7a12ddcdd73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"61a10888-68b1"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
26801
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Fri, 26 Nov 2021 16:17:12 GMT
server
nginx
el-metrobus-se-pagara-con-la-tarjeta-suve-157998_400.jpeg
mmedia.eluniversal.com/19977/
20 KB
20 KB
Image
General
Full URL
https://mmedia.eluniversal.com/19977/el-metrobus-se-pagara-con-la-tarjeta-suve-157998_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
7c5e6766c9466dbece5425fb9e47533f33fa43040bb4cf40a36c02ca2f3b5272

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"66e1b75b-4f8e"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
20366
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Wed, 11 Sep 2024 15:29:31 GMT
server
nginx
importacion-y-exportacion-47443_400.jpg
mmedia.eluniversal.com/18355/
16 KB
16 KB
Image
General
Full URL
https://mmedia.eluniversal.com/18355/importacion-y-exportacion-47443_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
e49a1ba7f8148c3322d0dbef05b88801eed3b5c672ac7a9f13e2ffbebdfbf712

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"5e89689d-3fb3"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
16307
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 05 Apr 2020 05:11:57 GMT
server
nginx
bcv-estima-que-crecimiento-del-segundo-semestre-de-2022-sera-de-187-108996_400.jpg
mmedia.eluniversal.com/19228/
17 KB
18 KB
Image
General
Full URL
https://mmedia.eluniversal.com/19228/bcv-estima-que-crecimiento-del-segundo-semestre-de-2022-sera-de-187-108996_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
e58b361465b451cfe4628d7a0dc074a1d33b5dcbf1f8a22a7b75bb3f63e784bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"63056b03-4523"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
17699
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Wed, 24 Aug 2022 00:04:19 GMT
server
nginx
viernes-negro-en-venezuela-163601_400.jpeg
mmedia.eluniversal.com/20057/
26 KB
26 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/viernes-negro-en-venezuela-163601_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
4754ca3f6ee3f1d25ab4b0c9ed9ba829db93e3ff0d5d84edafe1c13230f956c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b1c64-6729"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
26409
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 14:08:36 GMT
server
nginx
tortugas-2085_400.jpg
mmedia.eluniversal.com/17758/
19 KB
19 KB
Image
General
Full URL
https://mmedia.eluniversal.com/17758/tortugas-2085_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
f8fd96f3e3edbf81c3986029a171cf00edc2f5726f8085289c24a40dcb0125c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6034843d-4aac"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
19116
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Tue, 23 Feb 2021 04:27:41 GMT
server
nginx
ministro-hector-rodriguez-entrego-rehabilitacion-del-liceo-marco-antonio-saluzzo-en-maturin-161573_400.jpg
mmedia.eluniversal.com/20026/
24 KB
24 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20026/ministro-hector-rodriguez-entrego-rehabilitacion-del-liceo-marco-antonio-saluzzo-en-maturin-161573_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
eeb285157ca4bfbf19f912c7589f3ad722516959ff9e05091cdfe47b08512a7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"672299f3-5e88"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
24200
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Wed, 30 Oct 2024 20:41:23 GMT
server
nginx
columna-coronando-tu-exito-143404_400.jpg
mmedia.eluniversal.com/19776/
10 KB
10 KB
Image
General
Full URL
https://mmedia.eluniversal.com/19776/columna-coronando-tu-exito-143404_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
805c8b580569269179b31415dc3603fa822ea71b24d0c2fe7a25797685c4f80b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"65db97e8-274d"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
10061
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 25 Feb 2024 19:41:28 GMT
server
nginx
gran-pajaro-del-desfile-de-navidad-se-desploma-sobre-la-multitud-en-francia-163637_400.jpeg
mmedia.eluniversal.com/20057/
17 KB
17 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/gran-pajaro-del-desfile-de-navidad-se-desploma-sobre-la-multitud-en-francia-163637_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
6ccdc814696d3cce7103ef2d02c99cdacc4d19f59093abb7608462831cda8e43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674ba4c3-4203"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
16899
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 23:50:27 GMT
server
nginx
iran-califica-la-ofensiva-yihadista-en-siria-de-parte-de-un-plan-de-israel-y-eeuu-163624_400.jpg
mmedia.eluniversal.com/20057/
23 KB
23 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/iran-califica-la-ofensiva-yihadista-en-siria-de-parte-de-un-plan-de-israel-y-eeuu-163624_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
387f93640f39d80315b40b6c8a9702b7a0bd642cfaedea25c2a4f32e4638fc26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b547a-5c13"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
23571
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 18:07:54 GMT
server
nginx
nuevo-foco-en-medio-oriente-tension-en-siria-yihadistas-entran-en-alepo-163620_400.jpg
mmedia.eluniversal.com/20057/
13 KB
13 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/nuevo-foco-en-medio-oriente-tension-en-siria-yihadistas-entran-en-alepo-163620_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
708d5b3ba4f57bdb6eeec6dd307e1fad10f210705984aa761e6ca88132b3d98c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b41cf-32d3"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
13011
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 16:48:15 GMT
server
nginx
mujeres-venezolanas-se-encuentran-ante-situacion-de-vulnerabilidad-y-riesgo-por-razones-de-genero-163471_400.jpg
mmedia.eluniversal.com/20055/
11 KB
12 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20055/mujeres-venezolanas-se-encuentran-ante-situacion-de-vulnerabilidad-y-riesgo-por-razones-de-genero-163471_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
8abc71ab27fb300becb995a990e4daf11654c3a01d2e228b27f36ddd4c315b97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674c6232-2d9c"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
11676
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 01 Dec 2024 13:18:42 GMT
server
nginx
al-cumplir-60-anos-adolf-seefeldt-desato-el-monstruo-que-mantuvo-escondido-a-lo-largo-de-su-vida-163475_400.jpg
mmedia.eluniversal.com/20055/
7 KB
7 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20055/al-cumplir-60-anos-adolf-seefeldt-desato-el-monstruo-que-mantuvo-escondido-a-lo-largo-de-su-vida-163475_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
47324c8333704a443c43f731f033c673cabf441b84147b8452cd8b551b6562f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674c6232-1c28"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
7208
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 01 Dec 2024 13:18:42 GMT
server
nginx
maria-catalina-rivas-espinoza-y-su-hija-alejandra-sofia-rivas-estan-perdidas-desde-junio-163480_400.jpg
mmedia.eluniversal.com/20055/
18 KB
18 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20055/maria-catalina-rivas-espinoza-y-su-hija-alejandra-sofia-rivas-estan-perdidas-desde-junio-163480_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
e5da9d365523cd94532f51ebb3a53007f13fca96a1eb733f510a10e4dbcab38e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674c6232-461c"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
17948
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 01 Dec 2024 13:18:42 GMT
server
nginx
venezuela-logra-el-primer-lugar-en-categoria-futuros-innovadores-senior-en-la-olimpiada-mundial-de-r-163627_400.jpeg
mmedia.eluniversal.com/20057/
19 KB
20 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/venezuela-logra-el-primer-lugar-en-categoria-futuros-innovadores-senior-en-la-olimpiada-mundial-de-r-163627_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
59decd06cac05a217ba80ae5de32bafa9ebdc25a8f5a7081a07d887818fb3e44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b5d9a-4da5"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
19877
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 18:46:50 GMT
server
nginx
anthony-santander-recibio-el-premio-luis-aparicio-2024-163606_400.jpeg
mmedia.eluniversal.com/20057/
17 KB
17 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/anthony-santander-recibio-el-premio-luis-aparicio-2024-163606_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
89f9d181d628acef04d7d165884e11cb733ffefe1e235ed58f4f5269b4b341a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b2571-42af"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
17071
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 14:47:13 GMT
server
nginx
venezuela-avanza-a-la-final-del-sudamericano-de-beisbol-u10-tras-vencer-a-panama-163602_400.jpeg
mmedia.eluniversal.com/20057/
11 KB
12 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/venezuela-avanza-a-la-final-del-sudamericano-de-beisbol-u10-tras-vencer-a-panama-163602_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
684d825d8b7097c7d169cb2c7c8fabd52b86d65bdc480a35034d05f73bb4d66d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b2468-2dbb"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
11707
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 14:42:48 GMT
server
nginx
hoy-se-celebra-en-estados-unidos-el-dia-de-accion-de-gracias-163461_400.jpeg
mmedia.eluniversal.com/20055/
16 KB
16 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20055/hoy-se-celebra-en-estados-unidos-el-dia-de-accion-de-gracias-163461_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
18176153925d264c6f02239bd7626009b32136298d650aab02edbd7d9e0652ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674870f2-4127"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
16679
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Thu, 28 Nov 2024 13:32:34 GMT
server
nginx
brasil-avanza-en-una-prometedora-cura-contra-el-cancer-a-partir-del-veneno-de-una-arana-163413_400.jpg
mmedia.eluniversal.com/20054/
18 KB
18 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20054/brasil-avanza-en-una-prometedora-cura-contra-el-cancer-a-partir-del-veneno-de-una-arana-163413_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
a82501447d104a212d6e861c4aa368b9e9a87f122857386d1312967e541d600f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"67474c9e-47be"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
18366
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Wed, 27 Nov 2024 16:45:18 GMT
server
nginx
huawei-presenta-su-primer-smartphone-con-sistema-operativo-propio-163366_400.jpg
mmedia.eluniversal.com/20053/
9 KB
9 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20053/huawei-presenta-su-primer-smartphone-con-sistema-operativo-propio-163366_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
51480d4c0957eca57c7dfec14bba9f3071d279eacc042141c27dc4d5910fda00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6745feaf-242d"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
9261
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Tue, 26 Nov 2024 17:00:31 GMT
server
nginx
caida-de-laura-pausini-163626_400.jpg
mmedia.eluniversal.com/20057/
12 KB
12 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/caida-de-laura-pausini-163626_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
5b54ecd637983e79a3857c683f2c41e573186b42efbbd38902d5f27e6a3a64d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b5940-2ea7"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
11943
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 18:28:16 GMT
server
nginx
frida-sofia-llega-al-funeral-y-confirman-que-restos-de-la-actriz-seran-cremados-163618_400.jpeg
mmedia.eluniversal.com/20057/
15 KB
15 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/frida-sofia-llega-al-funeral-y-confirman-que-restos-de-la-actriz-seran-cremados-163618_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
7ec5cd688334b2823ab8a297afe7d95d1cb23364fc5cc728f92548d640e63955

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b41b5-3a65"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
14949
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 16:47:49 GMT
server
nginx
greeicy-yeliana-world-tour-163612_400.jpeg
mmedia.eluniversal.com/20057/
8 KB
8 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20057/greeicy-yeliana-world-tour-163612_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
fc781d8da1fc37a00dd98b6fb3698f98520da95f454488ab85b9024ec78e19d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"674b2d5f-2096"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
8342
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sat, 30 Nov 2024 15:21:03 GMT
server
nginx
federico-x-durante-el-desfile-del-royal-life-guards-cortesia-162870_400.jpg
mmedia.eluniversal.com/20045/
19 KB
20 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20045/federico-x-durante-el-desfile-del-royal-life-guards-cortesia-162870_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
0797ff7fa6ddb49cdab0995664341ee69c21ec76b6366775a4add92ac24c89ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6743461d-4ddf"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
19935
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 24 Nov 2024 15:28:29 GMT
server
nginx
helder-rivero-director-general-de-fiat-venezuela-y-la-presentadora-natalia-moretti-162866_400.jpg
mmedia.eluniversal.com/20045/
14 KB
14 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20045/helder-rivero-director-general-de-fiat-venezuela-y-la-presentadora-natalia-moretti-162866_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
2b8e916500a9a1817a005a3bbf922015cafe101a5c0d70305f12eb05c3dc6569

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6743461d-38e7"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
14567
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 24 Nov 2024 15:28:29 GMT
server
nginx
directiva-de-invedin-junto-a-sus-colaboradores-y-amigos-162865_400.jpg
mmedia.eluniversal.com/20045/
24 KB
24 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20045/directiva-de-invedin-junto-a-sus-colaboradores-y-amigos-162865_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
e8518c82d177d445c74f072467643280c30c0c6d0734354fa9d17e1bc219982e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6743461d-5e8f"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
24207
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Sun, 24 Nov 2024 15:28:29 GMT
server
nginx
promocion-bnc-octubre-160601_400.jpg
mmedia.eluniversal.com/20012/
16 KB
16 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20012/promocion-bnc-octubre-160601_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
4eb818e57c8023d5cb1fb6cc095be956fcd34b59849fbce9f136469c89e55857

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"67101bce-403d"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
16445
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Wed, 16 Oct 2024 20:02:22 GMT
server
nginx
ron-selecto-161826_400.jpg
mmedia.eluniversal.com/20031/
16 KB
17 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20031/ron-selecto-161826_400.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
4abc89595b0165a015a69d99e6420a0547d55302c6e71237170633af155174d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"6728c7b0-4136"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
16694
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Mon, 04 Nov 2024 13:10:08 GMT
server
nginx
datanalisis-en-contexto-10-12-24-162121_400.jpeg
mmedia.eluniversal.com/20035/
30 KB
30 KB
Image
General
Full URL
https://mmedia.eluniversal.com/20035/datanalisis-en-contexto-10-12-24-162121_400.jpeg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
8bf6a137a4e08aa496cde185bff2257eeefd38c4eacd56d3fa579543af6682ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"672dff7a-7792"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
30610
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
image/jpeg
last-modified
Fri, 08 Nov 2024 12:09:30 GMT
server
nginx
knoios.png
bankcardsms.hasanjafari1251.workers.dev/img/
3 KB
3 KB
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/knoios.png
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bc7258134f4407f9f5150e1f93c3cbfdc6eefa1290276eef1e39c0fbf71f4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a5c-5a7bd6cf1d980"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WpnvH%2BDWb4gdXwM9bMLaMj9GnAxnftmB1tH8BrxTl3AbRkka55dTIbZJwFtm0DIF%2F6elf87rVijn1a2QFBJlZY4GOe1UsoAIDFpMff3L%2FG8EE3ov7ocCMkoQmL4kTKKk7uoCshi2cNZXH%2BT%2FYsUbwaXE8KEs075IjA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08d5742d-MIA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34546&min_rtt=29588&rtt_var=993&sent=113&recv=79&lost=0&retrans=0&sent_bytes=103607&recv_bytes=15124&delivery_rate=278613&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2535&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
2652
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
image/png
last-modified
Wed, 10 Jun 2020 16:35:02 GMT
vary
Accept-Encoding
priority
u=3,i
jquery.js
bankcardsms.hasanjafari1251.workers.dev/js/vendor/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/jquery.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JN7RzNdPX5P2wQF9LlDoxB8M1vv87zO2ptEIyU%2FANm1qPIO156WJup6JlZ6tQtVcAITxDSN6IBG6KhZpTtTpf%2By%2BFpV%2F%2FmCGNmVAdv5uuG%2BdNlXg4JERm2Db0DkavJHIQNQPSg3HUTNaepO4If7DUTb5cR31nqFpBWY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08db742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=133&recv=80&lost=0&retrans=0&sent_bytes=116231&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2569&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
mcustomscrollbar.min.js
bankcardsms.hasanjafari1251.workers.dev/js/vendor/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/mcustomscrollbar.min.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2B1IGZkZLCWgpKssi7Oq9uSDWykgKGeWlS9i13a%2F0gGgn9Z6JYTMfBrkIBb9he5taukARONKzdR34vbzYiHSTh%2BvEPx12izHPdKON5%2BH3H1zjgn%2BAEHs9sk0OMia94H%2FYmXqPqZLRzHNjkWybxiVPZ0UXExGKFNnP5Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08dc742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34992&min_rtt=29588&rtt_var=4638&sent=83&recv=58&lost=0&retrans=0&sent_bytes=70778&recv_bytes=14198&delivery_rate=22330&cwnd=24000&unsent_bytes=0&cid=3980baa025a879c4&ts=2377&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
jquery.marquee.min.js
bankcardsms.hasanjafari1251.workers.dev/js/vendor/
5 KB
3 KB
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/jquery.marquee.min.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac74f4ef0abd0c201ccfa987deb8ce98b4904afceef5db63aacad225930e8e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"12fb-5a7bd6ce29740-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnWr0GfslqoKU%2FJcJPhtARJJYzyCf1r4PcFTxorW1oKLfO6tcjicqudyyEmV1x6McRaBKNOudvyYU15xIvKjQEbSZAHsAZGe%2F8NGg3gvMFfy4a76bzY03ubrKFu0FVvR%2BVZsoailuvanMXz%2BBiApB6co42ksa0xj97E%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35656&min_rtt=29588&rtt_var=6413&sent=74&recv=54&lost=0&retrans=0&sent_bytes=64125&recv_bytes=14026&delivery_rate=14664&cwnd=24000&unsent_bytes=0&cid=3980baa025a879c4&ts=2353&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Jun 2020 16:35:01 GMT
vary
Accept-Encoding
priority
u=2,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08de742d-MIA
accept-ranges
bytes
content-length
1903
server
cloudflare
jquery.flexslider-min.js
bankcardsms.hasanjafari1251.workers.dev/js/vendor/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/jquery.flexslider-min.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeDmq%2BGWHdnmZdaIRwLHGe02Nl4p0cD6vrokZpT433AyJvrZWVx9ZpH0LKDhSFy%2FtQKhX492uAn%2F%2FzK%2FbrStgdq82sH7Kf1Ak363QJ%2By0rMlRKkC4UUdl%2BR960%2F4NXMBaPbDEN%2BuzxYItcNCUpH38vgxQyJ5qdLWE3Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08df742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=119&recv=80&lost=0&retrans=0&sent_bytes=108347&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2553&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
selectordie.js
bankcardsms.hasanjafari1251.workers.dev/js/vendor/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/selectordie.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgR8gDEOhlvzLqlj4rn6C6vfNFOVEbImdVHbVh6tXHYF3vJRyDlrrTUzYjawPdFFfrc9gYeDbk0NUIAd%2FVeJlGubNEkPqiDRk8REHizZJEWL5Mxi7od8htYR2FXuBoLhXr2FktqcR%2BxA%2ForfZgQsKO2VN3JOnvsQ%2FWU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08e0742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=121&recv=80&lost=0&retrans=0&sent_bytes=109660&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2554&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
main.js
bankcardsms.hasanjafari1251.workers.dev/js/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/main.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yiuvm2a2zcs8%2BO8RW1BHXBkXKK1%2BiId1AyCkBslKO%2B34l2DspAQ2UqZXBp6o6ac%2BDuqJtRh6vWRUiTbposMMRhw7orHL3iVkhNIoXczA0fJOCPj5vB5xNeFeIA4bBkSXuwyf%2BY14%2BdJTw5mTOrJtzEK3kftO7R%2BpuHM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08e1742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33034&min_rtt=29588&rtt_var=2689&sent=175&recv=82&lost=0&retrans=0&sent_bytes=164453&recv_bytes=15258&delivery_rate=192014&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=2590&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
foundation.min.js
bankcardsms.hasanjafari1251.workers.dev/js/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/foundation.min.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BweUq6hvF6eg4DtSlcji1hI4HkfkR%2FUE%2FklBV3IlW%2B2%2FodNkFC8hEzr7lkPQv3hThxYMS2cvCHagVKTCd7QH%2BGJdV9hPVQqraTKQt11gZqvAhHaPAXph2PKjA3bcs19tu2QMgnAkwR3t6%2B4twzx1T2TEiq2Q9TsGMLQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08e2742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33987&min_rtt=29588&rtt_var=1863&sent=125&recv=80&lost=0&retrans=0&sent_bytes=112264&recv_bytes=15169&delivery_rate=195738&cwnd=48000&unsent_bytes=0&cid=3980baa025a879c4&ts=2556&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
foundation.equalizer.js
bankcardsms.hasanjafari1251.workers.dev/js/foundation/
0
0
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/js/foundation/foundation.equalizer.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZg2JR8UPAntaGvcxElcQ5iBM9SzJnBWTlKEImuexlE%2BtqgLK8i2XvfsjRtYH%2FDr3WAxPLeBmQXI4Aq6SpjlqItFa%2BgwN%2B23rsuTXYrVM%2Bt2Jv2twCysXEKqRhybHVDkh1AOhYw0hY6CVQPa5zO4kztxNlU3%2FREf37o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de8e08e4742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33034&min_rtt=29588&rtt_var=2689&sent=175&recv=82&lost=0&retrans=0&sent_bytes=164453&recv_bytes=15258&delivery_rate=192014&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=2590&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
Roboto-Regular-webfont.woff
bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-regular/
24 KB
25 KB
Font
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-regular/Roboto-Regular-webfont.woff
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"61bc-5a7bd6cd35500"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jy1FvNPxhDBPruqnszWWmADwE7PYi5UJ81I7gNV6cpYcStkTML%2FZoptu8DmMr5OMDFwP13z9sN6jHuFYWKosKXvnberadKRVmRp67KqsRZc05MtHi1TQPcS5Q3j7oDEvEsrZ7f0D532xyItFHl4iHrh%2Bx0zeEat2aJs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de94a978742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31578&min_rtt=29588&rtt_var=1687&sent=233&recv=104&lost=0&retrans=0&sent_bytes=216876&recv_bytes=19885&delivery_rate=1164593&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3565&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/font-woff
last-modified
Wed, 10 Jun 2020 16:35:00 GMT
vary
Accept-Encoding
priority
u=0,i=?0
gtm.js
www.googletagmanager.com/
218 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MH3B5L
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aacfac1c1aca1cc5f87f0cbb073e0f44ab66fb0dacf414c18fd55ed2068f0ae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 01 Dec 2024 14:46:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80221
x-xss-protection
0
server
Google Tag Manager
newglobal.sdk.min.js
tags.newdreamglobal.com/admanager/
116 KB
41 KB
Script
General
Full URL
https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3c5eeb49fa3dff2bfecebd7f56e8ef3c6b036b2743b40874fb3b8279054db6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=1800, s-maxage=86400, stale-while-revalidate=86400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67484cd5-1ced9"
age
4046
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3fEz3H5fbr82QB9avu9AZEvM9%2FAVkvGnZXDixsao5EIbwY%2BmMD71LYXzYSwlxtqcgX7jByrZUxUv5moyUrKQ7ueItrQW5dLd6sXhcf4kRVj6YwEkc8EItO7a2thQ5TaGu7BwSjZj8ySiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de95697d31e6-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29685&min_rtt=29477&rtt_var=11202&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4133&recv_bytes=4295&delivery_rate=101023&cwnd=12000&unsent_bytes=0&cid=c1e39110d6098848&ts=59&x=1", cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 10:58:29 GMT
vary
Accept-Encoding
server
cloudflare
right-arrow.png
bankcardsms.hasanjafari1251.workers.dev/img/
2 KB
3 KB
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/right-arrow.png
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16309217065405d22c0f84c89137bfd8894c1f8f603052535e87a29a5b664608

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"807-5a7bd6cf1d980"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Z%2Bb%2FhG6ebIyLYph8ZBeSf1P8rlJCDWIMf%2Bn4UxiWIAn4ExCaD%2FZYP%2BGptUd2zg9RSbrB2tUy1mWpY5AVzMiVVHL6Rq7MPig8E0KbStvrmKW%2BKLh4AYHKU2AzNTyqWHthDWkITCzm3vPhfIETRfGQDu0ptBS2OoclOs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de94f9f0742d-MIA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31807&min_rtt=29588&rtt_var=1822&sent=187&recv=99&lost=0&retrans=0&sent_bytes=168521&recv_bytes=19170&delivery_rate=385993&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3220&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
2055
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
image/png
last-modified
Wed, 10 Jun 2020 16:35:02 GMT
vary
Accept-Encoding
priority
u=3,i
logo-eluniversal.gif
bankcardsms.hasanjafari1251.workers.dev/css/img/
3 KB
4 KB
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/css/img/logo-eluniversal.gif
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/home.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a5cbf318b7d6a01a107da718fee8ad1592b421527a17b33e7707dd327e4452

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/home.css?ver=1.0

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"b93-5a284895539c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBLtqieYfpRIIkWI%2BJ0SNJXAYhUR6I06DQkvA0vByAlfHdaEH3fITm8vM%2B9ZsWph5Sol3fkQTwtBX7qxlk5gv4rLb10Q0LH5WTnFZ3IkUn7U8rAShGPNsPNWyG0HDVIlnESAUNLjIUlyseyc9JG8EYL2AKRawv%2BkB1s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de94f9eb742d-MIA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31729&min_rtt=29588&rtt_var=1521&sent=216&recv=100&lost=0&retrans=0&sent_bytes=202042&recv_bytes=19215&delivery_rate=4848&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3496&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
2963
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
image/gif
last-modified
Sun, 05 Apr 2020 05:36:47 GMT
vary
Accept-Encoding
priority
u=3,i
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
1829227
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n08HV5RP%2FTucDqSqMIxoX%2Fu49dzFIxTytPFSF6GqTPcZaa7yExQ6OJWVYk51uKQWRgKP0H4lSLWX3zh9fUsnOVY2U8IRRtPjveXtILB5F4k8VEyGv7WP%2FVNqV4Tu0ReuLdIpKroC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 14:46:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8eb3de9529f73353-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
Roboto-Bold-webfont.woff
bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-bold/
24 KB
25 KB
Font
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-bold/Roboto-Bold-webfont.woff
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"60e8-5a7bd6cc412c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlHPvxMlJanSHpWFff1FmOzi%2BV1j3VGka4H%2F3B88nMN9DYbffJeEVYgVU9CS722r1ub6YqrI9hrfFNyZMODxJW3nn3N4nXWq2oK%2Buo8DHuBQelrTPyA7Uz9QDTZeUIGvFUlY8tPswcDOnH%2Br5WdPGVmvtZJE6DxG3hg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de952a1a742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30886&min_rtt=29588&rtt_var=983&sent=258&recv=110&lost=0&retrans=0&sent_bytes=244523&recv_bytes=20636&delivery_rate=62100&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3853&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/font-woff
last-modified
Wed, 10 Jun 2020 16:34:59 GMT
vary
Accept-Encoding
priority
u=0,i=?0
robotoslab-regular-webfont.woff2
bankcardsms.hasanjafari1251.workers.dev/fonts/robotoslab-regular/
0
0
Font
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/fonts/robotoslab-regular/robotoslab-regular-webfont.woff2
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYJb1W7ROlHEjdVAYUmGFzFQxbgdzaj%2FC3X7jQS8qzyyQa5%2FZYv6ici6Qo1MGwyjs21dIAmHwkX5uU7I7dJyTtrNN2WQSuLkNS919lyNTVLeVNghFy4vJCVdm0tJoxw1lVHG99fvhjGORhU8DN0yAF09rVuhPJ7psYM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de952a1b742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31729&min_rtt=29588&rtt_var=1521&sent=220&recv=100&lost=0&retrans=0&sent_bytes=205792&recv_bytes=19215&delivery_rate=4848&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3504&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
iconos.woff
bankcardsms.hasanjafari1251.workers.dev/fonts/iconos/
7 KB
8 KB
Font
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/fonts/iconos/iconos.woff?65457552
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e249ce56d4576a96b66899009407aaa9dc740e18aaa62a008fb8eb5aab955a44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"1d5c-5a7bd6ce29740"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEZENJcuD0%2FGNGLL0xqJnZL2CLA2AOYkPZaTzgy7YEhCMFCX9JGCKPtcRyH8o5CkHz24iYI4a4CF12dn3BGA69RUPDOMCOn0lP8gH43zfLnLkpl5SueFELIocRsxI3UiJEbc4eBxe1QdraVe%2BkpNJJxzR%2BXrR1akoMQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de952a1e742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31820&min_rtt=29588&rtt_var=1604&sent=222&recv=103&lost=0&retrans=0&sent_bytes=207094&recv_bytes=19347&delivery_rate=1122180&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3532&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/font-woff
last-modified
Wed, 10 Jun 2020 16:35:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/
492 KB
152 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
etag
1421939719645060458
age
44454
x-content-type-options
nosniff
expires
Mon, 01 Dec 2025 02:26:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 01 Dec 2024 02:26:01 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/
87 B
91 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bankcardsms.hasanjafari1251.workers.dev
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
7e7997c8062a0360a7ce71c0f7a3beafb7911a980adb5cb6565b2e9d44bd23b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
66
date
Sun, 01 Dec 2024 14:46:55 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156500/13793/
274 KB
87 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=164040
content-encoding
gzip
expires
Tue, 03 Dec 2024 12:20:55 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
88884
date
Sun, 01 Dec 2024 14:46:55 GMT
last-modified
Mon, 15 Jul 2024 19:01:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
echo
script.googleusercontent.com/macros/
Redirect Chain
  • https://script.google.com/macros/s/AKfycbyd5AcbAnWi2Yn0xhFRbyzS4qMq1VucMVgVvhul5XqS9HkAyJY/exec?tz=America/Caracas&callback=jQuery21405377636915510533_1733064415460&_=1733064415461
  • https://script.googleusercontent.com/macros/echo?user_content_key=BCY5aGfUCt_hzxW3Ty3XsY27YWajw23qyFub4kVM8Slg0n0b_8wTnHw_Do3RaArg-oFjP3gaTT-h1NRgeLQTrYij4qv4NuDyOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWoj...
274 B
586 B
Script
General
Full URL
https://script.googleusercontent.com/macros/echo?user_content_key=BCY5aGfUCt_hzxW3Ty3XsY27YWajw23qyFub4kVM8Slg0n0b_8wTnHw_Do3RaArg-oFjP3gaTT-h1NRgeLQTrYij4qv4NuDyOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa3yyHzWbGFEItHPvr8Vf9wV-tOgp4HKMJaknxR_EkoqjD61LlwzLHe9q_j9_f45VQzIdATC5zMF1HRVYnt67Q2CQZr8P5LEnvJ6h9Y8h7y-XerrIPQvspQpHfqzMny4vUvzcn0AowRUSbLKSH_luTb-TXKrKsh8AQzzE5nLCo6nzt0jxlANKLpPA4R6jvBPFAw&lib=MwxUjRcLr2qLlnVOLh12wSNkqcO1Ikdrk
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab2faa81caffa4d229a4cbf0c53d1f6f43d988bdfc5351cb5e0b0bc44e418f20
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-security-policy
frame-ancestors 'self'
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:56 GMT
x-xss-protection
1; mode=block
content-type
text/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
GSE
x-frame-options
SAMEORIGIN

Redirect headers

content-security-policy
script-src 'report-sample' 'nonce-i2TVnFvSx_-2ky1F2oWw5Q' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
location
https://script.googleusercontent.com/macros/echo?user_content_key=BCY5aGfUCt_hzxW3Ty3XsY27YWajw23qyFub4kVM8Slg0n0b_8wTnHw_Do3RaArg-oFjP3gaTT-h1NRgeLQTrYij4qv4NuDyOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa3yyHzWbGFEItHPvr8Vf9wV-tOgp4HKMJaknxR_EkoqjD61LlwzLHe9q_j9_f45VQzIdATC5zMF1HRVYnt67Q2CQZr8P5LEnvJ6h9Y8h7y-XerrIPQvspQpHfqzMny4vUvzcn0AowRUSbLKSH_luTb-TXKrKsh8AQzzE5nLCo6nzt0jxlANKLpPA4R6jvBPFAw&lib=MwxUjRcLr2qLlnVOLh12wSNkqcO1Ikdrk
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
538
date
Sun, 01 Dec 2024 14:46:56 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
server
GSE
x-frame-options
SAMEORIGIN
iconos.png
bankcardsms.hasanjafari1251.workers.dev/img/
29 KB
29 KB
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/iconos.png
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/style1.css?ver=1.13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f07cfe8931a5608a1cb198c6747e2a2e88407fce06b79173cb3c9600e5104c72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/style1.css?ver=1.13

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"7297-5fb2e842a8600"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tXQ3sNcgBuz0ln6WsIsivi3QBVpg%2FCWrLyVjdrBJNcNOaDxcgcZRlqWRGJ1lup2j0FEEL2xbyy%2BWPn8yz3kqAHH6uqigpalNpFVHRTj6KGXrS7wirrZmzGjqdNcH21K7Y5ndyR%2F%2FhqXaQ8BmwovRh4XrQ2Wf0LSMcSg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de959aa5742d-MIA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31729&min_rtt=29588&rtt_var=1521&sent=190&recv=100&lost=0&retrans=0&sent_bytes=171343&recv_bytes=19215&delivery_rate=4848&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3492&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
29335
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
image/png
last-modified
Mon, 08 May 2023 13:21:28 GMT
vary
Accept-Encoding
priority
u=3,i
portada_faltante.jpg
mmedia.eluniversal.com/archivos/portada_deu/
17 KB
18 KB
Image
General
Full URL
https://mmedia.eluniversal.com/archivos/portada_deu/portada_faltante.jpg
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.180.146 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns541084.ip-144-217-180.net
Software
nginx /
Resource Hash
14a792da027d83ff5e0624cb70e627556d430ebe1298b61cb40078d2db05f61d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etag
"5c145d7d-454e"
x-proxy-cache
MISS
accept-ranges
bytes
content-length
17742
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
image/jpeg
last-modified
Sat, 15 Dec 2018 01:48:45 GMT
server
nginx
iconos2.png
bankcardsms.hasanjafari1251.workers.dev/img/
608 B
608 B
Image
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/img/iconos2.png
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/style1.css?ver=1.13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e78d66dceb735565164965c6074c76349cc32f6c59d6b275d3bca0a34ccf654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/style1.css?ver=1.13

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=734nTXpaVJadh0wMrsVbt68ZVuv1w0iwWWeFGyPF8SAd2XcU8vhER%2BNkgEmsS3gOwAVVEqGkKXhnXG5fip%2BvnOrIr%2BrDNPaIlQoY8UeI1Dg2MN%2BxQ%2F1Q3YAQilVF6PDnx6VsvwUfch%2FFRXDE1CPqRfEhru%2BoqliOXSM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de959aa6742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31068&min_rtt=29588&rtt_var=1166&sent=256&recv=108&lost=0&retrans=0&sent_bytes=243216&recv_bytes=20546&delivery_rate=738539&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3596&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
Roboto-Light-webfont.woff
bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-light/
0
0
Font
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-light/Roboto-Light-webfont.woff
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFv7HeF4Spz7MGt8DjVmXDl7To1ek9O7l5CaQLuzTPT%2FyMUuYMg4wzsOcpNxG9R14iRmuQ9AWu%2FX%2FFew08UYoimnBVc%2F7l1XBvAhs3UzB24cgsMFI6nEgSka13N8bEkDAu5bO8Z%2BCuK3R3aMC3GM%2Fcgaf3qUI16LN28%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de959ab0742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31578&min_rtt=29588&rtt_var=1687&sent=231&recv=104&lost=0&retrans=0&sent_bytes=215568&recv_bytes=19885&delivery_rate=1164593&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=3557&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
adx
pubads.g.doubleclick.net/gampad/
2 B
35 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/1014896/geoip&sz=88x31&tile=2&dpt=1&c=7473561733064677832
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f157.1e100.net
Software
cafe /
Resource Hash
9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
google-lineitem-id
4496850449
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 01 Dec 2024 14:46:55 GMT
content-type
text/html; charset=UTF-8
google-creative-id
138217649462
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
6
x-xss-protection
0
server
cafe
t
jadserve.postrelease.com/
267 B
717 B
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.49.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-49-12.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
966a8421df082b4dfde5790dbb6174025661a8a33976e431f8a4a7207e19dc90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
194
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
text/javascript;charset=UTF-8
server
nginx
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH3B5L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
age
5062
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 15:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 13:22:33 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
www.eluniversal.com.js
tags.newdreamglobal.com/admanager/cfg/2.0.0/
50 KB
6 KB
Fetch
General
Full URL
https://tags.newdreamglobal.com/admanager/cfg/2.0.0/www.eluniversal.com.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f8a5483031ccefbea09c7f1ef226ed1551ab3e85afe97b925e9353c191c092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

etime
0.0001 s
access-control-max-age
1728000
access-control-expose-headers
Server, Content-Length, Content-Range, Date
x-host
www.eluniversal.com
cf-cache-status
MISS
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=010AbbPMyjyUWzhSH2P%2FFneBQO%2Bf7kiYnhwWc7Gj8DQ56TSBMhmRQEojMWSeOSRymRoGjJop%2B76up05XBpbeG8QSCJgiMeLYc4p%2FJxBKR2oEt%2Fd5j3ewss38EmeW%2B7LSfcNOiTegTolqhg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,HEAD,DELETE,PUT
expires
Sun, 01 Dec 2024 14:51:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33568&min_rtt=30393&rtt_var=11063&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2185&recv_bytes=4256&delivery_rate=505&cwnd=12000&unsent_bytes=0&cid=8f5d661d08c18ca9&ts=182&x=1", cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/json
last-modified
Sun, 01 Dec 2024 14:46:56 GMT
x-server
ndg-grey-goose
access-control-allow-headers
DNT,X-CustomHeader,Origin,Keep-Alive,User-Agent,Content-Type, Accept,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Pragma
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cache-control
max-age=300, s-maxage=1800, must-revalidate, stale-while-revalidate=300, stale-if-error=600
x-service
2.0.0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8eb3de97de1ca68f-MIA
access-control-allow-origin
*
server
cloudflare
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&domain=bankcardsms.hasanjafari1251.workers.dev&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=CS55dXxUelR4T3p5WXp6b2Z2Z0V3RlpZV2lYTlVwSEIyNXpDVkxOVkNxYVpBUFZUZEViWTJpK2NJOE16SzZic2NkL2tnSjU1UGp3azhFOWJuMDFzS3JWWm5rSXRObkpzNmRUazJ1elVrYlZxNGFEUzhPdzZIVDY4MkdRcG...
418 B
1003 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=CS55dXxUelR4T3p5WXp6b2Z2Z0V3RlpZV2lYTlVwSEIyNXpDVkxOVkNxYVpBUFZUZEViWTJpK2NJOE16SzZic2NkL2tnSjU1UGp3azhFOWJuMDFzS3JWWm5rSXRObkpzNmRUazJ1elVrYlZxNGFEUzhPdzZIVDY4MkdRcGNTZ2dJZ1oxR2ExK3c2eDFjM1VabTN0YS9TTWZ0aXhqQmpvYnFMNi9PQm5jL2RSSXpnUVBmU0VSM2NlbmtaR3lYVmlQS1JDY0VGSENUU3VCVVB2anJPblFzZURaTXg3OGsyOTNBL0J2U0ZEUG00MVkxa1Y2akVuK3g0ajdUOHAxd2lBTEdMQS96aU5MVk1DbDJvbmgzcFdZQWk4Z25PdWZ0QVpuT3l4LzQwQllValM2djRHaz18&cppv=2
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0ec253fbc9eccd73fabf70a10b23ba41678c0be534194a71d070dd28eefb51a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
455352
expires
0
access-control-allow-origin
null
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=CS55dXxUelR4T3p5WXp6b2Z2Z0V3RlpZV2lYTlVwSEIyNXpDVkxOVkNxYVpBUFZUZEViWTJpK2NJOE16SzZic2NkL2tnSjU1UGp3azhFOWJuMDFzS3JWWm5rSXRObkpzNmRUazJ1elVrYlZxNGFEUzhPdzZIVDY4MkdRcGNTZ2dJZ1oxR2ExK3c2eDFjM1VabTN0YS9TTWZ0aXhqQmpvYnFMNi9PQm5jL2RSSXpnUVBmU0VSM2NlbmtaR3lYVmlQS1JDY0VGSENUU3VCVVB2anJPblFzZURaTXg3OGsyOTNBL0J2U0ZEUG00MVkxa1Y2akVuK3g0ajdUOHAxd2lBTEdMQS96aU5MVk1DbDJvbmgzcFdZQWk4Z25PdWZ0QVpuT3l4LzQwQllValM2djRHaz18&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
228378
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
0
date
Sun, 01 Dec 2024 14:46:55 GMT
server
Kestrel
prebid
id5-sync.com/api/config/
194 B
688 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP="CAO PSA OUR"
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/
75 B
836 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id?c=17207
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.175.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-175-96.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c17208d7d8d1e719d27778df90299f855b6aa82dc576ee5820fe2ab525b42620

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
75
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/json;charset=utf-8
x-server
10.40.4.97
server
Jetty(9.4.38.v20210224)
rid
match.adsrvr.org/track/
109 B
581 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
7cb36f8468c1afda927bafec4d5707fefca52996cd385931d6ddda353cf47b29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Tue, 31 Dec 2024 14:46:56 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
collect
www.google-analytics.com/j/
15 B
451 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=772204754&t=pageview&_s=1&dl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&ul=en-us&de=UTF-8&dt=EL%20UNIVERSAL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=209025308&gjid=363461662&cid=988364793.1733064416&tid=UA-344727-40&_gid=2113019506.1733064416&_slc=1&gtm=45He4bk0n71MH3B5Lza200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=367228283
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c8ee659a7b202046658e2929dfb663eebc5d7a54506f324251f1d1ce8928fb21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/
1 B
663 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-344727-40&cid=988364793.1733064416&jid=209025308&gjid=363461662&_gid=2113019506.1733064416&_u=YGBAgAABAAAAAG~&z=2139961548
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
wl
t.pubmatic.com/
17 B
199 B
Fetch
General
Full URL
https://t.pubmatic.com/wl?pubid=156500
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
17
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
text/plain; charset=utf-8
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&domain=bankcardsms.hasanjafari1251.workers.dev&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 01 Dec 2024 14:46:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
190437
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
278 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8TWDKV9V2E&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c1cfa7996e39c5498a0ee11cb95b7193ac5e95641a50f0a7d9a353a2c7076c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 01 Dec 2024 14:46:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99955
x-xss-protection
0
server
Google Tag Manager
robotoslab-regular-webfont.woff
bankcardsms.hasanjafari1251.workers.dev/fonts/robotoslab-regular/
29 KB
29 KB
Font
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/fonts/robotoslab-regular/robotoslab-regular-webfont.woff
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a070eaea6a65fc9bc950eed067ef3f392f18af000859367a57358785ca3f6a80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"7298-5a7bd6cd35500"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2liJWaYG1JT6LrySlKeNJBBsg1AFSEVRg%2FYHh1bPkPHR1ST3K4WyV%2FRYOfJGzna1LZ%2BR7rPkLR9pXNEv61FVBuHV%2Be8gJa13JVQoOayph%2ByAQ6ix1xeY%2B4gGwvlBjOJOdpV3625QP4CMt%2B8ubhk8BRF1PqYdTGa80A0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de9a08a6742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30933&min_rtt=29588&rtt_var=643&sent=281&recv=113&lost=0&retrans=0&sent_bytes=270654&recv_bytes=20769&delivery_rate=856606&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=4430&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:57 GMT
content-type
application/font-woff
last-modified
Wed, 10 Jun 2020 16:35:00 GMT
vary
Accept-Encoding
priority
u=0,i=?0
Roboto-Light-webfont.ttf
bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-light/
45 KB
25 KB
Font
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-light/Roboto-Light-webfont.ttf
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42690b60d8bfa99abf8bd783c5d767757f7e0f6a0a760cf0543e93d9c81d2c85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/css/fonts2.css?ver=1.0

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"b338-5a7bd6ce29740"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuqYqxaiHWnu3FB4zsVz5qgI%2F%2B3ZbKejXuXiHsqlYSiKLPTftHc0uiJMe7J8D0Sh2o9Tu5gH8Q9drFpxa3wFhPrprkJ5eWABiM7A615BSRrBglJB6FCl7x9W8PA2aHOZavvLidXZW3r5hipvUspW3FCu53E94D4B9JQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3de9a6906742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31158&min_rtt=29588&rtt_var=625&sent=308&recv=116&lost=0&retrans=0&sent_bytes=301425&recv_bytes=20904&delivery_rate=974325&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=5446&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/font-sfnt
last-modified
Wed, 10 Jun 2020 16:35:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
topics.html
postrelease.com/iframes/ Frame 44E2
0
0
Document
General
Full URL
https://postrelease.com/iframes/topics.html
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://bankcardsms.hasanjafari1251.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
582
content-type
text/html
date
Sun, 01 Dec 2024 14:46:56 GMT
etag
"ec22fdd2cd0ccf11c7761864efa96c06"
last-modified
Fri, 15 Mar 2024 21:34:47 GMT
server
AmazonS3
x-amz-id-2
PJMVcm79y+ABiBVttHzys5qKUmmzsMJRzkQriF6ycMDH8j91KQKOzknNcQkuUSDopCbHRUz6qqY=
x-amz-request-id
DMX61KD2BS4N02E0
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8TWDKV9V2E&gtm=45je4bk0v9125457649za200&_p=1733064415471&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=988364793.1733064416&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&dt=EL%20UNIVERSAL&sid=1733064416&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3738
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TWDKV9V2E&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.100 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
text/plain
server
Golfe2
v1
lb.eu-1-id5-sync.com/lb/
45 B
311 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7774ec31c78588962b254cf1058d954148d9a248372fb0a209eca8a4cf59da79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=CS55dXxUelR4T3p5WXp6b2Z2Z0V3RlpZV2lYTlVwSEIyNXpDVkxOVkNxYVpBUFZUZEViWTJpK2NJOE16SzZic2NkL2tnSjU1UGp3azhFOWJuMDFzS3JWWm5rSXRObkpzNmRUazJ1elVrYlZxNGFEUzhPdzZIVDY4MkdRcGNTZ2dJZ1oxR2ExK3c2eDFjM1VabTN0YS9TTWZ0aXhqQmpvYnFMNi9PQm5jL2RSSXpnUVBmU0VSM2NlbmtaR3lYVmlQS1JDY0VGSENUU3VCVVB2anJPblFzZURaTXg3OGsyOTNBL0J2U0ZEUG00MVkxa1Y2akVuK3g0ajdUOHAxd2lBTEdMQS96aU5MVk1DbDJvbmgzcFdZQWk4Z25PdWZ0QVpuT3l4LzQwQllValM2djRHaz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 01 Dec 2024 14:46:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
185528
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
portada_deu_20241201.jpg
mmedia.eluniversal.com/archivos/portada_deu/
0
0

429.json
id5-sync.com/g/v2/
633 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/429.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
4c8f6ccb1edd844c1d4380b9cfc6aa83efe1e0d9342d55b2934d1e4332616cfb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP="CAO PSA OUR"
date
Sun, 01 Dec 2024 14:46:56 GMT
content-type
application/json
vary
Origin
eu.js
tags.newdreamglobal.com/fc/
10 KB
5 KB
Script
General
Full URL
https://tags.newdreamglobal.com/fc/eu.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5607580d9595cb7f60517c16f6ae14d3a68d421e3722f437d1c8ad670e3d5a2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5f7f356b-260d"
age
16745
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsFruxw3d9quFh1wGDFam4EnlvbJl7Nm1HhjcV2lbMigtLBZd6OgL%2F5T3R8QdJ%2BYMGt%2BDRjdIXD18sXllZQwrrJSjHJCq1qxzr%2FOyaZjdsHw3EN0KzkNLD%2FdzhAmTiLwhDugR5oTuzRmhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3dea658c131e6-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31396&min_rtt=29272&rtt_var=2323&sent=50&recv=30&lost=0&retrans=0&sent_bytes=47479&recv_bytes=5536&delivery_rate=683439&cwnd=27600&unsent_bytes=0&cid=c1e39110d6098848&ts=2768&x=1", cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript
last-modified
Thu, 08 Oct 2020 15:51:07 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
bankcardsms.hasanjafari1251.workers.dev/
564 B
832 B
Other
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shdoNWjWrf5FfHW8gZnvpFBBW3yRgClCeV04o4Z%2Fv3j1tmQa1v%2BnOSlVThFk9CRuT%2BGd%2BkXtmkYZ%2FpR6FIf5WYM3hrteWHfwuvPuJFPtXP5lAa91jBOwxnDH%2Bec0VkaAuXBxM4Os2OZsUMFOCSdumW4APydzeerErKA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3dea6683f742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36922&min_rtt=29588&rtt_var=8936&sent=333&recv=121&lost=0&retrans=0&sent_bytes=327924&recv_bytes=23156&delivery_rate=544890&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=6262&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
AGSKWxXfF81L9FlIshauc387SSWyGTnxvjDczhNACGMreHj8PHYwYEzDzQnDnMXi8u42kWU8r2YmX9mU5TDXzye9n3M=
fundingchoicesmessages.google.com/f/
25 KB
11 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXfF81L9FlIshauc387SSWyGTnxvjDczhNACGMreHj8PHYwYEzDzQnDnMXi8u42kWU8r2YmX9mU5TDXzye9n3M=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/fc/eu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db5c06bb7f5858662f70e077be07ac7987d2ea993a1a5057d06abdeb7581ebd6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RQhJY1ZVz-Vd6VaObOXz5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj0duNu9gEZiz4OoVJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQ0NBSz8AwvsAAAPF-Pcw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RQhJY1ZVz-Vd6VaObOXz5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
prebid9.12.0.js
tags.newdreamglobal.com/admanager/
419 KB
160 KB
Script
General
Full URL
https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6395ab1f23a1253c07e42753ea9a6d5a6fcd0c6ca4df437a001cc4174f23a6ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670d4fbe-68aac"
age
2809
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwYDhDVYqFcDEN9Uxns0G6AIcYU9WPB%2FY93bMPx9HFcRnYWtsIzHTg8QuVb6lM5kMxKAGYJeVFygIGhK6Dv0X8Ner3pky7zaGVsR0fgBY3zbzqnmiJDxC%2FDScToV45qvd03lBn4ZUumMDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3dea6c94731e6-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30851&min_rtt=29272&rtt_var=1798&sent=56&recv=33&lost=0&retrans=0&sent_bytes=53015&recv_bytes=5924&delivery_rate=2100&cwnd=27600&unsent_bytes=0&cid=c1e39110d6098848&ts=2830&x=1", cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 17:07:10 GMT
vary
Accept-Encoding
server
cloudflare
dd72f6e75c85ac22b0adf58cf2604cdb.js
scripts.cleverwebserver.com/
90 KB
22 KB
Script
General
Full URL
https://scripts.cleverwebserver.com/dd72f6e75c85ac22b0adf58cf2604cdb.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7166614e6ccb6484695ee26204ccc3036e10b6563e3a7b89c46769f4b11c36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=1800
content-encoding
br
cf-cache-status
HIT
etag
W/"2547d1bb83c5891b44dfb93c04f73814"
x-amz-version-id
N7MMCdicdoxrcEH3Tx9YPljjaqlkt6LX
x-amz-request-id
BR0R9D3B62K218XS
expires
Sun, 01 Dec 2024 15:16:58 GMT
cf-ray
8eb3dea78caa8dc7-MIA
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript
last-modified
Wed, 27 Nov 2024 10:43:12 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
EEaSOmAQ3pFfLpt2fau3Fc5HwBGX8OSQ2HvAA4otsRvHwKEK7ZCWZE6Y7gEAEyQrNC1f+q6qyjE=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2665000277262253
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f157.1e100.net
Software
cafe /
Resource Hash
3fd20e011c595b33298ad7ad1e1a727043253c1b1c30b562f124fab03af0c0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
etag
8112426834458835459
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53358
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
323 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EKR7DSLH6Q
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d18d411ff2621a54511e63937b7b8ad861c520a948729843ec3081eebdb00356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 01 Dec 2024 14:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109700
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
323 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EKR7DSLH6Q&l=dataLayer&cx=c&gtm=45He4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH3B5L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d1ae8d97ada2e0f1e617d2732a878365f77a0d5643c5c12fdd24d6dc4340d45a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 01 Dec 2024 14:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109762
x-xss-protection
0
server
Google Tag Manager
smart.js
ced.sascdn.com/tag/2826/
64 KB
22 KB
Script
General
Full URL
https://ced.sascdn.com/tag/2826/smart.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.218.157 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-218-157.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e44b440e32cbf1fb87df04971dc49047ac778e78721f2d208a06f23ebebd50bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Cache-Control
public, max-age=7200
Content-Encoding
gzip
Connection
keep-alive
Expires
Sun, 01 Dec 2024 16:46:58 GMT
Content-Length
22651
Date
Sun, 01 Dec 2024 14:46:58 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
eluniversalve_17710.js
ads.vidoomy.com/
5 KB
2 KB
Script
General
Full URL
https://ads.vidoomy.com/eluniversalve_17710.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
/
Resource Hash
936fc37d70f468cebf39bea119a37ecfa8fa7031a2dd75cd233efd5b1f13b84c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=3600
tp-cache
hit
content-encoding
gzip
age
1432
accept-ranges
bytes
content-length
2155
date
Sun, 01 Dec 2024 14:23:06 GMT
content-type
application/javascript
vary
, Accept-Encoding
tag
bankcardsms.hasanjafari1251.workers.dev/%20//a.teads.tv/page/117397/
78 KB
17 KB
Script
General
Full URL
https://bankcardsms.hasanjafari1251.workers.dev/%20//a.teads.tv/page/117397/tag
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94822b74d45de47c1ab78238b436ce16a0043e4220d58c08da3ba70e4beb1a2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVFUVtPjaSNSRi8fVMjHDR7yttHACFDLnlBhgP398F3of8hfwqWDMAHO9OHPeiLvanJcj2seiBGg4g2fpYljczjk6jzP%2BG1tS5RG%2BnIWBviac9WSlNiiNF0ogU4bqQhVffn9uth%2BU%2FQDQwfBnVL9mXmd%2BH1JVbNFMI0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3dea6d8c4742d-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42639&min_rtt=29588&rtt_var=19788&sent=335&recv=123&lost=0&retrans=1&sent_bytes=329645&recv_bytes=23246&delivery_rate=2016&cwnd=55200&unsent_bytes=0&cid=3980baa025a879c4&ts=6436&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
newdream.eluniversal.com.1081107.js
jsc.mgid.com/n/e/
30 KB
10 KB
Script
General
Full URL
https://jsc.mgid.com/n/e/newdream.eluniversal.com.1081107.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
197d03bb80cacf072a01054a2cb749c3db7e110284f8203fb77c429a28e7b2dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-cntry
content-encoding
gzip
cf-cache-status
HIT
etag
"962e9e542c2292481950d031568bbe94"
x-amz-version-id
EDgcfZi94.dTo9ueb2QbtZXbl1YVV3MQ
age
5235
expires
Sun, 01 Dec 2024 17:46:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 14:32:42 GMT
vary
Accept-Encoding
x-amz-id-2
+bL3GLsU2xr/Z+uVzrRhHI2Q2w5bP1uUral6eMUmz81OOUHYfhp89YPt+P/XN1A9lgbVlA3YZXU=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=10800
x-cntry
US
x-amz-request-id
E4QBBCFNHKV50ATS
cf-ray
8eb3dea75da674ba-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
9517
server
cloudflare
x-amz-server-side-encryption
AES256
gtsur.newglobal.dfp1.2.0.min.js
tags.newdreamglobal.com/viewability/ Frame A204
15 KB
5 KB
Script
General
Full URL
https://tags.newdreamglobal.com/viewability/gtsur.newglobal.dfp1.2.0.min.js?v=1.1.4.3
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5078fe3251e3f037b896dffa0fbbfdc2450d21ac8da9e3794f77aed7a1a7918

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"61d6e9ce-3c9f"
age
34925
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRcjCn%2BasAla5z4aDSfuIn7HwKtkNiyLXIcZ%2F3je3pvllONsWZ8927oI9l%2FOzXQ9wCYAAC3Td4rr43hpprGeZB5C62WxPQWYNriCN%2BN0rVRE53HF6V%2Bfe7Dl7mn9Eg2KFFcY6oiRBD0ONA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3dea6d95e31e6-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30851&min_rtt=29272&rtt_var=1798&sent=80&recv=34&lost=0&retrans=0&sent_bytes=80639&recv_bytes=6265&delivery_rate=2100&cwnd=27600&unsent_bytes=0&cid=c1e39110d6098848&ts=2845&x=1", cfHdrFlush;dur=15
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript
last-modified
Thu, 06 Jan 2022 13:08:30 GMT
vary
Accept-Encoding
server
cloudflare
gpt.js
www.googletagservices.com/tag/js/ Frame A204
107 KB
0
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce652a6f02f6574375e69db7945de0f0d95bfce9f7f83f7649a5a455f4d6d4da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
etag
312 / 20058 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 01 Dec 2024 14:46:54 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33296
x-xss-protection
0
server
cafe
si
capi.connatix.com/tr/
0
289 B
Image
General
Full URL
https://capi.connatix.com/tr/si?token=e66b6ac5-463e-4222-8048-3ae55aeb6fc9&cid=2d62645b-75aa-49ae-abd1-05c8196bf932
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8eb3dea7adf4a4d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
connatix.player.js
cd.connatix.com/ Frame C96E
2 KB
1 KB
Script
General
Full URL
https://cd.connatix.com/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ad0f93d95c5eba26fbf83e44e895d1cedcd144c921494debc4da6e5ef4a9ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
cf-ray
8eb3dea7ecac21df-MIA
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ Frame A204
492 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
etag
1421939719645060458
age
44454
x-content-type-options
nosniff
expires
Mon, 01 Dec 2025 02:26:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 01 Dec 2024 02:26:01 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame A204
87 B
0
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bankcardsms.hasanjafari1251.workers.dev
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
7e7997c8062a0360a7ce71c0f7a3beafb7911a980adb5cb6565b2e9d44bd23b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
66
date
Sun, 01 Dec 2024 14:46:55 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ngb_hb45.js
tags.newdreamglobal.com/service/
72 KB
12 KB
Script
General
Full URL
https://tags.newdreamglobal.com/service/ngb_hb45.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.67.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffaec73d73ed15dda2c238d56d1aab8c09b7c496f0282c820c348866d5ae024b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=600, s-maxage=3600, stale-while-revalidate=3600, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6748a72c-11ffc"
age
1304
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3ZPGAdfmQCrV0wbsaiEkjs%2FL9NoFDknqUISBdFZIvd5lEAoPPqCNG9ZFhtsvcdCMCY4dFIe2dP7O9yvUDfC0kAWbLnavdhprliW%2BwAl8DQcKQ%2FsdOwG9PDDriTYzFQPmW5w6PIZ4PLT2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3dea87bbb31e6-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33110&min_rtt=29272&rtt_var=1305&sent=204&recv=70&lost=0&retrans=0&sent_bytes=225977&recv_bytes=8107&delivery_rate=2300620&cwnd=108000&unsent_bytes=0&cid=c1e39110d6098848&ts=3099&x=1", cfHdrFlush;dur=0
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 17:23:56 GMT
vary
Accept-Encoding
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2665000277262253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
037107d3308c52c6cf446467999c91b8307b71cfb872a431b5041c925650173d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
etag
6537868033560086174
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147622
x-xss-protection
0
server
cafe
newdream.eluniversal.com.1081107.es6.js
jsc.mgid.com/n/e/
340 KB
103 KB
Script
General
Full URL
https://jsc.mgid.com/n/e/newdream.eluniversal.com.1081107.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newdream.eluniversal.com.1081107.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676e6d305cf451325f19e9f7566cd656090f23b9d7ae54e9032601c3d395ce44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-cntry
content-encoding
gzip
cf-cache-status
HIT
etag
"c98c478a7be9d8470fb5b4598dfc48e6"
x-amz-version-id
DC4G03oiwAHwlW.RD2iyvg612QslHPBi
age
1470
expires
Sun, 01 Dec 2024 17:46:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 14:32:41 GMT
vary
Accept-Encoding
x-amz-id-2
isej0+/A+tAJ4iR2f8ArsNcAaNWvdmBsIZZWhtRujMkOw29B+DOX61etnydidTdJBFM1pTh55dZQmCznpAu3eaBqRk7pRHw02TKSEoFywxU=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=10800
x-cntry
US
x-amz-request-id
CGGSJZAVRB2QAABN
cf-ray
8eb3dea88f87a683-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
104317
server
cloudflare
x-amz-server-side-encryption
AES256
elLoader.js
cds.connatix.com/p/546605/ Frame C96E
4 KB
2 KB
Script
General
Full URL
https://cds.connatix.com/p/546605/elLoader.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d2cb5e64e2d1fdbd312d724e5d49359a55a2d90373099d56d83853e2e5385a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"46c90962f6cc76b8f0423bac8f97f84c"
x-amz-version-id
fpkyxfSZcPMz57gzfBHRhST9oATEwjnL
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:19 GMT
x-amz-expiration
expiry-date="Wed, 18 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3dea96d695c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1359
server
cloudflare
topics.js
ced-ns.sascdn.com/diff/js/modules/
10 KB
4 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/modules/topics.js
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2826/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:2a::17da:da14 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
"b5228c416b8e80db61b64afe15dbdd77:1727944397.510969"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3341
Date
Sun, 01 Dec 2024 14:46:58 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 03 Oct 2024 08:30:16 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
/
ui.cleverwebserver.com/
204 B
410 B
Script
General
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: scripts.cleverwebserver.com
URL: https://scripts.cleverwebserver.com/dd72f6e75c85ac22b0adf58cf2604cdb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1faf12abe8a9abadd1dfee60ce21de3f95f5f49b0f2ced305ea2a90302425a34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray
8eb3dea91e988dc7-MIA
access-control-allow-origin
*
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript
server
cloudflare
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EKR7DSLH6Q&gtm=45je4bk0v9132200703za200&_p=1733064415471&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=988364793.1733064416&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733064418&sct=1&seg=0&dl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&dt=EL%20UNIVERSAL&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6001
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EKR7DSLH6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.100 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
text/plain
server
Golfe2
apstag.js
c.amazon-adsystem.com/aax2/
345 KB
85 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/service/ngb_hb45.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"812ceba01127f3bf5aede260eaddcd29"
age
3128
via
1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront), 1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
aDDgdfFxAhRpyIDbaUQzWCIncK8eJGo2yz48GVPQHN6K6BXfg5rxcQ==
date
Sun, 01 Dec 2024 13:54:51 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:07 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
x-amz-server-side-encryption
AES256
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 74A6
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bankcardsms.hasanjafari1251.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28994
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 14:38:46 GMT
expires
Sun, 01 Dec 2024 15:28:46 GMT
last-modified
Mon, 18 Nov 2024 20:43:40 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adagio.js
script.4dex.io/a/latest/
61 KB
19 KB
Script
General
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34bc72811f208b5c16bc07739eab6e7aca69b1f191d1b83a38ac924154bdf2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"10a01d2a2318722bba6213f0fa7cdfc3"
Age
769072
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vv6CI3DVWO70%2FF8s6I7tQKqfJ%2FdW1MUivOF%2FpJgFxDmXBqQdkdL2V5cw96wDt%2Blceu1HxvVUzKpfkQWuI%2FWUnJJG3phUnfj9%2FUpoQNiyOBTiBY3A%2B7FuDAZs76kKY6lo%2Bso54y31Z1n%2FzkK7"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=29385&min_rtt=29354&rtt_var=6226&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3496&recv_bytes=2327&delivery_rate=132158&cwnd=252&unsent_bytes=0&cid=d644a4d04774e4eb&ts=80&x=0"
Date
Sun, 01 Dec 2024 14:46:58 GMT
Content-Type
application/javascript
Last-Modified
Fri, 22 Nov 2024 16:59:32 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8eb3dea9eef55c70-MIA
Server
cloudflare
bid
ap.lijit.com/rtb/
24 B
378 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.12.0
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.197.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-197-195.compute-1.amazonaws.com
Software
/
Resource Hash
70a815c13afba8d66c57f19fdf1d7d2045e1d4963bbcb649086865f41cc55a4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
24
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
prebid
mp.4dex.io/
0
582 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

x-version
3.0.0-gcp-las
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Parsing the Prebid Request. parseadrequest adrequest and manager domains do not match
access-control-allow-credentials
true
via
1.1 google
cf-ray
8eb3dea9fd0f9aec-MIA
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
date
Sun, 01 Dec 2024 14:46:58 GMT
vary
Origin, Accept-Encoding
server
cloudflare
x-warn
Parsing the Prebid Request. domain_invalid
pbjs
htlb.casalemedia.com/openrtb/
37 B
705 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=554346
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a5abba35b9857ab2bbe2d64dc99733fec51f2c65addd2cc246801b87414746

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZppgOYDslWmScsAtjz%2FVAEjMid%2B6lVxmv0RELn%2FTfCgsPvDaxnihcn2Ukq62CeMeiJp1KRph02ccxq3xDo%2BKPATAJtZl16yxOmTZF0vMp0P3zULn0DBY33fK0eQF4fY4pStDaQNm"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8eb3deaa1f6a8da3-MIA
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
37
server
cloudflare
v1
prg.smartadserver.com/prebid/
1 KB
2 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.152.193 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip193.ip-135-148-152.us
Software
/
Resource Hash
7777455901b2016f450d31ab59d107c9090731790538c60e4bc50b8cae066f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/
1 KB
2 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.152.193 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip193.ip-135-148-152.us
Software
/
Resource Hash
fb4105da1425312b6ce29bee1f2f15fa79ff653149602d36f9d23debe4b7a5b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/
1 KB
2 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.152.193 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip193.ip-135-148-152.us
Software
/
Resource Hash
2870681d55d58474a42d04d90ecf575a271dfd2fa4bb93e8b1c8cde867f9dbe9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
adjson
ads.betweendigital.com/
2 B
912 B
Fetch
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-encoding
gzip
content-type
application/json
vary
Accept-Encoding
access-control-allow-credentials
true
hb
hb.undertone.com/
0
556 B
Fetch
General
Full URL
https://hb.undertone.com/hb?pid=3636&domain=workers.dev
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.73.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-73-15.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 c9bb4fe0eab749aeaa806c8ad0ce55e0.cloudfront.net (CloudFront)
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
x-amz-cf-id
d80mQvTOdxSOnK-ltHOlQ625xKwlsZPEISh-4DkVizdlf8kMmaHo-A==
date
Sun, 01 Dec 2024 14:46:59 GMT
x-amz-cf-pop
JFK50-P9
prebid
ib.adnxs.com/ut/v3/
39 KB
9 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
56afd535ef65488d2542eaea94613270c9b7125ea5961760c21e256bf8d022dc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
an-x-request-uuid
8f5a4ea0-7bbf-4957-8311-640858c92ff6
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sun, 01 Dec 2024 14:46:59 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
c
prebid.a-mo.net/a/
1 KB
1 KB
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
125.253.89.182 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
envoy /
Resource Hash
c7bcb31c4e035377e2897b510ba323d68506b2f1a7ce4c49bc6be10a8b02f399

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
62
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
531
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
bid-request
a.teads.tv/hb/
16 B
534 B
Fetch
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Sun, 01 Dec 2024 14:46:59 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
42
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json
vary
Accept-Encoding
/
ghb.adtelligent.com/v2/auction/
0
0

imp
g2.gumgum.com/hbid/
2 B
264 B
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.12.0&lt=1733064418798&to=600&aun=ngb_si1611&pubcid=7c1514c5-f439-4d22-9dc4-9656b01ddfa0&gpid=%2F21712171430%2Fbox4_p&maxw=300&maxh=250&si=80726&pi=3&bf=300x250&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&tpl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.12.0%22%7D&ogu=null&ns=10240
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.11.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-11-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
2
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/
2 B
263 B
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.12.0&lt=1733064418798&to=600&aun=ngb_si1533&pubcid=7c1514c5-f439-4d22-9dc4-9656b01ddfa0&gpid=%2F21712171430%2Fbox2_p&maxw=300&maxh=600&si=80726&pi=3&bf=300x600&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&tpl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.12.0%22%7D&ogu=null&ns=10240
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.11.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-11-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
2
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/
2 B
263 B
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.12.0&lt=1733064418798&to=600&aun=ngb_si1531&pubcid=7c1514c5-f439-4d22-9dc4-9656b01ddfa0&gpid=%2F21712171430%2Fflat2_p%23ngb_si1531&maxw=728&maxh=90&si=80732&pi=3&bf=728x90&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&tpl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.12.0%22%7D&ogu=null&ns=10240
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.11.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-11-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
2
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/
2 B
263 B
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.12.0&lt=1733064418798&to=600&aun=ngb_si1530&pubcid=7c1514c5-f439-4d22-9dc4-9656b01ddfa0&gpid=%2F21712171430%2Fflat1_p&maxw=970&maxh=90&si=80733&pi=3&bf=970x90%2C728x90&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&tpl=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.12.0%22%7D&ogu=null&ns=10240
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.11.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-11-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
2
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json;charset=UTF-8
server
nginx
prebid
prebid.media.net/rtb/
32 B
595 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU97DM39
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
62
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Sun, 01 Dec 2024 14:46:58 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json;charset=utf-8
server
envoy
/
shb.richaudience.com/hb/
0
190 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.35.94 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
94-35-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
/
shb.richaudience.com/hb/
0
190 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.35.94 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
94-35-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
/
shb.richaudience.com/hb/
0
190 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.35.94 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
94-35-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
/
shb.richaudience.com/hb/
0
190 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.35.94 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
94-35-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
/
shb.richaudience.com/hb/
0
191 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.35.94 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
94-35-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
prebid
ib.adnxs.com/ut/v3/
803 B
1022 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
715397efee49a889fd7e0813dde253d66e5e27cdf7732d0a652377d861cd6aeb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
an-x-request-uuid
c068c8d0-1b3b-4dca-87e7-07d9a185a1f7
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sun, 01 Dec 2024 14:46:58 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
/
d.vidoomy.com/api/rtbserver/prebid/
0
389 B
Fetch
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15108&adtype=banner&auc=ngb_si2901&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=89a2f803d3e832f&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c1514c5-f439-4d22-9dc4-9656b01ddfa0%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=workers.dev&sp=https%253A%252F%252Fbankcardsms.hasanjafari1251.workers.dev%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://bankcardsms.hasanjafari1251.workers.dev
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
text/plain
Server
nginx
Access-Control-Allow-Headers
*
/
d.vidoomy.com/api/rtbserver/prebid/
0
389 B
Fetch
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15108&adtype=banner&auc=ngb_si1611&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=90249423721d057&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c1514c5-f439-4d22-9dc4-9656b01ddfa0%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=workers.dev&sp=https%253A%252F%252Fbankcardsms.hasanjafari1251.workers.dev%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://bankcardsms.hasanjafari1251.workers.dev
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
text/plain
Server
nginx
Access-Control-Allow-Headers
*
/
d.vidoomy.com/api/rtbserver/prebid/
0
389 B
Fetch
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15108&adtype=banner&auc=ngb_si1573&w=930&h=147&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=9143125b8afc702&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c1514c5-f439-4d22-9dc4-9656b01ddfa0%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=workers.dev&sp=https%253A%252F%252Fbankcardsms.hasanjafari1251.workers.dev%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://bankcardsms.hasanjafari1251.workers.dev
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
text/plain
Server
nginx
Access-Control-Allow-Headers
*
/
d.vidoomy.com/api/rtbserver/prebid/
0
389 B
Fetch
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15108&adtype=banner&auc=ngb_si1531&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=927d62b035c9f63&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c1514c5-f439-4d22-9dc4-9656b01ddfa0%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=workers.dev&sp=https%253A%252F%252Fbankcardsms.hasanjafari1251.workers.dev%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://bankcardsms.hasanjafari1251.workers.dev
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
text/plain
Server
nginx
Access-Control-Allow-Headers
*
/
d.vidoomy.com/api/rtbserver/prebid/
0
389 B
Fetch
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15108&adtype=banner&auc=ngb_si1530&w=970&h=90&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=93f6a10791a3e61&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c1514c5-f439-4d22-9dc4-9656b01ddfa0%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=workers.dev&sp=https%253A%252F%252Fbankcardsms.hasanjafari1251.workers.dev%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://bankcardsms.hasanjafari1251.workers.dev
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
text/plain
Server
nginx
Access-Control-Allow-Headers
*
/
d.vidoomy.com/api/rtbserver/prebid/
0
389 B
Fetch
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15108&adtype=banner&auc=ngb_si1153&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=94c2174493a96dd&schain=1.0%2C1!newdreamglobal.com%2C10%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c1514c5-f439-4d22-9dc4-9656b01ddfa0%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=workers.dev&sp=https%253A%252F%252Fbankcardsms.hasanjafari1251.workers.dev%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid9.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://bankcardsms.hasanjafari1251.workers.dev
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
text/plain
Server
nginx
Access-Control-Allow-Headers
*
vidoomy-player.js
vpaid.vidoomy.com/player/latest/preprod/
427 KB
120 KB
Script
General
Full URL
https://vpaid.vidoomy.com/player/latest/preprod/vidoomy-player.js
Requested by
Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/eluniversalve_17710.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4311cd24befabbcf2dc911af9f25e5e77ba60457d725fb124e2b742782918999

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
etag
W/"0877d87039f2a1323d5fa145160bf645"
x-77-cache
HIT
x-amz-storage-class
STANDARD
date
Sun, 01 Dec 2024 14:46:59 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 14:56:15 GMT
x-77-nzt-ray
0f63d4192b34baf4e3764c67b9000208
vary
Accept-Encoding
x-77-nzt
EwwBbT1b5QH3R9sLAAwBnJI73wW1/////wgBbT1aDgAA
x-amz-meta-s3cmd-attrs
atime:1732287100/ctime:1732287087/gid:1000/gname:federicoi/md5:0877d87039f2a1323d5fa145160bf645/mode:33204/mtime:1732287087/uid:1000/uname:federicoi
access-control-allow-credentials
true
x-amz-request-id
tx00000d4b0a6f3e082892f-0067409b9b-7815b61-prg
x-77-pop
ashburnUSVA
x-77-age
777031
server
CDN77-Turbo
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=69486442-654b-4588-9b37-fc02e031a760
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=69486442-654b-4588-9b37-fc02e031a760
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a042d596-c8c1-4193-8090-cb06f0ff3bd6&user_group=1&ssp=vidoomy&bsw_param=69486442-654b-4588-9b37-fc02e031a760
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=69486442-654b-4588-9b37-fc02e031a760
0
0

auto-user-sync
ads.stickyadstv.com/
43 B
498 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.230 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1733064419171049-167
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
image/gif
Server
nginx
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=681189&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=681189&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=v...
43 B
299 B
Image
General
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=681189&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1733064418
Protocol
H2
Server
18.173.132.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-23.jfk52.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 15b20cdc545f9b56059a7fe493f5451a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
bMOwCVUbh3AEFesVccWvwmWtNV3iSBCAObQ874HVf3un6pY_jNlfvg==
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P2

Redirect headers

location
/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=681189&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1733064418
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 15b20cdc545f9b56059a7fe493f5451a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
ua1MBkwEvDRtrk7iwsa9-wg3_QItSkb4nMq5BcEIC_CfmzIkrrnFIQ==
date
Sun, 01 Dec 2024 14:46:59 GMT
x-amz-cf-pop
JFK52-P2
2d1fd9a5-13be-493c-ade3-8d69f483889b
https://bankcardsms.hasanjafari1251.workers.dev/ Frame
0
0

/
call.cleverwebserver.com/
43 B
105 B
Image
General
Full URL
https://call.cleverwebserver.com/?id=75890&c=US&r=FL&l=177&b=Chrome&bv=131&os=Linux&mob=0&v=2.26.0&lg=en-US&ref=aHR0cHM6Ly9iYW5rY2FyZHNtcy5oYXNhbmphZmFyaTEyNTEud29ya2Vycy5kZXYv&ruri=&s=4e73a6dc807f4a15f84acdba9cb4c2e1f8d6a6a460b1c42fa0486e229c0e7b1f&st=W&iv=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cf-ray
8eb3deaa3ff18dc7-MIA
content-length
43
cf-cache-status
DYNAMIC
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
image/gif
server
cloudflare
a8d0762f-8893-4426-bc41-a82add02f68b
https://bankcardsms.hasanjafari1251.workers.dev/ Frame
0
0

connatix.player.js
cds.connatix.com/p/546605/ Frame C96E
457 KB
107 KB
Script
General
Full URL
https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/elLoader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bdc34d2258e5a5f45211b50ff265d82bd0aafdcb5ec03243b8e12102038c10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"afe0435c49cac8da3cde940d2b7d3fef"
x-amz-version-id
yUxVeOufP9wqf5xc4H941FylPVIpH4.B
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:19 GMT
x-amz-expiration
expiry-date="Wed, 18 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deaa0e9b5c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
109422
server
cloudflare
96d719e2-5111-4006-810e-f9a1dd38e172
https://bankcardsms.hasanjafari1251.workers.dev/
1 KB
0
Media
General
Full URL
blob:https://bankcardsms.hasanjafari1251.workers.dev/96d719e2-5111-4006-810e-f9a1dd38e172
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
/
c.mgid.com/pv/
43 B
205 B
Image
General
Full URL
https://c.mgid.com/pv/?lu=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&cbuster=1733064418887577450738&pvid=19382b06647ab60bff0&implVersion=11&cxurl=https%3A%2F%2Fwww.eluniversal.com&site=578506&cid=1081107&i=1&scum=%3F0&scuw=%3F0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8eb3deaa699e74ba-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
image/gif
server
cloudflare
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
239 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
age
0
cf-ray
8eb3deaabf383dcc-MIA
content-length
3
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 612F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bankcardsms.hasanjafari1251.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
50157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 00:51:02 GMT
etag
17661348622971093804
expires
Sun, 15 Dec 2024 00:51:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 24CD
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2665000277262253&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733064418&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733064418629&bpp=4&bdt=4379&idt=340&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=667408221051&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088128%2C31088581%2C31088961%2C42531705%2C42532524%2C95348620%2C31088249%2C95345966&oid=2&pvsid=2493823566595107&tmod=226180128&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=367
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bankcardsms.hasanjafari1251.workers.dev/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 14:46:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
4a9a5b8031633966c7125aef9f396803d22d44b8dcaa57187f83a51cd97edae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13022
date
Sun, 01 Dec 2024 14:46:59 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
topics_frame.html
ced-ns.sascdn.com/diff/js/assets/ Frame F81E
0
0
Document
General
Full URL
https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/modules/topics.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:2a::17da:da14 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://bankcardsms.hasanjafari1251.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
154
Content-Type
text/html
Date
Sun, 01 Dec 2024 14:46:59 GMT
ETag
"f0d2e72b7a1131e32549d3713c834900:1715760824.259072"
Last-Modified
Wed, 15 May 2024 08:11:55 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
genericpost
www15.smartadserver.com/
12 KB
5 KB
XHR
General
Full URL
https://www15.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2826/smart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.152.193 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip193.ip-135-148-152.us
Software
/
Resource Hash
6344fb6659a1fd0bb88dc739f8aba5f3af996d91cd290f45ae2dcb8fbbf79e64

Request headers

traceparent
00-883452f7228e609a52eabec7e65d4ed9-1eb0b9dab90b457b-00
Save-Data
off
Referer
https://bankcardsms.hasanjafari1251.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/javascript
tracestate
eqtv-source=smartjs

Response headers

x-smrt-i
11563929
cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
genericpost
www15.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://www15.smartadserver.com/genericpost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.2.48 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip48.ip-135-148-2.us
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data,traceparent,tracestate
Access-Control-Request-Method
POST
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data,traceparent,tracestate
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
date
Sun, 01 Dec 2024 14:46:58 GMT
vary
Origin
player.user.manager.service.js
cds.connatix.com/p/546605/ Frame C96E
57 KB
16 KB
Script
General
Full URL
https://cds.connatix.com/p/546605/player.user.manager.service.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
585d69893f04da4408c2a0cfc12dc8b42fc026cb08e3eacc90aa05d5f21335a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"6b5bf2ced96ac13967ab635bf482c56f"
x-amz-version-id
00WBqgX7uxxAQDuTZxiEMw2tk14i4Rfi
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:19 GMT
x-amz-expiration
expiry-date="Wed, 18 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deab78a85c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
15526
server
cloudflare
player.renderer.js
cds.connatix.com/p/546605/ Frame C96E
196 KB
46 KB
Script
General
Full URL
https://cds.connatix.com/p/546605/player.renderer.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a2fb93b5a9e047545ddb22a1c04f5a3a3588461169b52140e5f4c13c02dd1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"40cc4b7ddcdcad6ef50baa36792ab297"
x-amz-version-id
VsBXGg84LPGKECnqBxg7AYkZLM1aVSri
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:19 GMT
x-amz-expiration
expiry-date="Wed, 18 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deab78ad5c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
46298
server
cloudflare
cSyncRemoteEntry.js
cds.connatix.com/p/546605/ Frame C96E
3 KB
2 KB
Script
General
Full URL
https://cds.connatix.com/p/546605/cSyncRemoteEntry.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9416c6801e626df82cf38530f87235e4ff497cba3aea9f394978a77bb105a575

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"2a6b956ded1830ef3f5e07943fc8f2ab"
x-amz-version-id
CXZ7y5mDgBEhfc3QcG.gdzlinkRiS_fz
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:19 GMT
x-amz-expiration
expiry-date="Wed, 18 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deab78b05c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1353
server
cloudflare
player.style.eba3e4dec5b26fab3aa1.css
cds.connatix.com/a/
67 KB
10 KB
Stylesheet
General
Full URL
https://cds.connatix.com/a/player.style.eba3e4dec5b26fab3aa1.css
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5bd3c191c542f7768d9b2e28a52ee98b7044fe16f90ec1e6def50c16e0c5f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"cbbb19c20cc059850af4e440801d4d0a"
x-amz-version-id
alKG7EhbWXTvYRh_jPNWQAWkSfgpCdsR
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/css
last-modified
Tue, 19 Nov 2024 15:05:57 GMT
vary
Accept-Encoding
access-control-allow-headers
range
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deab78b35c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
9373
server
cloudflare
player.hls.eb4cf38295c9e0c744cd.js
cds.connatix.com/a/
290 KB
75 KB
Script
General
Full URL
https://cds.connatix.com/a/player.hls.eb4cf38295c9e0c744cd.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec57105758c7d5cb3d6f1b57e618a5a5c2a082542baae57ba905f9137d6f5974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"b280d2b1db29440a493d4c6f0a0b33af"
x-amz-version-id
_fhGQv3iqJB5AdQNa9zZiGOnUNd7RXzY
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:21 GMT
vary
Accept-Encoding
access-control-allow-headers
range
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deab78b45c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
76667
server
cloudflare
player.ads.js
cds.connatix.com/p/546605/ Frame C96E
412 KB
92 KB
Script
General
Full URL
https://cds.connatix.com/p/546605/player.ads.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de4037d5a3372d5687e8e317bba4fbc288a2ea323604c912133eba7770093f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"71506c3b61742922c02c42b369ad7c0f"
x-amz-version-id
Fou2xyC9AfuEHdV21utMHH3Y5Geq.Z4H
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:19 GMT
x-amz-expiration
expiry-date="Wed, 18 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deab78b55c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
94065
server
cloudflare
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"617c205137825561208ef7c1a2d8f319"
age
1914
expires
Mon, 02 Dec 2024 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
vary
Accept-Encoding
x-amz-id-2
DM+LNUSuRqOdMpg37qxt39LAR5PcewBm+4mSfYLFJIgtzSGyK2G7li3ekD6b92YOb4Wc0euYQzg=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-request-id
32V0QE99YBX4EHST
cf-ray
8eb3deabbb0f74ba-MIA
access-control-allow-origin
*
server
cloudflare
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
age
1662
expires
Mon, 02 Dec 2024 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
vary
Accept-Encoding
x-amz-id-2
NETptmA6VMVASckLBeEFXpxyhRyo3lG56cI1Mtekm9+BXPor92GfLKq3hrplJcLAtbWpKb4DzCjWGUyNSoVS6w==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-request-id
KR6TN167WWBGZW0M
cf-ray
8eb3deabbb1274ba-MIA
access-control-allow-origin
*
server
cloudflare
9ebc2692-db4b-4928-9f77-ac72f583423b
config.aps.amazon-adsystem.com/configs/
563 B
831 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9ebc2692-db4b-4928-9f77-ac72f583423b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-108.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
40fa790afdb3a1673b312dda9e0150e1fd3e54ef2bd07d5ced267950dfa3a652

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=3600
age
746
via
1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
qCf55xB9JZWkCA01W419wZurlQyPHfiNQnTya9O3zQFM3CKkLD0k2Q==
date
Sun, 01 Dec 2024 14:34:33 GMT
content-type
application/javascript
x-amz-cf-pop
JFK50-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/
3 KB
4 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev&pubid=9ebc2692-db4b-4928-9f77-ac72f583423b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
79c50e6f87315e0af6968d0f585d6e43298646218c78e07da803e9dddadceb5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
x-cache
Miss from cloudfront
content-length
3446
x-amz-cf-id
SBTBBukxCCQ5TBhk0xblzOtCmAgybQH6hGr1EE5F2kJOGtPBxoHxJw==
date
Sun, 01 Dec 2024 14:46:58 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
JFK50-P3
server
Server
bid
aax.amazon-adsystem.com/e/dtb/
23 B
392 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&pid=yPZhtiDe3IMcR&cb=0&ws=1600x1200&v=24.1105.2150&t=1000&slots=%5B%7B%22sd%22%3A%22ngb_si2984%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F21712171430%2Finterstitial%22%7D%2C%7B%22sd%22%3A%22ngb_si2901%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fflat2_p%22%7D%2C%7B%22sd%22%3A%22ngb_si2036%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fbox1_p%22%7D%2C%7B%22sd%22%3A%22ngb_si1611%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fbox4_p%22%7D%2C%7B%22sd%22%3A%22ngb_si1573%22%2C%22s%22%3A%5B%22930x147%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fflat3_p%22%7D%2C%7B%22sd%22%3A%22ngb_si1533%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fbox2_p%22%7D%2C%7B%22sd%22%3A%22ngb_si1531%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fflat2_p%22%7D%2C%7B%22sd%22%3A%22ngb_si1530%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fflat1_p%22%7D%2C%7B%22sd%22%3A%22ngb_si1153%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21712171430%2Fbox3_p%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21newdreamglobal.com%2C10%2C1%2C%2C%2C&sm=efa8edd9-17d5-4880-b216-5d4110aa2aa9&pubid=9ebc2692-db4b-4928-9f77-ac72f583423b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.58.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-58-231.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront)
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
uH9O9yqzmAk_hx953-X0EBeK1iY4pQb6y0eaeCFtWc24dlkPcMK5WQ==
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK52-P4
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
nmHU0ccekB7YgNr0jaQTYAiKhNpQ6ooffae3dFTOmdTnwZP_vM7D8A==
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
cSyncRemote.js
cds.connatix.com/p/546605/ Frame C96E
144 KB
38 KB
Script
General
Full URL
https://cds.connatix.com/p/546605/cSyncRemote.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab691a33cbffcd3ed1881d6c3d8f436010d505de3e83e92f4c57a5ed27bc1bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"80502af96adba55e55118945d9d8556b"
x-amz-version-id
GPtN.hoE0bBZILtv7fsVFVVNVV7WbB1.
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:19 GMT
x-amz-expiration
expiry-date="Wed, 18 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deac49c25c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
38235
server
cloudflare
mny
capi.connatix.com/core/ Frame C96E
88 KB
42 KB
XHR
General
Full URL
https://capi.connatix.com/core/mny?v=546605&cid=2d62645b-75aa-49ae-abd1-05c8196bf932
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf2bb6b1228b639d2c62369daf6ea8e1a10cba6df7059faed8cdc0db87d3e42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8eb3deac5bf5a4d4-MIA
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:46:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
kiosked-loader.js
scripts.kiosked.com/loader/
603 KB
186 KB
Script
General
Full URL
https://scripts.kiosked.com/loader/kiosked-loader.js?site=17900
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-30.phl50.r.cloudfront.net
Software
nginx/1.14.2 /
Resource Hash
3aeeab3ce61c2d3f6e062268782400525520bd95b12809fa81d243f9a6bf36ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=1200
Timing-Allow-Origin
*
Content-Encoding
gzip
ETag
W/"3aeeab3ce61c2d3f6e062268782400525520bd95b12809fa81d243f9a6bf36ea"
Age
297
Connection
keep-alive
Via
1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
P3P
CP="KIOSKED"
X-Amz-Cf-Id
Cfrb-KeYsRFaDnmiAYebs7oZye3_mpR_GZR-07LNvl7wHGsV8yBDBg==
Date
Sun, 01 Dec 2024 14:46:19 GMT
Content-Type
application/javascript; charset=utf-8
X-Amz-Cf-Pop
PHL50-C1
Server
nginx/1.14.2
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Sun, 01 Dec 2024 15:01:59 GMT
accept-ranges
bytes
content-length
17407
date
Sun, 01 Dec 2024 14:46:59 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"ad78eaf46246cac6849005eb8b50ae6f"
age
18569
via
1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tpLTRJ3vQgj_CG8NryJEEbljdsDjkWwYX8EAKqEtyCj6QI5xRZEzBA==
date
Sun, 01 Dec 2024 09:37:31 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
ima.js
cdn-ima.33across.com/
16 KB
6 KB
Script
General
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a7171-403e"
age
448291
cf-ray
8eb3deadad91a539-MIA
expires
Wed, 04 Dec 2024 14:46:59 GMT
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 16:10:25 GMT
vary
Accept-Encoding
server
cloudflare
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&ref=&_it=amazon&partner_id=627
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
public, max-age=432000
content-encoding
br
cf-cache-status
HIT
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
9
x-amz-request-id
83KC9H98EA98XQF0
expires
Fri, 06 Dec 2024 14:46:59 GMT
cf-ray
8eb3dead5eca3360-MIA
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 17:12:10 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
foIRKnjyxE5Z01I+3fMW1m87BVT1r5GVc91knypX/GhkaI6u7XckbWcSvw75EUZSxLnPO6WSGCc=
id5-api.js
cdn.id5-sync.com/api/1.0/
100 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"14cd899b51c2c37c71fbf5e1ae6fe38b"
age
10
expires
Sun, 01 Dec 2024 15:46:59 GMT
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 13 Nov 2024 11:06:09 GMT
vary
Accept-Encoding
x-amz-id-2
7Qqpiicodwzio1cm6mzkILUchlN2sl0qJq37RXXXYRiUl+Ooru3sTj4gS7e2jZ7etNHtoFlS6K4=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
7MY7EGWPAZ98F101
cf-ray
8eb3deadab66370e-MIA
server
cloudflare
x-amz-server-side-encryption
AES256
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
128 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.166.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-166-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-allow-origin
*
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.166.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-166-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
capi.connatix.com/core/ Frame C96E
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=2
6 KB
3 KB
XHR
General
Full URL
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=2
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3db2085372c748a009bcc5621c3f718432dc69ce0e429203ee8d791b3f5627

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8eb3deadde0ea4d4-MIA
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=86400
content-length
2608
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
location
https://capi.connatix.com:443/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=2
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8eb3dead2d03a4d4-MIA
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=86400
content-length
31
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
pls
capi.connatix.com/core/ Frame C96E
1 KB
1 KB
XHR
General
Full URL
https://capi.connatix.com/core/pls?v=546605&tier=1&cid=2d62645b-75aa-49ae-abd1-05c8196bf932&abid=m&part=Master
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dec90bba3a0d821f330675fa80cd98d0a331740f16ff32d3197c6397e448ff0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8eb3dead3d08a4d4-MIA
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=86400
content-length
1077
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
1
servicer.mgid.com/1081107/
4 KB
2 KB
Script
General
Full URL
https://servicer.mgid.com/1081107/1?cmpreason=wvz&scale_metric_1=64.00&scale_metric_2=322.58&scale_metric_3=100.00&w=315&h=1254&ident_p=true&sz=312x301&szp=1,2,3&szl=1;2;3&sessionId=674c76e3-02d96&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&sharedId=7c1514c5-f439-4d22-9dc4-9656b01ddfa0&lu=https%3A%2F%2Fbankcardsms.hasanjafari1251.workers.dev%2F&cbuster=1733064419401468638375&pvid=19382b06647ab60bff0&implVersion=11&cxurl=https%3A%2F%2Fwww.eluniversal.com&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&uniqId=16fd7&childs=1487731&niet=4g&nisd=false&pv=5&lct=1732717920&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=1103ac98&tfre=5023
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newdream.eluniversal.com.1081107.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44ff2840d5a1e3d75ad0e90ffc111f10c1eae820b869867a473c26f4923799c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8eb3deadad7574ba-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
usync.html
eus.rubiconproject.com/ Frame 0900
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
0
0

sas-interstitial-3.0.js
ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/
53 KB
15 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Requested by
Host: bankcardsms.hasanjafari1251.workers.dev
URL: https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:2a::17da:da14 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d8fbc75bf816402d96ced7ea46135867c607b3cbd93666914803168f35a4e278

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
"c866634f30d135c8a9b931c6fdbe698e:1681901966.101347"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14987
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 19 Apr 2023 06:54:48 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 5AEF
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bankcardsms.hasanjafari1251.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 14:17:55 GMT
expires
Sun, 01 Dec 2024 15:07:55 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9FE9
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TIDmW5dsiUrB9TN8Hjrozg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bankcardsms.hasanjafari1251.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TIDmW5dsiUrB9TN8Hjrozg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 14:46:59 GMT
expires
Sun, 01 Dec 2024 14:46:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
capi.connatix.com/metrics/ Frame C96E
0
386 B
XHR
General
Full URL
https://capi.connatix.com/metrics/?v=546605&tier=1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8eb3deae08a60992-MIA
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=86400
content-length
20
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
hadron.json
id.hadron.ad.gt/v1/
137 B
288 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=627&sync=0&domain=bankcardsms.hasanjafari1251.workers.dev&url=https://bankcardsms.hasanjafari1251.workers.dev/
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/preprod/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ebe4ad08addf6e256cd084d796525965a78530fa77f0bc7c1a5623f1403268

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8eb3deaeb8f874a8-MIA
access-control-allow-origin
*
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
authorization,content-type
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=627&sync=0&domain=bankcardsms.hasanjafari1251.workers.dev&url=https://bankcardsms.hasanjafari1251.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8eb3deae484f74a8-MIA
content-length
0
content-type
application/json
date
Sun, 01 Dec 2024 14:46:59 GMT
debug
OPTIONS block
expires
Mon, 01 Dec 2025 14:46:59 GMT
server
cloudflare
insights.bin
ins.connatix.com/1acdb010-fb1f-494b-bb6e-c9022495b601/695/ Frame C96E
0
0

695_media.bin
vid.connatix.com/pid-e66b6ac5-463e-4222-8048-3ae55aeb6fc9/1acdb010-fb1f-494b-bb6e-c9022495b601/5f27f976-ab83-4b71-a918-086dc6dcb4ce/ Frame C96E
0
0

player.iframe.integration.destroy.6f52d9fd68f089c6583a.js
cds.connatix.com/a/
748 B
759 B
Script
General
Full URL
https://cds.connatix.com/a/player.iframe.integration.destroy.6f52d9fd68f089c6583a.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/connatix.player.js?cid=2d62645b-75aa-49ae-abd1-05c8196bf932&pid=e66b6ac5-463e-4222-8048-3ae55aeb6fc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84f329f92f5ac8a851010b32dd9cf4d01e243bb19f9b005354fd8bd1a3da83a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"703a74f6a60b510adfde70b71f805c80"
x-amz-version-id
8fd9bgmSFG5XEMuHm3xhsyQ1Y6yPlUoM
access-control-allow-methods
*
expires
Mon, 01 Dec 2025 14:46:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/javascript
last-modified
Fri, 29 Nov 2024 13:44:21 GMT
vary
Accept-Encoding
access-control-allow-headers
range
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8eb3deadec1f5c6d-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
378
server
cloudflare
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LgiuWAAR&src=aps&ver=1.14.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LgiuWAAR&src=aps&ver=1.14.0&b=1&tp=LKbEsDSfmPoQ0nJ181gYNEAqFw00R5biDwa2hGkb53A%3D
42 B
138 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LgiuWAAR&src=aps&ver=1.14.0&b=1&tp=LKbEsDSfmPoQ0nJ181gYNEAqFw00R5biDwa2hGkb53A%3D
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003LgiuWAAR&src=aps&ver=1.14.0&b=1&tp=LKbEsDSfmPoQ0nJ181gYNEAqFw00R5biDwa2hGkb53A%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 01 Dec 2024 14:46:58 GMT
vary
origin
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EB32
0
0

aip
use2.smartadserver.com/h/
43 B
231 B
Image
General
Full URL
https://use2.smartadserver.com/h/aip?uii=4233640492663543214&tmstp=2285450703&ckid=5596743279597712944&systgt=%24qc%3d1500046471%3b%24ql%3dHigh%3b%24qpc%3d33144%3b%24qt%3d152_581_33100t%3b%24dma%3d528%3b%24qo%3d6%3b%24b%3d16999%3b%24o%3d99999%3b%24sw%3d1600%3b%24sh%3d1200&acd=1733064419335&envtype=0&opid=4c21bf6d-a3bd-4963-a114-41b3388a85b7&opdt=1733064419335&siteid=349308&tgt=%24dt%3d1t%3b%24dma%3d528%3b%24hc&gdpr=0&bldv=20207&visit=V&statid=1&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fbankcardsms.hasanjafari1251.workers.dev%2f&cappid=5596743279597712944&capp=1&mcrdbt=1&insid=11563929&imgid=29706010&pgid=1225500&fmtid=58945&isLazy=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.152.193 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip193.ip-135-148-152.us
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 01 Dec 2024 14:46:59 GMT
pragma
no-cache
content-type
image/gif
api-supported-versions
1.0
close-retina.png
ced-ns.sascdn.com/diff/templates/images/
2 KB
2 KB
Image
General
Full URL
https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:2a::17da:da14 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

Cache-Control
max-age=86400
ETag
"dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1802
Date
Sun, 01 Dec 2024 14:46:59 GMT
Content-Type
image/png
Last-Modified
Wed, 20 Oct 2021 08:07:22 GMT
Server
AkamaiNetStorage
player.floating.js
cds.connatix.com/p/546605/ Frame C96E
0
0

sync.min.js
tags.crwdcntrl.net/lt/c/17331/
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/cSyncRemote.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f48c5d349a73b41850ff4349fc02a2e43f172ecfbb5efe7e9437e6ca38403178

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7a801cdc14047a14bf5f276389e89151"
age
19975
via
1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
zlBsaGMqTib0Ahd09DmEzZ99com3N3_59fDEDo3Pdmguxe1H9ZfioQ==
date
Sun, 01 Dec 2024 09:14:05 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:59:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
cks
cks.connatix.com/
Redirect Chain
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=41e10f4484344f4cabf32abfc6e41c0b&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D41e10f4484344f4cabf32abfc6e41c0b...
  • https://cks.connatix.com/cks?pid=34&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Colossus&api-tier=2&uid=e6b429a3-e437-4f00-8253-6b897c4dce3f
146 B
254 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=34&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Colossus&api-tier=2&uid=e6b429a3-e437-4f00-8253-6b897c4dce3f
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92211da6b90f0d9c9f84b11c71a632ed627f3a5b1a38aeb453f2931218eacca1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb02a2ca54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Cache-Control
no-cache, no-store, must-revalidate
Location
https://cks.connatix.com/cks?pid=34&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Colossus&api-tier=2&uid=e6b429a3-e437-4f00-8253-6b897c4dce3f
Pragma
no-cache
Connection
keep-alive
Expires
0
Date
Sun, 01 Dec 2024 14:46:59 GMT
Server
nginx
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=LoopMe&api-tier=2&uid=b2bcaee4-0e7c-4eef-82f3-c722fda911b9&pubid=11186&gdpr=0
146 B
254 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=18&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=LoopMe&api-tier=2&uid=b2bcaee4-0e7c-4eef-82f3-c722fda911b9&pubid=11186&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb5f2bc79650ee953abbe18755625aaffdffccc547ef50f94537bd9c6154e8d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb23d49a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=LoopMe&api-tier=2&uid=b2bcaee4-0e7c-4eef-82f3-c722fda911b9&pubid=11186&gdpr=0
content-length
0
date
Sun, 01 Dec 2024 14:47:00 GMT
server
_
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=41e10f4484344f4cabf32abfc6e41c0b&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Telaria&api-tier=2&uid=87554730bd2d4b968b42e1c00a2e5fb5
141 B
249 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=5&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Telaria&api-tier=2&uid=87554730bd2d4b968b42e1c00a2e5fb5
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4dce201f06b074f529d77e626ac5685f84bbcb4d7113877e20ff4b293a7beef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb05a74a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Telaria&api-tier=2&uid=87554730bd2d4b968b42e1c00a2e5fb5
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 01 Dec 2024 14:46:59 GMT
server
nginx
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Crimtan&api-tier=2&uid=06b6d6d8b26543b399748ffd5188b3cd
142 B
287 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=28&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Crimtan&api-tier=2&uid=06b6d6d8b26543b399748ffd5188b3cd
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b357504b3e1658ae00ac58505708c0249955d5a01abf6e0cb16f2af5e87a7411

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb019fca54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cks.connatix.com/cks?pid=28&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Crimtan&api-tier=2&uid=06b6d6d8b26543b399748ffd5188b3cd
pragma
no-cache
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CUR OUR NOR"
content-length
0
x-xss-protection
1; mode=block
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/html;charset=UTF-8
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=SundaySky&api-tier=2&uid=d6.557c3d65b36e4a408b0b5cbddd97972d
144 B
253 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=1&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=SundaySky&api-tier=2&uid=d6.557c3d65b36e4a408b0b5cbddd97972d
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee2e2f462afa9e6400a69080176e994ffe3e59d45220e9b506fdc5aeaf2585f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb0bafba54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

x-content-type-options
nosniff
location
https://cks.connatix.com/cks?pid=1&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=SundaySky&api-tier=2&uid=d6.557c3d65b36e4a408b0b5cbddd97972d
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
x-frame-options
DENY
sync-iframe
cs-server-s2s.yellowblue.io/ Frame EB82
0
0

cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Sonobi&api-tier=2&uid=ad0e1355-7176-4eb6-bc45-52a3703759a4
146 B
254 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=43&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Sonobi&api-tier=2&uid=ad0e1355-7176-4eb6-bc45-52a3703759a4
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d0e9b219fe818cc582c73b1fc34179ce64237b820c5cedbe23b117757e946d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb01a17a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, no-store, private
location
https://cks.connatix.com/cks?pid=43&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Sonobi&api-tier=2&uid=ad0e1355-7176-4eb6-bc45-52a3703759a4
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sun, 01 Dec 2024 14:46:59 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-6-92
x-xss-protection
0
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=PulsePoint&api-tier=2&uid=buSDwkN6q2Vn
122 B
238 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=13&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=PulsePoint&api-tier=2&uid=buSDwkN6q2Vn
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
849cf10dbbed1f5307b1ba08f3e98d73720d3d40ea9547e8000dde1906c2a734

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb03a3ca54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://cks.connatix.com/cks?pid=13&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=PulsePoint&api-tier=2&uid=buSDwkN6q2Vn
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-9775cb85-vbzpw
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
server
Jetty(10.0.14)
cks
cks.connatix.com/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3...
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=617fd5c3-4175-4be8-a5a3-5d8d001b1640&gdpr=0&gdpr_consent=null
146 B
254 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=617fd5c3-4175-4be8-a5a3-5d8d001b1640&gdpr=0&gdpr_consent=null
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f687b3693207efe2a4e08c756bc2a084014d54699d97af4e41d174d6d0ae326

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb10b55a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
location
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=617fd5c3-4175-4be8-a5a3-5d8d001b1640&gdpr=0&gdpr_consent=null
content-length
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 92EE
0
0

cks
cks.connatix.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DNexxen%26api-tier%3D2%26uid%3D%5BRX_UUID%5D...
  • https://cks.connatix.com/cks?pid=44&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Nexxen&api-tier=2&uid=OPTOUT
116 B
232 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=44&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Nexxen&api-tier=2&uid=OPTOUT
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87520999fa41b89eb9ee1be2d61297d4ae85402366ee6313032d3bbc473ab9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb16beba54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://cks.connatix.com/cks?pid=44&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Nexxen&api-tier=2&uid=OPTOUT
date
Sun, 01 Dec 2024 14:47:00 GMT
pragma
no-cache
content-type
text/html
etag
OPTOUT
cks
cks.connatix.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=connatix&user_id=41e10f4484344f4cabf32abfc6e41c0b&gdpr=0
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=connatix&bsw_user_id=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=66230c4e-afe4-431d-bde8-e9a5ca4039a5&ssp=connatix&gdpr=0
  • https://cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy=
146 B
254 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5334f12986c4e304686dd9d44d24bf655c67dcb64dcf3912aeda51cd8fbe4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb14bafa54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cks.connatix.com/cks?pid=47&ev={cnxId}&pname=BidSwitch&api-tier=1&uid=69486442-654b-4588-9b37-fc02e031a760&gdpr=0&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 14:47:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Amobee&api-tier=2&uid=8477176392545376485
129 B
241 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=21&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Amobee&api-tier=2&uid=8477176392545376485
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89d4cf2c1c8be977e55c568d944cd8d93fe26cb94ddb1492839a17275928436a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb19c2da54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location
https://cks.connatix.com/cks?pid=21&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Amobee&api-tier=2&uid=8477176392545376485
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length
0
pragma
no-cache
date
Sun, 01 Dec 2024 14:46:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA2B
0
0

cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DTripleLift%26api-tier%3D2%26uid%...
  • https://cks.connatix.com/cks?pid=25&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=TripleLift&api-tier=2&uid=2974361485253787731724
132 B
243 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=25&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=TripleLift&api-tier=2&uid=2974361485253787731724
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8629be494230793703e4c414853135bef02c392bd619732d6eb04cf32aa70f61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb1fcd3a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://cks.connatix.com/cks?pid=25&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=TripleLift&api-tier=2&uid=2974361485253787731724
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Sun, 01 Dec 2024 14:47:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=YieldMo&api-tier=2&uid=VzEYkccQmYclf0cj0815&gdpr=0
130 B
243 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=39&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=YieldMo&api-tier=2&uid=VzEYkccQmYclf0cj0815&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8faf9d807598e70825c61abb85de97418a655b91a3515aeddb78e7dd178df4c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb1cc76a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=39&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=YieldMo&api-tier=2&uid=VzEYkccQmYclf0cj0815&gdpr=0
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
0
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/json;charset=utf-8
access-control-allow-headers
Cache-Control, Pragma, *
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Beeswax&api-tier=2&uid=AAGQvU7OmO4AABaVuOKVLQ&gdpr=0
132 B
246 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=15&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Beeswax&api-tier=2&uid=AAGQvU7OmO4AABaVuOKVLQ&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29858d408516c5601f1557bb3367a51dce58af8e606da9f9dd505cf33edbf424

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb29dcea54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://cks.connatix.com/cks?pid=15&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Beeswax&api-tier=2&uid=AAGQvU7OmO4AABaVuOKVLQ&gdpr=0
Content-Length
0
Date
Sun, 01 Dec 2024 14:47:00 GMT
Server
gunicorn
Connection
keep-alive
cks
cks.connatix.com/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=null&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d48%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3dSmaato%26api-tier%3d2%26uid%3D...
  • https://cks.connatix.com/cks?pid=48&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Smaato&api-tier=2&uid=e9454ed0a3
120 B
234 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=48&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Smaato&api-tier=2&uid=e9454ed0a3
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
576424d99a74cbd225dad1f455c86d68300d13e83ba2532e60301c64587c5b27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb2ce14a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cks.connatix.com/cks?pid=48&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Smaato&api-tier=2&uid=e9454ed0a3
via
1.1 aefb7b8131edd5ff422d5614ea5a3f30.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
RFbWmxAOJ6eM7XvsvyAFfWYmHY3HZF8t04_sRIVjJcP1eVu2MolTRQ==
date
Sun, 01 Dec 2024 14:47:00 GMT
x-amz-cf-pop
JFK52-P7
server
CloudFront
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=ResetDigital&api-tier=2&uid=000001696CBA3C16
126 B
240 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=35&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=ResetDigital&api-tier=2&uid=000001696CBA3C16
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e87e12290e07a2a91438f8de3696ac9ef78a0fc362081b1905482af2b1ed5db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb23d4ea54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
location
https://cks.connatix.com/cks?pid=35&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=ResetDigital&api-tier=2&uid=000001696CBA3C16
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/html
cookie
c1.adform.net/
35 B
521 B
Script
General
Full URL
https://c1.adform.net/cookie?redirect_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D46%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DAdForm%26api-tier%3D2%26uid%3D%24UID&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/546605/cSyncRemote.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.52 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1
  • https://cks.connatix.com/cks?pid=17&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Index&api-tier=2&uid=Z0x25MAoJHEAACe0AwVLJwAA%261559
139 B
252 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=17&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Index&api-tier=2&uid=Z0x25MAoJHEAACe0AwVLJwAA%261559
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a5234bce13a180300a5d769a7f019782b1cd5c4e9a2079428b2456f9191896

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb2de23a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
https://cks.connatix.com/cks?pid=17&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Index&api-tier=2&uid=Z0x25MAoJHEAACe0AwVLJwAA%261559
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h83br4uTer8n4HCMuZjZyTk4Pq8CEiSTZi0pRWaBMPmV0vRSs%2FusUGR8hDH%2FFJMlV5u22efr7jRkn4sM2WBDlGgP4huP9ci6m9%2BLd7e1D1Ay7SwCj3oNDbRmyT%2Bs7CXXCYC5ZDjh"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb3deb259de8da3-MIA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sun, 01 Dec 2024 14:47:00 GMT
vary
Accept-Encoding
server
cloudflare
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=6d7483223ee9285b74b68e6130fe6f11&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
253 B
Script
General
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=6d7483223ee9285b74b68e6130fe6f11&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8eb3deb24bc1a4d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

Cache-Control
no-cache
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=6d7483223ee9285b74b68e6130fe6f11&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Pragma
no-cache
x-sticky-vk
1733064420152081-1191
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 01 Dec 2024 14:47:00 GMT
Server
nginx
/
ssc-cms.33across.com/ps/ Frame 76CB
0
0

cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D41e10f4484344...
  • https://cks.connatix.com/cks?pid=29&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Adelphic&api-tier=2&uid=8c283a19-3b48-48e0-b668-9d05ba3f791b
146 B
254 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=29&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Adelphic&api-tier=2&uid=8c283a19-3b48-48e0-b668-9d05ba3f791b
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d3068dc1c43d409908753164b3dca5ec57bac4ca194347deed14e9f3cc2711

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb39f37a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

X-CI-RTID
f715b1cc-ee62-4705-86be-c0cbe94092ae
Location
https://cks.connatix.com/cks?pid=29&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=Adelphic&api-tier=2&uid=8c283a19-3b48-48e0-b668-9d05ba3f791b
Content-Length
177
Date
Sun, 01 Dec 2024 14:47:00 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0
  • https://cks.connatix.com/cks?pid=6&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=AppNexus&api-tier=2&uid=6984802009774031328=&gdpr=0
129 B
242 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=6&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=AppNexus&api-tier=2&uid=6984802009774031328=&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eeee47f2446ddcfd56491017b913dbb7fefcfd7fd96bc7d89ad9de77588a306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb2ce1ba54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, private
location
https://cks.connatix.com/cks?pid=6&ev=41e10f4484344f4cabf32abfc6e41c0b&pname=AppNexus&api-tier=2&uid=6984802009774031328=&gdpr=0
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
252d12de-21ce-4812-bb9b-82209d4e2acf
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sun, 01 Dec 2024 14:47:00 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
push
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCentro%26api-tier%3D2%26uid%3...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D41e10f4...
0
0

cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=df65a03f-4b82-4fcf-92ce-834a74e02676&ttl=1735656419
146 B
254 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=19&uid=df65a03f-4b82-4fcf-92ce-834a74e02676&ttl=1735656419
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2832c1f6aecf66c8c1564108db8e5f11ebd85f82f58646e60e48d369487f9b82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8eb3deb01a03a54b-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=df65a03f-4b82-4fcf-92ce-834a74e02676&ttl=1735656419
content-length
213
date
Sun, 01 Dec 2024 14:46:59 GMT
server
Kestrel
pixel
capi.connatix.com/us/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&nwid=3630&gdpr=0&gdpr_consent=null&url=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d40%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3dSmartA...
  • https://capi.connatix.com/us/pixel?puid=5596743279597712944&pId=40&gdpr=0&gdpr_consent=
82 B
413 B
Script
General
Full URL
https://capi.connatix.com/us/pixel?puid=5596743279597712944&pId=40&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bankcardsms.hasanjafari1251.workers.dev/

Response headers

surrogate-control
no-cache, no-store, must-revalidate, max-age=0
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8eb3deb3cdf3a4d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
95
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

date
Sun, 01 Dec 2024 14:47:00 GMT
location
https://capi.connatix.com/us/pixel?puid=5596743279597712944&pId=40&gdpr=0&gdpr_consent=
content-length
0
712202.gif
id.rlcdn.com/ Frame C96E
0
0

pixel
capi.connatix.com/us/google/ Frame C96E
0
0

cm
us-u.openx.net/w/1.0/ Frame C96E
0
0

cksync
cs.media.net/ Frame C96E
0
0

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame C96E
0
0

81549
i.liadm.com/s/ Frame C96E
0
0

map
bcp.crwdcntrl.net/6/
235 B
629 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/preprod/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.175.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-175-96.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
dd45757e8173ced9d4c2fabe7038112341fcb21715423d989134527c0189304c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
235
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json;charset=utf-8
x-server
10.40.10.121
server
Jetty(9.4.38.v20210224)
ads
securepubads.g.doubleclick.net/gampad/
4 KB
267 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2493823566595107&correlator=1566855859268424&eid=31089118%2C31085776%2C31088251&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&iu_parts=21712171430%2Cinterstitial%2Cflat2_p%2Cbox1_p%2Cbox4_p%2Cflat3_p%2Cbox2_p%2Cflat1_p%2Cbox3_p&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F2%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1x1%2C728x90%2C300x250%2C300x250%2C930x147%7C728x90%2C300x600%2C728x90%2C970x90%7C728x90%2C300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&lrm=200&cookie_enabled=1&abxe=1&dt=1733064419805&lmt=1733064419&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&td=1&tan=92224241-3832-4f49-8463-151722575a15%2C92224241-3832-4f49-8463-151722575a16%2C92224241-3832-4f49-8463-151722575a17%2C92224241-3832-4f49-8463-151722575a18%2C92224241-3832-4f49-8463-151722575a19%2C92224241-3832-4f49-8463-151722575a1a%2C92224241-3832-4f49-8463-151722575a1b%2C92224241-3832-4f49-8463-151722575a1c%2C92224241-3832-4f49-8463-151722575a1d&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733064414250&idt=1607&prev_scp=site%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26amznbid%3D2%26amznp%3D2%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%26hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.00%26hb_adid_oftmedia%3D964a8c766fa31da%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D964a8c766fa31da%26hb_bidder%3Doftmedia%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%26hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.00%26hb_adid_oftmedia%3D97852ef58a0f959%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D97852ef58a0f959%26hb_bidder%3Doftmedia%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dbankcardsms.hasanjafari1251.workers.dev%26geo%3Dus%26category%3Dhome%26amznbid%3D2%26amznp%3D2%26hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.00%26hb_adid_oftmedia%3D9821733bdda3bf9%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D9821733bdda3bf9%26hb_bidder%3Doftmedia&adks=2358014294%2C3964180869%2C2367853058%2C3321568908%2C37385757%2C2172655864%2C3963753157%2C3063510500%2C1820082331&frm=20&eoidce=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/preprod/vidoomy-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
843547b2d8fadbb510353399d87f9b765701269cba72e1761d4ad0e841006cf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
content-length
236
x-xss-protection
0
server
cafe
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zODQseV84MTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTEvO...
s-img.mgid.com/g/21544624/300x200/-/
16 KB
17 KB
Image
General
Full URL
https://s-img.mgid.com/g/21544624/300x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zODQseV84MTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTEvODgxMjY1L2I5OWQ1N2EwYzUyNjUyYjljOWNjYTEyNGU2NjhmYWJmLmpwZw.webp?v=1733064419-BipUGLT7YwH5GsAfQDAux1VOHuWaT5rZ9zcfMfCE-7c
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e127fda057c630c2bdc346a57335fc9ee08fd838bb0db5b60f78401e72a5b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bankcardsms.hasanjafari1251.workers.dev
Referer

Response headers

x-robots-tag
noindex
cf-cache-status
HIT
age
67341
x-mg-request-uuid
46fc660f-691f-43d3-b299-15063a24a490
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
image/webp
last-modified
Fri, 29 Nov 2024 22:56:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
immutable, max-age=31536000
cf-ray
8eb3deb3590521e7-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16538
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHBzOi8vaW1naG9zdHMuY29tL3QvMjAyNC0xMC84MjUyOTgvNWM4N...
s-img.mgid.com/g/21172410/300x200/-/
0
0

9ee601fdc18513b07c0b9de60aa6be0d.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-11/881265/
136 KB
137 KB
Media
General
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-11/881265/9ee601fdc18513b07c0b9de60aa6be0d.mp4?v=1733064419-MCKSHyd9vTxOZV5NuolOd2YHHDWZ-OqVMiicMEtn1Iw
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2432b315f5d1906ef7e21c71708d376dbaedb44397d39358cc0b79c7b268eedf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-robots-tag
noindex
x-request-id
1362aca74817d891538af5be6a8fbee1
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cf-cache-status
HIT
etag
"734f551dcd5d84b68c7f262996bf1d1c"
age
340856
x-content-type-options
nosniff
server-timing
cld-cloudflare;mitm=c;dur=185;start=2024-11-27T16:04:49.218Z;desc=miss,content-info;desc="width=680,height=452,abps=24686,fps=25.0,du=5.64,vc="h264",bytes=139228,owidth=1280,oheight=720,oabps=119767,ofps=25.0,odu=5.64,ovc="h264",obytes=675487,oformat="mp4",ef=(18,61,65);";cloudinary;dur=155;start=2024-11-27T16:04:49.242Z, cfExtPri
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
video/mp4;codecs=avc1
last-modified
Sun, 17 Nov 2024 13:15:06 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000, no-transform
timing-allow-origin
*
Content-Range
bytes 0-139227/139228
cf-ray
8eb3deb3aa2cd9b9-MIA
access-control-allow-origin
*
Content-Length
139228
server
cloudflare
vz
c.mgid.com/
0
154 B
Ping
General
Full URL
https://c.mgid.com/vz
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newdream.eluniversal.com.1081107.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8eb3deb099bc74ba-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 01 Dec 2024 14:46:59 GMT
server
cloudflare
bounce
id5-sync.com/
30 B
257 B
Fetch
General
Full URL
https://id5-sync.com/bounce
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/preprod/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/
45 B
310 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/preprod/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
579ad1151ce1ad2c8a541c68124fb54987b10b6e4b6e9e521c363c352fa3e824
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
date
Sun, 01 Dec 2024 14:46:59 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v3
id5-sync.com/gm/
700 B
1 KB
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/preprod/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
b3cd7c7dcba17df7cb7ff7f69d3c0cd0237148eb135ea6df6b2ddce184743f35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://bankcardsms.hasanjafari1251.workers.dev
p3p
CP="CAO PSA OUR"
date
Sun, 01 Dec 2024 14:47:00 GMT
content-type
application/json
vary
Origin
u
events.kiosked.com/
0
0

v3
id5-sync.com/gm/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mmedia.eluniversal.com
URL
https://mmedia.eluniversal.com/archivos/portada_deu/portada_deu_20241201.jpg
Domain
ghb.adtelligent.com
URL
https://ghb.adtelligent.com/v2/auction/
Domain
a.vidoomy.com
URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=69486442-654b-4588-9b37-fc02e031a760
Domain
bankcardsms.hasanjafari1251.workers.dev
URL
blob:https://bankcardsms.hasanjafari1251.workers.dev/2d1fd9a5-13be-493c-ade3-8d69f483889b
Domain
bankcardsms.hasanjafari1251.workers.dev
URL
blob:https://bankcardsms.hasanjafari1251.workers.dev/a8d0762f-8893-4426-bc41-a82add02f68b
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Domain
ins.connatix.com
URL
https://ins.connatix.com/1acdb010-fb1f-494b-bb6e-c9022495b601/695/insights.bin
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-e66b6ac5-463e-4222-8048-3ae55aeb6fc9/1acdb010-fb1f-494b-bb6e-c9022495b601/5f27f976-ab83-4b71-a918-086dc6dcb4ce/695_media.bin
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/546605/player.floating.js
Domain
cs-server-s2s.yellowblue.io
URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=null&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d41e10f4484344f4cabf32abfc6e41c0b%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D41e10f4484344f4cabf32abfc6e41c0b%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D41e10f4484344f4cabf32abfc6e41c0b%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DCentro%26api-tier%3D2%26uid%3D7a269d36-ce5b-49f4-b0d2-c95b60eacc53-674c76e4-5553%26gdpr%3D0
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/712202.gif?cparams=41e10f4484344f4cabf32abfc6e41c0b&gdpr=0
Domain
capi.connatix.com
URL
https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&gdpr=0&gdpr_consent=null&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d41e10f4484344f4cabf32abfc6e41c0b%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D41e10f4484344f4cabf32abfc6e41c0b%26DemandPartnerName%3DMediaNet%26tier%3D2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=&pcid=41e10f4484344f4cabf32abfc6e41c0b
Domain
i.liadm.com
URL
https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=41e10f4484344f4cabf32abfc6e41c0b
Domain
s-img.mgid.com
URL
https://s-img.mgid.com/g/21172410/300x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHBzOi8vaW1naG9zdHMuY29tL3QvMjAyNC0xMC84MjUyOTgvNWM4N2Q1ZGUxOTdmMDliM2Y2NjYzNzljZDdlZjFiMTIuanBn.webp?v=1733064419-ZDZGBiR7r2T5iGxAMw4jOiRMcDWmKiyM_dlo6ncZH1o
Domain
events.kiosked.com
URL
https://events.kiosked.com/u
Domain
id5-sync.com
URL
https://id5-sync.com/gm/v3

Verdicts & Comments Add Verdict or Comment

444 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| buscarIndex object| html5 object| Modernizr function| $ function| jQuery function| cargarPortada function| cargarNota function| buscaNotas function| escribeNota function| escribeResultadoConsulta function| escribeNotaValidada object| dataLayer function| toggleRrss function| buscar object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue number| ntvLoadStart object| ntv object| prdom object| ntvValidTopWindow object| onFocusEvents object| ntvData function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| Nativo object| PostRelease object| ntvToutAds boolean| onFocus object| gtsur function| _defineProperty function| _classPrivateFieldInitSpec function| _checkPrivateRedeclaration function| _classPrivateFieldGet function| _classApplyDescriptorGet function| _classPrivateFieldSet function| _classExtractFieldDescriptor function| _classApplyDescriptorSet object| _content object| _paywallType object| _statusPaywall object| _paywallElementSelector function| _0x2679 object| newglobalOptions function| _0x549d function| DisableDevtool object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_reactive_ads_global_state object| ihowpbjsChunk object| ihowpbjs object| regeneratorRuntime object| IHPWT string| partnerName string| key object| gaplugins object| gaGlobal object| gaData string| portada function| __d3lUW8vwsKlB__ function| gtag object| sas function| cnx object| pbjsChunk object| pbjs object| ADAGIO object| invibes object| mnet number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent boolean| sas_useTopicsAPIData function| SasIabApi object| sas_ads object| sas_unrenderedFormats function| sas_render function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sas_addCleanListener function| CC object| CleverCore function| __an6na521li18__ string| MjQ0YTQ4NmY2MWY5OTYwYmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| onYouTubeIframeAPIReady number| PREBID_REFRESH_TIMEOUT boolean| execPreBid object| hbAdunitsFilter object| hbFilterCountryList object| ndgBiddersList object| apstagSlots object| adUnits function| isPrebidVersionGreater function| initDefinesHB function| execHB function| fetchHeaderBids function| _getGPTSlots function| markRefreshSlotsHB function| _markDfpSlotsRefresh function| _markDfpSlotKey function| _getRefreshHBSlots function| _displayGPTSlots function| ndgDefineSlotsDFP function| initPubstack object| apstag object| google_tag_topics_state object| apntag number| abPercent number| randomABTestValue string| playerBundle object| s function| fireScoreCardPixel object| _mgIntExchangeNews object| MarketGidInfC1081107 boolean| mg_loaded_578506_1081107 function| _mgWidgetLoad1081107 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint578506 object| _mgPageView578506 object| _mgPvidList string| _mgPvid string| _mgCanonicalUri object| _ADAGIO object| _mgUserPages function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| cnxResources object| onClickExcludes function| mgReject1081107 function| mgLoadAds1081107_16fd7 function| _mgConsentWait1081107_16fd7 function| MarketGidCReject1081107 function| MarketGidLoadGoods1081107_16fd7 function| mgReject1487731 function| mgLoadAds1487731_16fd7 function| _mgConsentWait1487731_16fd7 function| MarketGidCReject1487731 function| MarketGidLoadGoods1487731_16fd7 object| _aps boolean| apstagLOADED object| apscustom object| cnx_player_usr_storage object| GoogleGcLKhOms string| _mgSessionPages string| _mgSessionId string| _mgSessionPagesNumber string| _mgSessionsTimeList object| cnx_webpack_global_elements_546605 number| __ITGS_started object| lotame_sync_16576 function| ha object| cnx_usr_storage object| elasticApm object| vidoomy object| sas_snippets object| hadron boolean| __halo_loaded__ function| _33AcrossIdMappingsProvider object| __id5_finalization_registry object| ID5 boolean| cnxIframeDestroyerLoaded function| Viewability function| Interstitial object| newObj11563929 function| pub_ist_hd object| player_instance_bb23ee12d5194362944958dda8dcae27 object| lotame_sync_17331 function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| PublisherCommonId function| sync17331_aa function| sync17331_c function| sync17331_f object| sync17331_h function| sync17331_ca function| sync17331_j function| sync17331_da object| sync17331_ object| sync17331_ia object| sync17331_ja object| sync17331_s object| sync17331_wa function| sync17331_a function| sync17331_b function| sync17331_g function| sync17331_i function| sync17331_k function| sync17331_l function| sync17331_m function| sync17331_n function| sync17331_o function| sync17331_p function| sync17331_q function| sync17331_r function| sync17331_fa function| sync17331_ea function| sync17331_ga function| sync17331_ha function| sync17331_t function| sync17331_v function| sync17331_w function| sync17331_x function| sync17331_ka function| sync17331_la function| sync17331_y function| sync17331_ma function| sync17331_z function| sync17331_A function| sync17331_u function| sync17331_C function| sync17331_na function| sync17331_oa function| sync17331_pa function| sync17331_D function| sync17331_E function| sync17331_F function| sync17331_qa function| sync17331_G function| sync17331_H function| sync17331_I function| sync17331_K function| sync17331_M function| sync17331_L function| sync17331_N function| sync17331_O function| sync17331_J function| sync17331_ra function| sync17331_sa function| sync17331_ta function| sync17331_ua function| sync17331_va function| sync17331_P function| sync17331_Q function| sync17331_xa function| sync17331_R function| sync17331_ya function| sync17331_za function| sync17331_Aa function| sync17331_S function| sync17331_Ba function| sync17331_Ca function| sync17331_Da function| sync17331_Ea function| sync17331_T function| sync17331_Fa function| sync17331_U function| sync17331_V function| sync17331_W function| sync17331_X function| sync17331_Ga function| sync17331_Y function| sync17331_Z function| sync17331__ function| sync17331_0 function| sync17331_1 function| sync17331_2 function| sync17331_Ha function| sync17331_3 function| sync17331_Ja function| sync17331_Ia function| sync17331_4 function| sync17331_La function| sync17331_Ma function| sync17331_Ka function| sync17331_Na function| sync17331_Qa function| sync17331_Pa function| sync17331_Oa function| sync17331_Sa function| sync17331_Ua function| sync17331_Ra function| sync17331_6 function| sync17331_Ta function| sync17331_Xa function| sync17331_Wa function| sync17331_Va function| sync17331_7 function| sync17331_5 function| sync17331_8 function| sync17331_Ya function| sync17331_Za function| sync17331__a function| sync17331_0a function| sync17331_9 function| sync17331_1a function| sync17331_$ function| sync17331_2a function| sync17331_3a function| sync17331_4a object| Kiosked object| kpbjs object| _mgViewrate1081107 string| _mgUniqueHash1081107_16fd7 boolean| i.js.loaded

107 Cookies

Domain/Path Name / Value
.hasanjafari1251.workers.dev/ Name: _pubcid
Value: 15d1d42d-da7f-4d16-9ffe-f0773d87be5c
.hasanjafari1251.workers.dev/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.bankcardsms.hasanjafari1251.workers.dev/ Name: _ga
Value: GA1.4.988364793.1733064416
.bankcardsms.hasanjafari1251.workers.dev/ Name: _gid
Value: GA1.4.2113019506.1733064416
.bankcardsms.hasanjafari1251.workers.dev/ Name: _dc_gtm_UA-344727-40
Value: 1
.adsrvr.org/ Name: TDID
Value: df65a03f-4b82-4fcf-92ce-834a74e02676
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 233d2f33d68161e9b4f34868fe654da2
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQMDI2TjFKAxJmFoZmhqmWSSZpxiYWZhZpqWamJimJRgxAkO5T9oABAQBI1QqW"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBI9yl7wAAHABi4Ago%3D"
bankcardsms.hasanjafari1251.workers.dev/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22df65a03f-4b82-4fcf-92ce-834a74e02676%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-12-01T14%3A46%3A56%22%7D
bankcardsms.hasanjafari1251.workers.dev/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D
.postrelease.com/ Name: visitor
Value: e6ef7efc-f040-4068-94e9-562ef04fe610
.postrelease.com/ Name: status
Value: 0
.hasanjafari1251.workers.dev/ Name: _cc_id
Value: 233d2f33d68161e9b4f34868fe654da2
.bankcardsms.hasanjafari1251.workers.dev/ Name: _ga_8TWDKV9V2E
Value: GS1.4.1733064416.1.0.1733064416.0.0.0
.criteo.com/ Name: cto_bundle
Value: tlSVj196bVFETjREQ1plZ0ElMkJWNmlQaVVGQ0V1WlZkdnU0JTJCTzhEQ1NwcDcyOWcwM3AyTGduWGx6VlFZcUdyelNNYTRnNE5JTUhqM0VNRiUyQkcwZHNLSndzaG9nNkZwUGxLS0hQSTF5JTJCQ0Z5ZGo1T21GMyUyRkpPdjVpT3FoUk9hJTJCNFV3RW9INQ
.hasanjafari1251.workers.dev/ Name: cto_bundle
Value: L8NGR195bEZTU1FudjhHQ3lxN3RUZGNUUVZjWU9WJTJGMTVSZWYySnhqd2psaGZCOVpWS0lOeWlWcmNTUEp3Vk1tVDdxazNjYklUdHhEY3l6VHQlMkZCNEJRd2xaV3JmM1gyNE1NMTVqRlFPWFRNJTJGUDNaZ1pCR09PSkRhWmdHWnpnNSUyRlhBVTBhNUFyRk9SbnhkMm1ZYzg5VkJUamU2ZyUzRCUzRA
.hasanjafari1251.workers.dev/ Name: cto_bidid
Value: 6vejHV9CYktia2dYOEM3QTNQNWh5T3ZkeEk0MllQUnhJczllTFpnd1hKdEVFenlYOU5zNXd4eVJFd3huMjBXTExMVm1uUHMxMm5SbEZvdnlwNWd5eSUyQjJLVTV6eDk1dkk3OThISVJ3dDI5bjdyY1FNJTNE
.mgid.com/ Name: __cf_bm
Value: CxGnCRh3S6UwLiq.SpmSFlfyy2MUUZ0J4Ign4k1ydLc-1733064418-1.0.1.1-8JThwk1zva7A.gcz8tg2WVMgeuPXjtq6AXDsvoOImW.jdbbstu5OObKYTrZoaiiZNCS_41y8N5MPgm5mxAZ0HA
.hasanjafari1251.workers.dev/ Name: _ga_EKR7DSLH6Q
Value: GS1.1.1733064418.1.0.1733064418.0.0.0
.hasanjafari1251.workers.dev/ Name: _ga
Value: GA1.1.988364793.1733064416
.hasanjafari1251.workers.dev/ Name: sharedid
Value: 7c1514c5-f439-4d22-9dc4-9656b01ddfa0
.hasanjafari1251.workers.dev/ Name: sharedid_cst
Value: zix7LPQsHA%3D%3D
.4dex.io/ Name: uids
Value: eyJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiI0OTI2NjFhZS1iZDBmLTRhODMtOTk2OS03OTU4NjJjMDQ2YmYiLCJleHBpcmVzIjoiMjAyNS0wMS0zMFQxNDo0Njo1OC45MjA0MTQ1MzJaIn19LCJiZGF5IjoiMjAyNC0xMi0wMVQxNDo0Njo1OC45MjAyNDE2NTJaIn0=
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: ljt_reader
Value: Jwl2ABZHlwJPzee5T-uJbeMK
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: d21ac058-bcb2-5350-9986-af23fecad9c1
.betweendigital.com/ Name: ut
Value: Z0x24gAPGzAS547naC7X9matTZ3_Ap9j1AdFmg==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.bidswitch.net/ Name: tuuid
Value: 69486442-654b-4588-9b37-fc02e031a760
.bidswitch.net/ Name: c
Value: 1733064419
.bidswitch.net/ Name: tuuid_lu
Value: 1733064419
.scorecardresearch.com/ Name: UID
Value: 162e0125c2922e337ecafd31733064419
.scorecardresearch.com/ Name: XID
Value: 162e0125c2922e337ecafd31733064419
.prebid.a-mo.net/ Name: __amc
Value: 1_1733064418_1733064418
.a-mo.net/ Name: amuid2
Value: 3965aed5-0d1d-40ab-8d1b-cf15a30b26fa
.a-mo.net/ Name: pamuid2
Value: 3965aed5-0d1d-40ab-8d1b-cf15a30b26fa
.prebid.a-mo.net/ Name: psd_amuid2
Value: 3965aed5-0d1d-40ab-8d1b-cf15a30b26fa
.prebid.a-mo.net/ Name: sd_amuid2
Value: 3965aed5-0d1d-40ab-8d1b-cf15a30b26fa
.teads.tv/ Name: tt_viewer
Value: a33ebe3f-e300-4c33-a120-f341b6add745
.ads.stickyadstv.com/ Name: UID
Value: 6d7483223ee9285b74b68e6130fe6f11
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500046471%3B%24ql%3DHigh%3B%24qpc%3D33144%3B%24qt%3D152_581_33100t%3B%24dma%3D528%3B%24qo%3D6
.smartadserver.com/ Name: pid
Value: 5596743279597712944
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500046471%3B%24ql%3DHigh%3B%24qpc%3D33144%3B%24qt%3D152_581_33100t%3B%24dma%3D528%3B%24qo%3D6&c=1&l&lo&lt=638686612191800608&o=1
.adnxs.com/ Name: XANDR_PANID
Value: Rso-Gbi-YBAUFxgHy_CHdbeIpLHmRL2ZDQGtoFvFs1kS0JDBVGDf36DbK7CK-Vy8wa45uB-u9BR6Y1IjtZgNeFzUzt6atcYQoXWpH38aRnA.
.adnxs.com/ Name: icu
Value: ChgI3L5lEAoYASABKAEw4-2xugY4AUABSAEQ4-2xugYYAA..
.adnxs.com/ Name: uuid2
Value: 6984802009774031328
.connatix.com/ Name: cnx_userId
Value: 41e10f4484344f4cabf32abfc6e41c0b
bankcardsms.hasanjafari1251.workers.dev/ Name: cnx_userId
Value: 41e10f4484344f4cabf32abfc6e41c0b
.33across.com/ Name: check
Value: true
pool.admedo.com/ Name: tuuid
Value: a042d596-c8c1-4193-8090-cb06f0ff3bd6
pool.admedo.com/ Name: c
Value: 1733064419
pool.admedo.com/ Name: tuuid_lu
Value: 1733064419
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwic56bet4jJPRAFOAFaB2dhcHphaWRgAg..
.ctnsnet.com/ Name: cid_06b6d6d8b26543b399748ffd5188b3cd
Value: 1
.mgid.com/ Name: muidn
Value: ob1XymluZ-K6
.hasanjafari1251.workers.dev/ Name: lotame_domain_check
Value: hasanjafari1251.workers.dev
.hasanjafari1251.workers.dev/ Name: panoramaId_expiry
Value: 1733150819787
.hasanjafari1251.workers.dev/ Name: panoramaId
Value: 4586c8bac659c3b6b4d7906ac8cfa9fb927ad9cf8c12e0f78d2ba5a3d622f0c0
.hasanjafari1251.workers.dev/ Name: panoramaIdType
Value: panoDevice
bankcardsms.hasanjafari1251.workers.dev/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1081107%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221733064419838%22%7D%7D
.go.sonobi.com/ Name: __uis
Value: ad0e1355-7176-4eb6-bc45-52a3703759a4
.go.sonobi.com/ Name: HAPLB8G
Value: s8692|Z0x25
.colossusssp.com/ Name: gtm_usr
Value: e6b429a3-e437-4f00-8253-6b897c4dce3f
.colossusssp.com/ Name: lmg_r
Value: 74
.contextweb.com/ Name: V
Value: buSDwkN6q2Vn
.contextweb.com/ Name: VP
Value: part_buSDwkN6q2Vn
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1v2x|7Xz.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1v2x|7Xz.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 8c52ace57d70aa93
.sundaysky.com/ Name: sskyu
Value: d6.557c3d65b36e4a408b0b5cbddd97972d
.sundaysky.com/ Name: sskyCreationTime
Value: 1733064419854
.tremorhub.com/ Name: tvid
Value: 87554730bd2d4b968b42e1c00a2e5fb5
.tremorhub.com/ Name: tv_UISCX
Value: 41e10f4484344f4cabf32abfc6e41c0b
.mfadsrvr.com/ Name: tuuid
Value: 66230c4e-afe4-431d-bde8-e9a5ca4039a5
.mfadsrvr.com/ Name: c
Value: 1733064419
.mfadsrvr.com/ Name: tuuid_lu
Value: 1733064419
.doubleclick.net/ Name: IDE
Value: AHWqTUkV-hzlotBdzgt33mT4Mvl4Rs_Ut8QRZFQRDy2pyY6KYLsmIyV2SfVbCJ6GQmc
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNG5rbWViIix0OiJuaSJ9fQ=="
.mfadsrvr.com/ Name: ssh
Value: !bidswitch=1733064419
.sharethrough.com/ Name: stx_user_id
Value: 617fd5c3-4175-4be8-a5a3-5d8d001b1640
.turn.com/ Name: uid
Value: 8477176392545376485
.3lift.com/ Name: tluidp
Value: 2974361485253787731724
.3lift.com/ Name: tluid
Value: 2974361485253787731724
.yieldmo.com/ Name: yieldmo_id
Value: VzEYkccQmYclf0cj0815%7C1733011200000%7C0
.csync.loopme.me/ Name: viewer_token
Value: b2bcaee4-0e7c-4eef-82f3-c722fda911b9
.resetdigital.co/ Name: ckbk
Value: 000001696CBA3C16
.casalemedia.com/ Name: CMID
Value: Z0x25MAoJHEAACe0AwVLJwAA
.casalemedia.com/ Name: CMPS
Value: 1559
.casalemedia.com/ Name: CMPRO
Value: 1559
.bidr.io/ Name: bito
Value: AAGQvU7OmO4AABaVuOKVLQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.smaato.net/ Name: SCM
Value: e9454ed0a3
.smaato.net/ Name: SCMg
Value: e9454ed0a3
.adform.net/ Name: uid
Value: 2797689907580832387
.id5-sync.com/ Name: id5
Value: 5671c062-9274-7de1-8683-02b5aca5b29e#1733064416364#3
.sitescout.com/ Name: ssi
Value: 7a269d36-ce5b-49f4-b0d2-c95b60eacc53#1733064420346
.ipredictive.com/ Name: cu
Value: 8c283a19-3b48-48e0-b668-9d05ba3f791b|1733064420369
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTczMzA2NDQyMDQwNywiNyI6MTczMzA2NDQyMDQwNywiNjEiOjE3MzMwNjQ0MjA0MDd9

38 Console Messages

Source Level URL
Text
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18024/rafael-martinez-nestares-23236_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17767/jose-luis-cordeiro-3026_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18355/importacion-y-exportacion-47443_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17758/tortugas-2085_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18024/rafael-martinez-nestares-23236_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17767/jose-luis-cordeiro-3026_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18355/importacion-y-exportacion-47443_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 169)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17758/tortugas-2085_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/img/logo-eluniversal.svg
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/mcustomscrollbar.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/css/icons.css?ver=1.0
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/jquery.flexslider-min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/selectordie.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/img/right-arrow.png
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/afiliacion-no-ws.js?v=0.20
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/foundation.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/modaal.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/vendor/jquery.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/main.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/js/foundation/foundation.equalizer.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/css/header.css?ver=1.0
Message:
Failed to load resource: the server responded with a status of 503 ()
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 2562)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18024/rafael-martinez-nestares-23236_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 2562)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17767/jose-luis-cordeiro-3026_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 2562)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18355/importacion-y-exportacion-47443_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 2562)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17758/tortugas-2085_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 3866)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18024/rafael-martinez-nestares-23236_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 3866)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17767/jose-luis-cordeiro-3026_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 3866)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/18355/importacion-y-exportacion-47443_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/(Line 3866)
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/17758/tortugas-2085_400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/fonts/robotoslab-regular/robotoslab-regular-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/fonts/roboto-light/Roboto-Light-webfont.woff
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/img/iconos2.png
Message:
Failed to load resource: the server responded with a status of 503 ()
security warning URL: https://bankcardsms.hasanjafari1251.workers.dev/
Message:
Mixed Content: The page at 'https://bankcardsms.hasanjafari1251.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://mmedia.eluniversal.com/archivos/portada_deu/portada_deu_20241201.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.3.8.2&h=www.eluniversal.com(Line 13)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://bankcardsms.hasanjafari1251.workers.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://bankcardsms.hasanjafari1251.workers.dev/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0004704B4170000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security error URL: about:blank
Message:
Refused to execute script from 'https://c1.adform.net/cookie?redirect_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D46%26ev%3D41e10f4484344f4cabf32abfc6e41c0b%26pname%3DAdForm%26api-tier%3D2%26uid%3D%24UID&gdpr=0' because its MIME type ('image/gif') is not executable.
security error URL: about:blank
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=5596743279597712944&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.vidoomy.com
aax.amazon-adsystem.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yieldmo.com
ap.lijit.com
bankcardsms.hasanjafari1251.workers.dev
bcp.crwdcntrl.net
bh.contextweb.com
c.amazon-adsystem.com
c.mgid.com
c1.adform.net
cadmus.script.ac
call.cleverwebserver.com
capi.connatix.com
cd.connatix.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.mgid.com
cdnjs.cloudflare.com
cds.connatix.com
ced-ns.sascdn.com
ced.sascdn.com
cks.connatix.com
cl.imghosts.com
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
cs-server-s2s.yellowblue.io
cs.media.net
csync.loopme.me
d.vidoomy.com
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
events.kiosked.com
fonts.googleapis.com
fundingchoicesmessages.google.com
g2.gumgum.com
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hb.undertone.com
htlb.casalemedia.com
i.ctnsnet.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
ins.connatix.com
jadserve.postrelease.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
mmedia.eluniversal.com
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
pixel.tapad.com
postrelease.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubads.g.doubleclick.net
rtb.mfadsrvr.com
s-img.mgid.com
s.ad.smaato.net
s.ntv.io
sb.scorecardresearch.com
script.4dex.io
script.google.com
script.googleusercontent.com
scripts.cleverwebserver.com
scripts.kiosked.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
servicer.mgid.com
shb.richaudience.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.colossusssp.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
t.pubmatic.com
tags.crwdcntrl.net
tags.newdreamglobal.com
ui.cleverwebserver.com
us-u.openx.net
use2.smartadserver.com
vid.connatix.com
vop.sundaysky.com
vpaid.vidoomy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www15.smartadserver.com
x.bidswitch.net
a.vidoomy.com
ads.pubmatic.com
bankcardsms.hasanjafari1251.workers.dev
capi.connatix.com
cds.connatix.com
cs-server-s2s.yellowblue.io
cs.media.net
eus.rubiconproject.com
events.kiosked.com
ghb.adtelligent.com
i.liadm.com
id.rlcdn.com
id5-sync.com
ins.connatix.com
mmedia.eluniversal.com
pixel.tapad.com
s-img.mgid.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
sync.intentiq.com
us-u.openx.net
vid.connatix.com
104.17.25.14
104.18.10.207
104.18.26.193
104.18.28.101
104.18.41.104
104.19.131.76
104.19.133.76
104.21.67.22
104.94.117.85
108.138.106.108
108.138.112.90
108.138.128.46
125.253.89.182
13.224.214.30
135.148.152.193
135.148.2.48
141.95.98.64
141.95.98.65
142.251.111.97
142.251.163.154
142.251.163.155
142.251.167.156
142.251.179.100
142.251.179.155
142.251.179.157
143.244.222.249
144.217.180.146
15.197.193.217
172.240.155.116
172.253.122.105
172.64.146.152
172.64.153.183
172.67.183.31
18.173.132.23
18.238.58.231
185.167.164.52
212.36.83.246
23.105.12.142
23.212.249.78
23.218.218.157
23.55.205.47
23.62.164.208
2600:1408:c400:2a::17da:da14
2600:1f18:612b:4232:8ca9:c496:ac72:a035
2600:9000:2840:6e00:1b:5138:8a40:93a1
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:20::ac43:4bf1
2606:4700:4400::6812:22b2
2606:4700:4400::ac40:9a09
2606:4700::6812:1691
2607:f350:3:2569:0:10:0:200d
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c09::65
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::71
2607:f8b0:4004:c1d::9d
2607:f8b0:4004:c1f::84
2620:100:a00b::12
2620:112:f008:200::101
2a02:6ea0:cc2c:1::4
2a02:6ea0:e200::17
3.168.73.15
3.87.46.209
34.120.63.153
34.193.195.41
34.225.46.123
34.228.175.96
35.186.193.173
35.207.24.140
35.211.202.130
35.214.196.202
35.244.193.51
44.195.166.242
44.205.182.185
44.239.49.12
52.2.11.170
52.223.22.214
52.3.197.195
52.36.224.135
54.205.12.230
63.251.28.230
64.31.35.94
68.67.179.164
69.194.240.13
74.119.117.17
74.214.194.131
8.28.7.92
96.46.186.57
00d3068dc1c43d409908753164b3dca5ec57bac4ca194347deed14e9f3cc2711
037107d3308c52c6cf446467999c91b8307b71cfb872a431b5041c925650173d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0797ff7fa6ddb49cdab0995664341ee69c21ec76b6366775a4add92ac24c89ec
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0ec253fbc9eccd73fabf70a10b23ba41678c0be534194a71d070dd28eefb51a9
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
14a792da027d83ff5e0624cb70e627556d430ebe1298b61cb40078d2db05f61d
16309217065405d22c0f84c89137bfd8894c1f8f603052535e87a29a5b664608
18176153925d264c6f02239bd7626009b32136298d650aab02edbd7d9e0652ee
197d03bb80cacf072a01054a2cb749c3db7e110284f8203fb77c429a28e7b2dd
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67
1faf12abe8a9abadd1dfee60ce21de3f95f5f49b0f2ced305ea2a90302425a34
239f24399aae464ead4e601be3c4a4eb9f4ef2424e900a9c4d862814d07289ae
2432b315f5d1906ef7e21c71708d376dbaedb44397d39358cc0b79c7b268eedf
24bdc34d2258e5a5f45211b50ff265d82bd0aafdcb5ec03243b8e12102038c10
26549bb2d200405654c95eacd379f11d1216689be4d50862eccb218256e23059
2832c1f6aecf66c8c1564108db8e5f11ebd85f82f58646e60e48d369487f9b82
2870681d55d58474a42d04d90ecf575a271dfd2fa4bb93e8b1c8cde867f9dbe9
29858d408516c5601f1557bb3367a51dce58af8e606da9f9dd505cf33edbf424
29aa85d1113f27b49ad59cf950473c1aca5b8ed1229db044aa3a7307a5b7445f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b8e916500a9a1817a005a3bbf922015cafe101a5c0d70305f12eb05c3dc6569
2ba6a0f4a6093e54c5415326258758beb93cbf1a9ae05dc561224305fcb2193f
321fba50919529e4bec2cfaaac7bd82c3d88120a8a30968769031027f3eaa178
34bc72811f208b5c16bc07739eab6e7aca69b1f191d1b83a38ac924154bdf2f4
3549833fcca4a65bdda7574e82cf61cfe719b8d240ddbdcb7cbef7a12ddcdd73
37a5cbf318b7d6a01a107da718fee8ad1592b421527a17b33e7707dd327e4452
387f93640f39d80315b40b6c8a9702b7a0bd642cfaedea25c2a4f32e4638fc26
3aeeab3ce61c2d3f6e062268782400525520bd95b12809fa81d243f9a6bf36ea
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3c1cfa7996e39c5498a0ee11cb95b7193ac5e95641a50f0a7d9a353a2c7076c7
3de4037d5a3372d5687e8e317bba4fbc288a2ea323604c912133eba7770093f5
3fd20e011c595b33298ad7ad1e1a727043253c1b1c30b562f124fab03af0c0d6
40fa790afdb3a1673b312dda9e0150e1fd3e54ef2bd07d5ced267950dfa3a652
421944cfcb82db447af1669be631f6e474df45749095e807d518e69e56d329cc
42690b60d8bfa99abf8bd783c5d767757f7e0f6a0a760cf0543e93d9c81d2c85
4311cd24befabbcf2dc911af9f25e5e77ba60457d725fb124e2b742782918999
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e127fda057c630c2bdc346a57335fc9ee08fd838bb0db5b60f78401e72a5b1
44ff2840d5a1e3d75ad0e90ffc111f10c1eae820b869867a473c26f4923799c1
47324c8333704a443c43f731f033c673cabf441b84147b8452cd8b551b6562f4
4754ca3f6ee3f1d25ab4b0c9ed9ba829db93e3ff0d5d84edafe1c13230f956c3
48c0ae849c5b482f3caedc129033c412b7d394ba4aea7d0788c88f4a9185cbaf
48f8a5483031ccefbea09c7f1ef226ed1551ab3e85afe97b925e9353c191c092
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a9a5b8031633966c7125aef9f396803d22d44b8dcaa57187f83a51cd97edae6
4abc89595b0165a015a69d99e6420a0547d55302c6e71237170633af155174d3
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4c8f6ccb1edd844c1d4380b9cfc6aa83efe1e0d9342d55b2934d1e4332616cfb
4e87e12290e07a2a91438f8de3696ac9ef78a0fc362081b1905482af2b1ed5db
4eb818e57c8023d5cb1fb6cc095be956fcd34b59849fbce9f136469c89e55857
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51480d4c0957eca57c7dfec14bba9f3071d279eacc042141c27dc4d5910fda00
554d41b07ae5de8cb61b9f7a1f6bda6128ac6e924a09734fba8142adb83b982c
56026585b93261fff004ebdd07bfc05fd25c8632ad3264d6173e39395299e8f2
5607580d9595cb7f60517c16f6ae14d3a68d421e3722f437d1c8ad670e3d5a2b
56afd535ef65488d2542eaea94613270c9b7125ea5961760c21e256bf8d022dc
56fb86d599e41968b4ce853040f4976762883abed9e19724960607f066421dcb
576424d99a74cbd225dad1f455c86d68300d13e83ba2532e60301c64587c5b27
579ad1151ce1ad2c8a541c68124fb54987b10b6e4b6e9e521c363c352fa3e824
585d69893f04da4408c2a0cfc12dc8b42fc026cb08e3eacc90aa05d5f21335a4
593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee
59decd06cac05a217ba80ae5de32bafa9ebdc25a8f5a7081a07d887818fb3e44
5b54ecd637983e79a3857c683f2c41e573186b42efbbd38902d5f27e6a3a64d1
5dec90bba3a0d821f330675fa80cd98d0a331740f16ff32d3197c6397e448ff0
5f5bd3c191c542f7768d9b2e28a52ee98b7044fe16f90ec1e6def50c16e0c5f9
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6344fb6659a1fd0bb88dc739f8aba5f3af996d91cd290f45ae2dcb8fbbf79e64
6395ab1f23a1253c07e42753ea9a6d5a6fcd0c6ca4df437a001cc4174f23a6ef
64c583761c94f41e31ff697347b1e0bf3b7fe373b7c07392cc633384332e9457
676e6d305cf451325f19e9f7566cd656090f23b9d7ae54e9032601c3d395ce44
684d825d8b7097c7d169cb2c7c8fabd52b86d65bdc480a35034d05f73bb4d66d
68a2fb93b5a9e047545ddb22a1c04f5a3a3588461169b52140e5f4c13c02dd1e
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf2bb6b1228b639d2c62369daf6ea8e1a10cba6df7059faed8cdc0db87d3e42
6ccdc814696d3cce7103ef2d02c99cdacc4d19f59093abb7608462831cda8e43
6e78d66dceb735565164965c6074c76349cc32f6c59d6b275d3bca0a34ccf654
6eeee47f2446ddcfd56491017b913dbb7fefcfd7fd96bc7d89ad9de77588a306
6f687b3693207efe2a4e08c756bc2a084014d54699d97af4e41d174d6d0ae326
708d5b3ba4f57bdb6eeec6dd307e1fad10f210705984aa761e6ca88132b3d98c
70a815c13afba8d66c57f19fdf1d7d2045e1d4963bbcb649086865f41cc55a4f
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
715397efee49a889fd7e0813dde253d66e5e27cdf7732d0a652377d861cd6aeb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75ebe4ad08addf6e256cd084d796525965a78530fa77f0bc7c1a5623f1403268
7774ec31c78588962b254cf1058d954148d9a248372fb0a209eca8a4cf59da79
7777455901b2016f450d31ab59d107c9090731790538c60e4bc50b8cae066f36
7839276c6d4c7f5b1c033828e4a21929788349c14dfb2d71a1ce78b4dd52c741
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c50e6f87315e0af6968d0f585d6e43298646218c78e07da803e9dddadceb5a
7c5e6766c9466dbece5425fb9e47533f33fa43040bb4cf40a36c02ca2f3b5272
7cb36f8468c1afda927bafec4d5707fefca52996cd385931d6ddda353cf47b29
7e7997c8062a0360a7ce71c0f7a3beafb7911a980adb5cb6565b2e9d44bd23b8
7ec5cd688334b2823ab8a297afe7d95d1cb23364fc5cc728f92548d640e63955
7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978
805c8b580569269179b31415dc3603fa822ea71b24d0c2fe7a25797685c4f80b
843547b2d8fadbb510353399d87f9b765701269cba72e1761d4ad0e841006cf8
849cf10dbbed1f5307b1ba08f3e98d73720d3d40ea9547e8000dde1906c2a734
8629be494230793703e4c414853135bef02c392bd619732d6eb04cf32aa70f61
875a645667f482ff079187784ae37413a12e7edc2aded0b535ce029db0df99dc
88a5abba35b9857ab2bbe2d64dc99733fec51f2c65addd2cc246801b87414746
89d4cf2c1c8be977e55c568d944cd8d93fe26cb94ddb1492839a17275928436a
89f9d181d628acef04d7d165884e11cb733ffefe1e235ed58f4f5269b4b341a3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7166614e6ccb6484695ee26204ccc3036e10b6563e3a7b89c46769f4b11c36
8abc71ab27fb300becb995a990e4daf11654c3a01d2e228b27f36ddd4c315b97
8bf6a137a4e08aa496cde185bff2257eeefd38c4eacd56d3fa579543af6682ed
8d421553afa9368b8f95a052a1716d3e654017fd6780e8e7a1e225ac4a252762
8ee2e2f462afa9e6400a69080176e994ffe3e59d45220e9b506fdc5aeaf2585f
8faf9d807598e70825c61abb85de97418a655b91a3515aeddb78e7dd178df4c5
9052edc3bff2b191d321f54706ec8d7e8a1688e8ec9c2955aa0214cf53340eaa
92211da6b90f0d9c9f84b11c71a632ed627f3a5b1a38aeb453f2931218eacca1
936fc37d70f468cebf39bea119a37ecfa8fa7031a2dd75cd233efd5b1f13b84c
9416c6801e626df82cf38530f87235e4ff497cba3aea9f394978a77bb105a575
94822b74d45de47c1ab78238b436ce16a0043e4220d58c08da3ba70e4beb1a2d
966a8421df082b4dfde5790dbb6174025661a8a33976e431f8a4a7207e19dc90
99bc7258134f4407f9f5150e1f93c3cbfdc6eefa1290276eef1e39c0fbf71f4e
9a5334f12986c4e304686dd9d44d24bf655c67dcb64dcf3912aeda51cd8fbe4f
9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d
9ff6b9a349fa126dbfcb3e7320a9ad405fe1ec7b084078d3c12536fb5db33e29
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a070eaea6a65fc9bc950eed067ef3f392f18af000859367a57358785ca3f6a80
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a4d0e9b219fe818cc582c73b1fc34179ce64237b820c5cedbe23b117757e946d
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
a82501447d104a212d6e861c4aa368b9e9a87f122857386d1312967e541d600f
a8bfb4613ee191dc7420b756a26db3a17afb2a2fdb893c0ce3e6d32a6f2b4f40
a92ae2fcfdda4cd0c75c7b62578d96ddce3b8cb62a21e95c3339473942dfe901
a973e499a4929f6c1d2faa35f1eef7698d95217c96d2b31046b4a28fee9a492a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aacfac1c1aca1cc5f87f0cbb073e0f44ab66fb0dacf414c18fd55ed2068f0ae4
ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4
ab2faa81caffa4d229a4cbf0c53d1f6f43d988bdfc5351cb5e0b0bc44e418f20
aca92e3bb206118e38753ec00041d0e430d6b83f331f829614be67b691053997
ad7480eaa99330b13140ba5613bf81cebbf02af5a929f209e924293d9f432159
af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b357504b3e1658ae00ac58505708c0249955d5a01abf6e0cb16f2af5e87a7411
b3cd7c7dcba17df7cb7ff7f69d3c0cd0237148eb135ea6df6b2ddce184743f35
b5078fe3251e3f037b896dffa0fbbfdc2450d21ac8da9e3794f77aed7a1a7918
b79638e26b4124ecb1fc840d9cb1dca3ec64c9b35a83ecf1e6856b3c76b44cee
b84f329f92f5ac8a851010b32dd9cf4d01e243bb19f9b005354fd8bd1a3da83a
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bab691a33cbffcd3ed1881d6c3d8f436010d505de3e83e92f4c57a5ed27bc1bc
bac74f4ef0abd0c201ccfa987deb8ce98b4904afceef5db63aacad225930e8e7
bb3c5eeb49fa3dff2bfecebd7f56e8ef3c6b036b2743b40874fb3b8279054db6
c17208d7d8d1e719d27778df90299f855b6aa82dc576ee5820fe2ab525b42620
c2d2cb5e64e2d1fdbd312d724e5d49359a55a2d90373099d56d83853e2e5385a
c4db621709f4a919193ccf084cc430d473a7374141f1ecf8393c32dc63ee1f62
c7bcb31c4e035377e2897b510ba323d68506b2f1a7ce4c49bc6be10a8b02f399
c8ee659a7b202046658e2929dfb663eebc5d7a54506f324251f1d1ce8928fb21
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7
caf84d2e8da27f328180acc0f3f36766c1ff2a4acef7ccb077b81d41fb00be52
ce652a6f02f6574375e69db7945de0f0d95bfce9f7f83f7649a5a455f4d6d4da
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
d038302b0d31aa16245735f2dc0ed1303003924fbff2fcee640d6b4865f76b69
d18d411ff2621a54511e63937b7b8ad861c520a948729843ec3081eebdb00356
d1ae8d97ada2e0f1e617d2732a878365f77a0d5643c5c12fdd24d6dc4340d45a
d2a5234bce13a180300a5d769a7f019782b1cd5c4e9a2079428b2456f9191896
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d87bac2ac64fb24ce0814432e2212e5e35e75ed8239a0d76553c8e726151f1f9
d8fbc75bf816402d96ced7ea46135867c607b3cbd93666914803168f35a4e278
db5c06bb7f5858662f70e077be07ac7987d2ea993a1a5057d06abdeb7581ebd6
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dd45757e8173ced9d4c2fabe7038112341fcb21715423d989134527c0189304c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3db2085372c748a009bcc5621c3f718432dc69ce0e429203ee8d791b3f5627
e249ce56d4576a96b66899009407aaa9dc740e18aaa62a008fb8eb5aab955a44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44b440e32cbf1fb87df04971dc49047ac778e78721f2d208a06f23ebebd50bc
e49a1ba7f8148c3322d0dbef05b88801eed3b5c672ac7a9f13e2ffbebdfbf712
e58b361465b451cfe4628d7a0dc074a1d33b5dcbf1f8a22a7b75bb3f63e784bd
e5da9d365523cd94532f51ebb3a53007f13fca96a1eb733f510a10e4dbcab38e
e79eb85c3d0c5d8ef7acb0014e79912eb4f9682b35430314362a2520a891ec2a
e8518c82d177d445c74f072467643280c30c0c6d0734354fa9d17e1bc219982e
e87520999fa41b89eb9ee1be2d61297d4ae85402366ee6313032d3bbc473ab9c
ec57105758c7d5cb3d6f1b57e618a5a5c2a082542baae57ba905f9137d6f5974
eeb285157ca4bfbf19f912c7589f3ad722516959ff9e05091cdfe47b08512a7a
ef2bff82ea7357e2213a20261e84fad7e4017e2733e35fd148b9f7f6c97555ff
f07cfe8931a5608a1cb198c6747e2a2e88407fce06b79173cb3c9600e5104c72
f3ad0f93d95c5eba26fbf83e44e895d1cedcd144c921494debc4da6e5ef4a9ef
f48c5d349a73b41850ff4349fc02a2e43f172ecfbb5efe7e9437e6ca38403178
f4dce201f06b074f529d77e626ac5685f84bbcb4d7113877e20ff4b293a7beef
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8fd96f3e3edbf81c3986029a171cf00edc2f5726f8085289c24a40dcb0125c2
faa493371e9749cfd0352795c4e8452c36eed75d898ae5f65de4d0174818b9ce
fb4105da1425312b6ce29bee1f2f15fa79ff653149602d36f9d23debe4b7a5b5
fb5f2bc79650ee953abbe18755625aaffdffccc547ef50f94537bd9c6154e8d7
fc781d8da1fc37a00dd98b6fb3698f98520da95f454488ab85b9024ec78e19d4
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffaec73d73ed15dda2c238d56d1aab8c09b7c496f0282c820c348866d5ae024b