salamemanbetoyareghadimi.online Open in urlscan Pro
188.114.97.3  Malicious Activity! Public Scan

URL: https://salamemanbetoyareghadimi.online/
Submission: On October 25 via api from BE — Scanned from NL

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 80 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is salamemanbetoyareghadimi.online.
TLS certificate: Issued by WE1 on October 20th 2024. Valid for: 3 months.
This is the only time salamemanbetoyareghadimi.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spark (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
40 188.114.97.3 13335 (CLOUDFLAR...)
4 146.171.248.36 2570 (TAS-SPARK...)
2 157.240.251.9 32934 (FACEBOOK)
1 18.245.86.119 16509 (AMAZON-02)
4 142.250.186.136 15169 (GOOGLE)
1 66.235.152.221 15224 (OMNITURE)
8 50.16.211.97 14618 (AMAZON-AES)
2 142.250.186.110 15169 (GOOGLE)
1 173.194.76.157 15169 (GOOGLE)
3 142.250.185.66 15169 (GOOGLE)
1 142.250.185.206 15169 (GOOGLE)
2 157.240.0.35 32934 (FACEBOOK)
1 2 216.58.212.162 15169 (GOOGLE)
2 3 142.250.185.130 15169 (GOOGLE)
4 172.217.16.196 15169 (GOOGLE)
80 16
Apex Domain
Subdomains
Transfer
40 salamemanbetoyareghadimi.online
salamemanbetoyareghadimi.online
4 MB
9 takingbackjuly.com
august.takingbackjuly.com — Cisco Umbrella Rank: 281148
june.takingbackjuly.com — Cisco Umbrella Rank: 204248
42 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
192 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
279 KB
4 spark.co.nz
www.spark.co.nz
160 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
74 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
1 omtrdc.net
sparknewzealandtradi.tt.omtrdc.net
496 B
80 11
Domain Requested by
40 salamemanbetoyareghadimi.online salamemanbetoyareghadimi.online
8 june.takingbackjuly.com salamemanbetoyareghadimi.online
4 www.google.com salamemanbetoyareghadimi.online
www.googletagmanager.com
4 www.googletagmanager.com salamemanbetoyareghadimi.online
www.googletagmanager.com
4 www.spark.co.nz salamemanbetoyareghadimi.online
www.spark.co.nz
3 googleads.g.doubleclick.net 2 redirects salamemanbetoyareghadimi.online
3 td.doubleclick.net www.googletagmanager.com
2 www.googleadservices.com 1 redirects salamemanbetoyareghadimi.online
2 www.facebook.com salamemanbetoyareghadimi.online
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net salamemanbetoyareghadimi.online
connect.facebook.net
1 www.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 sparknewzealandtradi.tt.omtrdc.net salamemanbetoyareghadimi.online
1 august.takingbackjuly.com www.spark.co.nz
80 15
Subject Issuer Validity Valid
salamemanbetoyareghadimi.online
WE1
2024-10-20 -
2025-01-18
3 months crt.sh
www.spark.co.nz
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-19 -
2025-06-18
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-03 -
2024-11-01
3 months crt.sh
*.takingbackjuly.com
Amazon RSA 2048 M03
2024-10-13 -
2025-11-11
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2025-03-28
a year crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.googleadservices.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 5 frames:

Primary Page: https://salamemanbetoyareghadimi.online/
Frame ID: 6C59CB4FBD9767715D1C675C978CF089
Requests: 74 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-62VXG698NS&gacid=1272596182.1729833853&gtm=45je4al0v870015383za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101823848&z=1651019422
Frame ID: 74841430359C29CC6BBC2B9EC78EBE18
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/973125260?random=1729833853892&cv=11&fst=1729833853892&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E4443506DDDE6035457850C9C455C689
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/973125260?random=1729833853936&cv=11&fst=1729833853936&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&gtm_ee=1&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Frame ID: BE66E25419E21D4A90FBF5221CDF5769
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsalamemanbetoyareghadimi.online
Frame ID: AB316C318FA265D231491C4C6F86399D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Broadband Internet and Mobile Phone Services | Spark NZ

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
  • /etc/clientlibs/
  • /etc\.clientlibs/

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

91 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

16
IPs

4
Countries

4861 kB
Transfer

10093 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://www.googleadservices.com/pagead/conversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0&ct_cookie_present=false&random=677057765&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgMqEo-WoiQMV2Jn9Bx1qhR33MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUv HTTP 302
  • https://www.google.com/pagead/1p-conversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0&ct_cookie_present=false&random=677057765&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgMqEo-WoiQMV2Jn9Bx1qhR33MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUv&is_vtc=1&cid=CAQSKQCa7L7dqMh0Q-R3TYTlVa0MaO60CGBTLn8BKAlJFdX1kvjJN3Eg-m8Y&random=3563784581
Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973125260/?random=2124209649&cv=11&fst=1729833853936&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&gtm_ee=1&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIlvmKo-WoiQMVtZz9Bx0aDwjrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUvQlhDaEVJOE9EbnVBWVEyOENyLS1mUnJzQ21BUkl0QUZZVlViME1hY0paci1sSXdhNVZPQmNQTGhJZWpwelJUWWVCaVMwSWVxS2RpcVBmWGVZc244bk9YLW8x HTTP 302
  • https://www.google.com/pagead/1p-conversion/973125260/?random=2124209649&cv=11&fst=1729833853936&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&gtm_ee=1&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIlvmKo-WoiQMVtZz9Bx0aDwjrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUvQlhDaEVJOE9EbnVBWVEyOENyLS1mUnJzQ21BUkl0QUZZVlViME1hY0paci1sSXdhNVZPQmNQTGhJZWpwelJUWWVCaVMwSWVxS2RpcVBmWGVZc244bk9YLW8x&is_vtc=1&cid=CAQSKQCa7L7dRZ7exB9ppvPcOMiDcXNIYEWRukAfqkF1sOA3u1Y2cAXHk5Jp&random=3451886153

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
salamemanbetoyareghadimi.online/
127 KB
18 KB
Document
General
Full URL
https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c959ecd759f00fbe2a2c0bd9492bba38ee22a6c18ccc364151ebe15b914e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
8d7fc7527bce66bb-AMS
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Fri, 25 Oct 2024 05:24:10 GMT
last-modified
Fri, 25 Oct 2024 05:23:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcsbHxSq3rwmKOP7xB%2FY2E9xCxJjD71Ixgx%2BIoLe8MkKWW4GzcpwwbECBSM4d7cafc%2BBccbptKGpVJ1ijtdX4jFf939rs0aqEPcAaAZBHeOegwTrTrUMVjjrjFoh8t7HFju%2Fd1tlagwEg39MWE%2B6G3H%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13071&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4175&recv_bytes=4494&delivery_rate=726&cwnd=12000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=1539&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
main.css
salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/
11 KB
3 KB
Stylesheet
General
Full URL
https://salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/main.css
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f67d403afe57df8c4941bbd977715a916142489e79419bf9c420a13584513c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2Fnh6%2BCHDS0OdYBvsAOQwfyXqeNFejVO%2BOY7IBML4vnkTZzF9OJEK%2Bk%2BG1eETGcDJStZmEFQC4w9kLp%2B8K9VV2k9kV0L7KiHkVnq27%2FWUBTRdHJIvJAbAH0Ah%2FvAvl5oazf3Dj0jBNSPr90zmrGYPr%2Bp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13534&sent=49&recv=36&lost=0&retrans=0&sent_bytes=43782&recv_bytes=11512&delivery_rate=9902&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2764&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 28 May 2024 05:13:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c7c66bb-AMS
accept-ranges
bytes
content-length
2386
server
cloudflare
jquery.js
salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/
289 KB
87 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dd2080ab9f46659b9ceb72fd93def941195e854ccfa6b5409a20c40a0425bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfYSHzYC%2FdhPf8TK9lfAOWhQ8B0ymE41UOAMcxQ572kOC71hUPiVxuOL6%2BiqL2QFTJHWUOwm0%2BzQVBExV6%2FIG8F90qFs1xPzDg4W1%2Fr6%2BiFA9TUHArP13UMluAbvp7SR8VygB65o4tZFfrAWH72cW39D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14074&sent=84&recv=59&lost=0&retrans=0&sent_bytes=79896&recv_bytes=13536&delivery_rate=1298345&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=3336&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:12 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Apr 2024 02:55:43 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8066bb-AMS
server
cloudflare
utils.js
salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/
47 KB
11 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/utils.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f395140cdd1f50b8aa5ed94160888952771aa7c3de5196908e782a28276a057
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UjlETmxyxg8tnFNt2q5APF%2Fnqlwagnuu9AWXSVY8ldH8S0HqBWFHgTEunJhzU4%2B99%2F6qwlDyIoqrIuIvki8jDHvtJRMEwJrRPtqX0QjBoD0Kj7ofl5pV0ojS0lqOaTt3y9ZwaqTNk%2FSdnOhdzNAgSqo"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14061&sent=30&recv=31&lost=0&retrans=0&sent_bytes=23054&recv_bytes=11297&delivery_rate=422387&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2744&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Apr 2024 02:55:43 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8466bb-AMS
accept-ranges
bytes
content-length
10807
server
cloudflare
granite.js
salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/
10 KB
4 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kM7CL%2BfpaFaJED3uLCgzpJKckjjpy%2BdxESTae%2B%2Bb9SAur8pyCWNAoGbUk88LFOVBoGY7Xb4VZQM9g6MWbFX%2F0xoy5ZXCjrkHWMTIACegX2rIJAFZOaxSF3tw1xoQM5wUzaSklqlg%2Fjw8Kf%2BqUbIH3cKD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13614&sent=52&recv=38&lost=0&retrans=0&sent_bytes=46956&recv_bytes=11598&delivery_rate=13494&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2765&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Apr 2024 02:46:18 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8666bb-AMS
accept-ranges
bytes
content-length
2974
server
cloudflare
jquery.js
salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/
16 B
732 B
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/jquery.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRxrXp6IqmF2nbiWgqV%2Bv0r7ZMUCRhXx2hzQFmRFTXMqxB3WcNreUxw5G7%2BC4SqqPGnntKU36KFqtzfF23SDSurs4fh49ePO%2FHxYQNhKqRRyxXIvsj27Y65upDmW3eZUeqUC%2FQMwaYtA7aQCKDyjVEGJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13802&sent=58&recv=39&lost=0&retrans=0&sent_bytes=53077&recv_bytes=11641&delivery_rate=15514&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2767&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Apr 2024 02:46:30 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8766bb-AMS
accept-ranges
bytes
content-length
16
server
cloudflare
shared.js
salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/
26 KB
8 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/shared.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786e429789593e3a89d19e4869805c23a417449163acb5f3388d6c3ea3901d30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvJehiccBkKIh%2B5RR9a%2FhQpqUjPUrZbENNOJ64tuZt136o1Ys02l%2Be7UCBKQDMhknWDUqiVqDFfnDibIWdOa5XQybulAPdu7Wl%2BBGBEz%2FJDJLkg0akzjLnKaalOMpPLH4LwLjLSuxEJS8pflzMoQg%2B76"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15066&sent=62&recv=46&lost=0&retrans=0&sent_bytes=55115&recv_bytes=12444&delivery_rate=10353&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2797&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Apr 2024 02:46:30 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8966bb-AMS
accept-ranges
bytes
content-length
7273
server
cloudflare
main.js
salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/
10 KB
4 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc.clientlibs/foundation/clientlibs/main.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6759b81453a6cf9c095063879c5be864a706af674c6e79a555d8e9d57e119726
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHKBik4pP0xcSdB%2FdbT8qAHVfrBXXNvHqhJG7cmiWpqNtm78SbNEgBh4CfHN4u8hY4BJKjedQUPZ4sfiQHD2ro4Jog%2BDLtMO7yt9VRrTPtuz%2BxyZI65Ym6EGf1ZC5e3ufO2mc%2F3BYz4ioxcjhFdjkeKG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14061&sent=40&recv=31&lost=0&retrans=0&sent_bytes=34819&recv_bytes=11297&delivery_rate=422387&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2751&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Apr 2024 02:46:31 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8b66bb-AMS
accept-ranges
bytes
content-length
3456
server
cloudflare
clientlib-all.css
salamemanbetoyareghadimi.online/etc/designs/onespark/
840 KB
111 KB
Stylesheet
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.css
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934c1c0474bd19feb129e9137984bc634cb53bd410b491a6b8b27c26383359bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whcR4f%2BH56qNpQ0wMdfS1EX6hX7etYjEfnCOGqmxkQcv6THiMy9tm7qnwc4X1ThJ8mQVfFV5dgwTtVgWsw%2FKpdVsWi82xqFdhDdmjGh8XLbbwWFwQi6XR4HV1KGSuCbGJZMsH67h7TPWjtrGJJjrmClo"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14725&sent=97&recv=65&lost=0&retrans=0&sent_bytes=95093&recv_bytes=13800&delivery_rate=951882&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=3363&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:12 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 28 May 2024 05:13:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8d66bb-AMS
server
cloudflare
clientlib-all.css
salamemanbetoyareghadimi.online/etc/designs/sparklabs/
10 KB
3 KB
Stylesheet
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/sparklabs/clientlib-all.css
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a33b1b08faa141fe7a21f91a0f8bd26fb72c4f6ab530de586c1890efed6ff77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RoguRZVniOe6KJYQFAfc57sdttq7jAd%2F1ZVLHOz3dX2OL8%2FbzNb%2F%2FpJ6o%2BrZ%2BBCNJrdwnieY1zIkc4fGUTHKurvHwGs8uMEodnobhIglmVO%2B0QBm9BA6yyLfOhA9%2BlUwq0RIgKlKXVj4ZdZ%2FDQacIwqq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14061&sent=44&recv=31&lost=0&retrans=0&sent_bytes=39087&recv_bytes=11297&delivery_rate=422387&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2754&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 28 May 2024 05:12:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c8f66bb-AMS
accept-ranges
bytes
content-length
2232
server
cloudflare
clientlib-sparkv2.css
salamemanbetoyareghadimi.online/etc/designs/onespark/
116 KB
16 KB
Stylesheet
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-sparkv2.css
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bbfa0cb24fc3fbd863563814a419f68661054ada740bc501a03bea5d7ce7cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zUPHtBirCCB6Pm%2FefCI24jYyknTX1s6%2BWRHtJt6FxXblYtZwjVX4HB2lsT8JJr7ina0ZJamscsaX3oxT43kr842An5OU0yFfVJFFjE4I8SF9hXrlkQPx85OZ5Np%2FotZOyWSxzOlmeNxxQa6dI2iD7ol"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15234&sent=70&recv=52&lost=0&retrans=0&sent_bytes=63300&recv_bytes=13228&delivery_rate=268992&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=3057&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 28 May 2024 05:13:09 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c9066bb-AMS
accept-ranges
bytes
content-length
15553
server
cloudflare
clientlib-forms.css
salamemanbetoyareghadimi.online/etc/designs/spark-responsive/
7 KB
2 KB
Stylesheet
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/spark-responsive/clientlib-forms.css
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d98b01da0724db55fe327b97a09ef64c25598eb8d8194414e63de0e82a20d3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVTtmEhSVxxe53zX2RS67VWqEMqlX3DOfhQAE6C9TOaJybv6nZLSYZB%2FzIau3GwdssBLhUW8ykFnUBBoTrkbid0gLw5oMM%2B9zF5rP0Yg54dPbGjDSNpEdC%2Bm%2BFCeX6QMAkl%2FL5%2Bu71t7ROIC01Np03Lt"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13614&sent=56&recv=38&lost=0&retrans=0&sent_bytes=50749&recv_bytes=11598&delivery_rate=13494&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2766&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 28 May 2024 05:13:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c9166bb-AMS
accept-ranges
bytes
content-length
1569
server
cloudflare
utag.sync.js
www.spark.co.nz/content/dam/telecomcms/cdp/
4 KB
2 KB
Script
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/cdp/utag.sync.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
07d01c30b97388e50593976122e22ef16a9da92ea224df8f53a40ca174d66100
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=7200
Content-Encoding
gzip
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
1341
Keep-Alive
timeout=5, max=10
Date
Fri, 25 Oct 2024 05:24:10 GMT
Content-Type
application/javascript
Last-Modified
Mon, 10 Jun 2024 11:44:25 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
launch-4c20c4466aca.min.js
www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/
717 KB
125 KB
Script
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/launch-4c20c4466aca.min.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
d5a2d6795ff2e03529d4e0675afed05cc8c52db5807f7b4b57b65adc0423bba2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=7200
Content-Encoding
gzip
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=81
Date
Fri, 25 Oct 2024 05:24:10 GMT
Content-Type
application/javascript
Last-Modified
Sun, 20 Oct 2024 20:02:21 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
shopping-disabled.svg
salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/
962 B
1 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/shopping-disabled.svg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b91ad0b85c39f6789caf49cec4beb06b7b9f0e4d0ac8feff0de8f79fdd12d97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGgP%2BgOMm5qQlP9rUhceMwNdzL%2BCG2hWeS%2F7n9u8xIC1b2OgPVx6OxApTMc7mDZdJwnsqW1nFg8bwggAFdqykz9GxtndpDCBbM%2FJdO3BGwL3Ia%2FDr54znzS4GoT5v11P3HLllUdDbFPDtQPpscJtWwz4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15066&sent=60&recv=46&lost=0&retrans=0&sent_bytes=53856&recv_bytes=12444&delivery_rate=10353&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2793&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
image/svg+xml
last-modified
Mon, 10 Jun 2024 11:32:36 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c9266bb-AMS
accept-ranges
bytes
content-length
512
server
cloudflare
shopping.svg
salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/
2 KB
2 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/shopping.svg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d65da0384164d3caeeee36b2e8b7b5da42e1183d4575725a3bd05213e786ec55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Faaw%2BNKC5OUTwcVrqgofmUuYWA%2FX8jqxZtxreTikbiIc9L7mY6nJk9bXA4ztR33UhK2LGbE64GUkQfswVxrErNNxjT9XGhcieZFw0Tp2W6f5aBQc11xvzktU%2Brc26MbkAScL1h5RC%2BnHptIOqVQ18Eqv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13534&sent=47&recv=36&lost=0&retrans=0&sent_bytes=42107&recv_bytes=11512&delivery_rate=9902&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2761&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
image/svg+xml
last-modified
Mon, 10 Jun 2024 11:32:36 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c9466bb-AMS
accept-ranges
bytes
content-length
929
server
cloudflare
purple.svg
salamemanbetoyareghadimi.online/content/dam/sparkdigital/images/logo/
34 KB
11 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/sparkdigital/images/logo/purple.svg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AxmRsNQLVA6DT0hLbHMpot1GsTHCeX8vfzw4dwNasm5ZiAvanbq%2FEV%2FcBU0HQHZV%2FXpp%2FNRnthobRKckWCnpz1MGO9jXSgltRiBSZrRl82ILpNtx%2FHx5UlP%2B1vXh1Z4z1WOXYQz31rF5C0pOnxtEtw7T"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13375&sent=239&recv=87&lost=0&retrans=0&sent_bytes=261047&recv_bytes=14791&delivery_rate=1875651&cwnd=36000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=3983&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:12 GMT
content-type
image/svg+xml
last-modified
Mon, 10 Jun 2024 11:02:57 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc763bc8866bb-AMS
accept-ranges
bytes
content-length
10484
server
cloudflare
ht-nav-tile-570x332.jpg
salamemanbetoyareghadimi.online/content/dam/spark/images/campaign-creative/brand/hello-tomorrow/
53 KB
54 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/campaign-creative/brand/hello-tomorrow/ht-nav-tile-570x332.jpg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f59da134f3c9f0eaf7d6e0f8070745d1285aa22b62ac1a40cce41a6d559798d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMsWeBSaGcaqiTUzNMyriqTevHaeDy92q312M8fsHJZadscc3t7H51sLuq6GriUx2RJQXyA2la7xaV0bqV8SZ1GIrcI0PNuYmmNUCL9jZlFMrEZogFz7riT1kxIu6GHqQLuduiUfS3DN9Odh4qvKDfFv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14254&sent=275&recv=109&lost=0&retrans=0&sent_bytes=298450&recv_bytes=23186&delivery_rate=150068&cwnd=36000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=4827&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
image/jpeg
last-modified
Thu, 06 Jun 2024 09:43:49 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc763ecac66bb-AMS
accept-ranges
bytes
content-length
54596
server
cloudflare
Benefits_nav_image1500x1000px.png
salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/mfyr/
356 KB
357 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/mfyr/Benefits_nav_image1500x1000px.png
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd91d73f06e4b853bd543dedabd4ab8748ac1f269446e1467660b55c9bf327b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwpMAQvll8lXsAzrxRbXI9g0ulLMIC7mDHaHikQvtE525EeJ4odwDzhUQiJlfjqBbdo4JWYVr18ey%2Fb1L3A4RI84ucF%2Fpy3AQJwhRIVJQ9tATxXeDLW3nT4NtGIsnm0qgJF6ic6A1KLiuZJgAEzBs8Ip"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14249&sent=407&recv=135&lost=0&retrans=0&sent_bytes=445741&recv_bytes=30350&delivery_rate=1267681&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6320&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
image/png
last-modified
Thu, 06 Jun 2024 09:42:52 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76b6c5266bb-AMS
accept-ranges
bytes
content-length
364943
server
cloudflare
netflix-mega-menu-500x1000.jpg
salamemanbetoyareghadimi.online/content/dam/spark/images/product-images/subscriptions/Netflix/
243 KB
243 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/product-images/subscriptions/Netflix/netflix-mega-menu-500x1000.jpg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7450493c3efcd1bafee25bd559e5c4c26cc9b6602560becd589e6489b018470d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdRGFledd4RQ2JBo8ZlwIopVLw0n%2BSx8q%2F%2FqUlacvpWSBbupLPJ4KGXoDKLMSBwRiqvS7%2F%2FCkeYV3YNa5ZMp%2FMsIDtC175Jwb9ZmTN2kPYA89NG%2FOrv8htceVCfh6%2BWaBRtRWOj5MkG%2B1KE4lcfPgGo5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13398&sent=514&recv=148&lost=0&retrans=0&sent_bytes=571948&recv_bytes=30943&delivery_rate=1305195&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6577&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
image/jpeg
last-modified
Thu, 06 Jun 2024 09:42:39 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdd166bb-AMS
accept-ranges
bytes
content-length
248352
server
cloudflare
spotify-benefits-tile.png
salamemanbetoyareghadimi.online/content/dam/spark/images/product-images/subscriptions/Spotify/
286 KB
287 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/product-images/subscriptions/Spotify/spotify-benefits-tile.png
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a9fc6754d5c5542cc9511b8dc6f3b60f1ff2c1d9bf9a5a12522288d27098500
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psqD8qoS3ZXGf7mhSWP05OlILgS9nVana9DFIwzVHMLardU%2Fk0ZC2tUcu2BS2xEPc2lvlsx66g9sVGqK2fV8kmQwVUvEZNG3eeStLfC9PPe5WcE%2F8U79dePuCraX1lKIM8xEgHpSbyQWQH6HnelLTZOC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13398&sent=574&recv=148&lost=0&retrans=0&sent_bytes=642748&recv_bytes=30943&delivery_rate=1305195&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6594&x=1", cfExtPri, cfHdrFlush;dur=4
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
image/png
last-modified
Thu, 06 Jun 2024 09:42:37 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdd366bb-AMS
accept-ranges
bytes
content-length
292865
server
cloudflare
xbox-vas.jpg
salamemanbetoyareghadimi.online/content/dam/spark/images/product-images/subscriptions/xbox/
151 KB
152 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/product-images/subscriptions/xbox/xbox-vas.jpg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c85b9b27a03314d530cc6f1cc103fc9d9e8f10e64194c5e5568802d3c300bdb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rU60cANVthbIUNNw6HsNu5A5m4tly9fXr9kly0tWIs4nqLYBLwF1MwusX5d0nk1CuXEFiN%2FPBHT3zMY7mhfjTxc7mL%2FCQrBBiZIbVqSGSV7eNI9faQqMcRT9v2Q%2BtBBwk0YUvFrots8XQAcTISmpOYKD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13398&sent=569&recv=148&lost=0&retrans=0&sent_bytes=637488&recv_bytes=30943&delivery_rate=1305195&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6581&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
image/jpeg
last-modified
Thu, 06 Jun 2024 09:42:43 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdd566bb-AMS
accept-ranges
bytes
content-length
154917
server
cloudflare
one-spark-full-width-container.css
salamemanbetoyareghadimi.online/content/dam/onespark/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/onespark/css/one-spark-full-width-container.css
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17566380940fe5270b9990e50e1017b302382ea45a21c7f85d2a1cfc1ffa85b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLXVYSMoHez9t7ex5HjprIO%2BsKWNzk2pllD90su28y3YAxdza5GZO28VKt%2FyMB22n1KvsK7%2BRD39y%2FOXeL%2FQC5xLEcHM3dioH3FBzCDZmeQH8iZmSboeH9sXHEm0Koteqyrzd82SToEgn1ZZ4JvRwftG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14424&sent=328&recv=120&lost=0&retrans=0&sent_bytes=355760&recv_bytes=26951&delivery_rate=1613&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=5449&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
text/css
last-modified
Tue, 11 Jun 2024 02:43:41 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdc066bb-AMS
accept-ranges
bytes
content-length
469
server
cloudflare
network_banner_data.js
salamemanbetoyareghadimi.online/content/dam/telecomcms/js/outage-map/
1 KB
1 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/telecomcms/js/outage-map/network_banner_data.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec1be7bf4b13291a8e8b61ade8d3df506c53f38e2a14aafafe77f66eb5833e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDWhvQcjRAQ4BJINPRek4JXVOEsGtLo9rI3wlv%2BZJ6f%2BvHO0xMy7ztKMcPi9IvRufr2leCabF%2FX9Fqp%2FHKkOfUIKjZzyOqgWdnigqPNDkwpoBQqdsKxq54eeC6g%2FoLeFm6AWQqq2CDPpW0SLdPJrjcai"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14267&sent=335&recv=121&lost=0&retrans=0&sent_bytes=363057&recv_bytes=26996&delivery_rate=436232&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=5487&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/javascript
last-modified
Mon, 10 Jun 2024 11:25:37 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdc266bb-AMS
accept-ranges
bytes
content-length
550
server
cloudflare
shielded.png
salamemanbetoyareghadimi.online/content/dam/onespark/icon-images/
0
0

clientlib-react.js
salamemanbetoyareghadimi.online/etc/designs/base-frontend/
261 KB
82 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/base-frontend/clientlib-react.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84eadc2e9da30e39260e3ff7bbbdeb9376fd8ac88df8d5924b92a93cc36f3dc0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2rwfwfS6E1cyyHwcbxMw8idZXl50ssBMMWIhuHRNZfIFIZ61Lb6dWFWM%2FhvsHByUvHE%2B%2FvxhuZAk1k8s2cIQBPbolE0TmpzdyQHyg5i%2BDyLNHzzwGSXlkC5yZqofIFIlgEfEMpaelldrM7j7kYUPAow"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14006&sent=354&recv=127&lost=0&retrans=0&sent_bytes=383433&recv_bytes=29992&delivery_rate=77169&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6024&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 11 Apr 2024 06:28:57 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdc466bb-AMS
server
cloudflare
clientlib-reactjs.js
salamemanbetoyareghadimi.online/etc/designs/spark-responsive/
0
0

clientlib-reactjs.js
salamemanbetoyareghadimi.online/etc/designs/spark-broadband-experience/
1 MB
286 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/spark-broadband-experience/clientlib-reactjs.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb464ad80f3513de7f91e95b1434ebcd0c3f6d96bbbd364fca0a37e343bb05d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBOi4l56vrjMo3mDjAdfOeKY2AhXpWTYhhIRb2exOr4GMNIgMC9pGdpm3ElXnd82frYbNiRmubPyuKOoxWf91qzU%2FW2cMA1qWEEDSpluOuf%2BCp73DDiyEkdA9LsRsayf%2FFbmH6OzjXUplXC2v3ylxT%2Bl"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13965&sent=367&recv=129&lost=0&retrans=0&sent_bytes=398621&recv_bytes=30081&delivery_rate=1126885&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6054&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 20 Oct 2024 17:31:32 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdc766bb-AMS
server
cloudflare
modern.js
salamemanbetoyareghadimi.online/etc/clientlibs/granite/lodash/
224 KB
42 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc/clientlibs/granite/lodash/modern.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fd5488cd35a65a9c8d98f0ac5e97fca338d1a3532179ee3dc92d7e4667c4ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnfxcPLK1kdB%2FJ2A1inaJ9%2BqU1vi8Z6ijnfKaPat1VjOCSbbf5EH4MyBu9RizREEI5vdrKkSEqp3liSb8mbcAbu%2FrdMlU76Unm8YcJ0i094B6kIx6OT9gIgNspcMry5zZvDwehtcIMfydtXaA0ddWwDE"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13765&sent=462&recv=140&lost=0&retrans=0&sent_bytes=511241&recv_bytes=30577&delivery_rate=3665221&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6360&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 11 Apr 2024 04:29:13 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdc866bb-AMS
accept-ranges
bytes
content-length
42243
server
cloudflare
clientlib-all.js
salamemanbetoyareghadimi.online/etc/designs/onespark/
2 MB
375 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e312a32e1df52d74230673e61a14845ac83a85d42f26ddacc0c38edc1d2e944f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4ydKceoGcS70A0huvA%2BIfr5QmJcTEIn3B6SW%2FgOK0Hk4%2BTxBFcIHc5tdb5ctyZsh48YuPbXQHPIze9CTDJek7Ga5Ej3XkbCAQ%2Bks7jwyLrQETKM59qyEcO9hiLS7%2F74VDqqC1ZeMqqUseTUBCfrpBHI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13750&sent=380&recv=131&lost=0&retrans=0&sent_bytes=413811&recv_bytes=30170&delivery_rate=1174636&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6103&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 16 Jun 2024 08:37:12 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdcb66bb-AMS
server
cloudflare
clientlib-all.js
salamemanbetoyareghadimi.online/etc/designs/sparklabs/
0
0

clientlib-sparkv2.js
salamemanbetoyareghadimi.online/etc/designs/onespark/
85 KB
18 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-sparkv2.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a79f4fd1a6f9f2d5cb69e56a022f403734cd3f2d61d20163248454da26b8a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Og0QiCc4ipIUaqtTmL4d9CNfCaU%2BkMD03q7znJ5hswUHAuPe1GW9DKEBWBfoxwvbVWvRiSGMb6g%2BexL6TRe3n5PSz%2F%2BkIowi51VwtaXoqcWyZJ96sin1rmF8Hux0L5b7yQ8SL8gLKlAigbe0hdoL45d8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14338&sent=338&recv=125&lost=0&retrans=0&sent_bytes=364375&recv_bytes=29903&delivery_rate=69008&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=5748&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 28 May 2024 05:13:19 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdcd66bb-AMS
accept-ranges
bytes
content-length
17934
server
cloudflare
clientlib-forms.js
salamemanbetoyareghadimi.online/etc/designs/spark-responsive/
23 KB
6 KB
Script
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/spark-responsive/clientlib-forms.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f61e550cc76f12aaed06f5f92fe359a074f83808b23e3ad4266cbc10df8fa0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBS1tzk89AW1Uq9CzdkbWgBZzy8OZAjWfmjAAZKBp6Xi7D5uwSHso9xhMhFTfYxmwwxQ3WvNMr0eoCMKCzMJWMzXYtko8huCgk4rj0yBk21zNTBmbicyBK%2Bnp%2FYWaIdR0mt5XUdDNOIsMzs7YnITEVOA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14424&sent=329&recv=120&lost=0&retrans=0&sent_bytes=356945&recv_bytes=26951&delivery_rate=1613&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=5451&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 28 May 2024 05:13:16 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76cfdcf66bb-AMS
accept-ranges
bytes
content-length
5245
server
cloudflare
token.json
salamemanbetoyareghadimi.online/libs/granite/csrf/
2 B
678 B
XHR
General
Full URL
https://salamemanbetoyareghadimi.online/libs/granite/csrf/token.json
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1f19ndPWyznuDhbCXheXsXXDYB7BfHOLZPEBDLLAOcdU%2FoCvXn0L4SU7z17rnHJGn13DBPKeVYYyUd80bRnZl7zmAn%2FxR9I981C8ql%2BQYTp4jzZl7YpzoZPZLg7vEcW5Q%2F7Gd%2FppbBb5hLkrHkb7zMXL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
-1
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14541&sent=327&recv=119&lost=0&retrans=0&sent_bytes=355058&recv_bytes=26906&delivery_rate=34031&cwnd=70800&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=5408&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/json; charset=iso-8859-1
priority
u=1,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc76ccd9066bb-AMS
content-length
2
server
cloudflare
EX5f57df5d2c704bed952acc6f9a6b3fb6-libraryCode_source.min.js
www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/e4dbfc789e0b/
42 KB
16 KB
Script
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/e4dbfc789e0b/EX5f57df5d2c704bed952acc6f9a6b3fb6-libraryCode_source.min.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
6fb7dad4f9d7beff051095ab2516f17f28031181aba5fd7a90b7d46691b723d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=7200
Content-Encoding
gzip
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
15717
Keep-Alive
timeout=5, max=51
Date
Fri, 25 Oct 2024 05:24:12 GMT
Content-Type
application/javascript
Last-Modified
Sun, 20 Oct 2024 19:59:42 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
fbevents.js
connect.facebook.net/en_US/
229 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=edge
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4411, tp=9, tpl=0, uplat=0, ullat=-1
pragma
private
x-fb-debug
Nyx9bNPf/X2mKQODiMP5BIAcsn3xGoJeERuCFaQT4sVNa2LbYqVq1Iu7uB9cGJAcmIwRAswysDEIzm+9gTnTTQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59722
x-xss-protection
0
origin-agent-cluster
?1
9708c203bece3908581e9a989de4f578.js
august.takingbackjuly.com/i/
108 KB
40 KB
Script
General
Full URL
https://august.takingbackjuly.com/i/9708c203bece3908581e9a989de4f578.js
Requested by
Host: www.spark.co.nz
URL: https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/launch-4c20c4466aca.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-119.fra60.r.cloudfront.net
Software
Caddy /
Resource Hash
eff832e440c193b33017fad6446867b20c8dc41abacba103d72ca52afa7ff3b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
"1af92-79k1zDp5O3oEKNe3fZby1ll3dfw"
age
34129
via
1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
expires
Fri, 25 Oct 2024 07:55:24 GMT
x-cache
Hit from cloudfront
content-length
40397
x-amz-cf-id
gnQO2pCTGjk3Bwa3wXv3R_-RaLPa_MNhzV2eDSglEyIGEMA7Z1zGXw==
date
Thu, 24 Oct 2024 19:56:23 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Caddy
x-amz-cf-pop
FRA60-P6
utag.js
www.spark.co.nz/content/dam/telecomcms/cdp/
55 KB
17 KB
Script
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/cdp/utag.js
Requested by
Host: www.spark.co.nz
URL: https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/launch-4c20c4466aca.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
82908823fd53d649648fb51f49f1fb701a847310cf51e8c64f3909e242dc4ac9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://salamemanbetoyareghadimi.online/

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=7200
Content-Encoding
gzip
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
16747
Keep-Alive
timeout=5, max=24
Date
Fri, 25 Oct 2024 05:24:13 GMT
Content-Type
application/javascript
Last-Modified
Mon, 10 Jun 2024 11:34:49 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
330 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e99e279ecec3e9fbcf4048c3226a6975c17990fd242d0f1417023bc7807c7dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 05:24:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110935
x-xss-protection
0
server
Google Tag Manager
delivery
sparknewzealandtradi.tt.omtrdc.net/rest/v1/
112 B
496 B
XHR
General
Full URL
https://sparknewzealandtradi.tt.omtrdc.net/rest/v1/delivery?client=sparknewzealandtradi&sessionId=d371e46e267a4c4983bcff4d3e3ba297&version=2.10.0
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.152.221 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-66-235-152-221.data.adobedc.net
Software
jag /
Resource Hash
a3ca9ea3dc5a7cbe838dee9f712b8e87cc85e7478648751f7b2261806688923a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://salamemanbetoyareghadimi.online/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-encoding
gzip
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
access-control-allow-origin
https://salamemanbetoyareghadimi.online
date
Fri, 25 Oct 2024 05:24:13 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
server
jag
213308197274656
connect.facebook.net/signals/config/
78 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/213308197274656?v=2.9.174&r=stable&domain=salamemanbetoyareghadimi.online&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
ad340ec75cdac5518c80ace86515ba5f1b2eab0986dfe5f26fbf8efed114bab8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=75, mss=1232, tbw=68492, tp=66, tpl=0, uplat=91, ullat=1
pragma
public
x-fb-debug
/GR4EKATX/GRrE2U2y30Rkp6+X59r8pdf/jN1TDoRejejj2SXt9y/OkEFXwMU7iUqkKVLT0iF8p+lLuyLts9kw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
ct
june.takingbackjuly.com/
4 KB
2 KB
Script
General
Full URL
https://june.takingbackjuly.com/ct?id=17319&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&sf=0&tpi=&ch=Spark.co.nz&uvid=&tsf=0&tsfmi=&tsfu=&cb=1729833853268&hl=2&op=0&ag=4155436659&rand=9476169607971570161287228822061523568040126209832052806298256460721175827802626258116&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDkxMzRdLFsiYWJuY2giLDM2XSxbLTgsIi0iXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTI1LCItIl0sWy0zNSwiWzE3Mjk4MzM4NTMxODIsLTJdIl0sWy00NCwiMCwwLDAsNSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkS1hCa1JVVTFOU1VvREZoWllURjVNU2swWFRWaFNVRmRlVzFoYVVsTk1WVUFYV2xaVUZsQVdBQTRKQVZvTENRcGJYRnBjQ2dBSkFRd0JDRndBV0FBQkFGMWNEVjhNRGdFWFUwb0RDQU1QQVFnS0FSQVZXRTBaU3hrUlVVMU5TVW9ERmhaWVRGNU1TazBYVFZoU1VGZGVXMWhhVWxOTVZVQVhXbFpVRmxBV0FBNEpBVm9MQ1FwYlhGcGNDZ0FKQVF3QkNGd0FXQUFCQUYxY0RWOE1EZz09Il0sWy01LCItIl0sWy0xMywiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMTAiXSxbLTU4LCItIl0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufDh8MTJ8fDAiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yNiwie1widGpoc1wiOjExNzQwNzQzLFwidWpoc1wiOjkyMTM2ODMsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTUwLCItIl0sWy03LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcInRpdGxlXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIl19Il0sWy0yMywiKyJdLFstMzQsIi0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNTIsIi0iXSxbLTU1LCIyIl0sWy02MCwyMDddLFstNjcsIi0iXSxbLTEsIi0iXSxbLTQsIjxodG1sIGxhbmc9XCJlblwiPjxoZWFkPlxuICAgICAgICBcblxuXG5cbiAgIFxuICAgXG4gICAgICA8bWV0YSBjaGFyc2V0PVwidXRmLThcIj5cbiAgICAgIDx0aXRsZT5Ccm9hZGJhbmQgSW50ZXJuZXQgYW5kIE1vYmlsZSBQaG9uZSBTZXJ2aWNlcyB8IFNwYXJrIE5aPC90aXRsZT5cbiAgICAgIDxtZXRhIGNsYXNzPVwic3dpZnR5cGVcIiBkYXRhLXR5cGU9XCJzdHJpbmdcIiBuYW1lPVwicGFnZVR5cGVcIiBjb250ZW50PVwicGVyc29uYWxcIj5cbiAgICAgIFxuICAgICAgPG1ldGEgY2xhc3M9XCJzd2lmdHlwZVwiIG5hbWU9XCJjb25zdW1lclJlbGV2YW5jZVwiIGRhdGEtdHlwZT1cImludGVnZXJcIiBjb250ZW50PVwiMTBcIj5cbiAgICAgIDxtZXRhIGNsYXNzPVwic3dpZnR5cGVcIiBuYW1lPVwiYnVzaW5lc3NSZWxldmFuY2VcIiBkYXRhLXR5cGU9XCJpbnRlZ2VyXCIgY29udGVudD1cIjBcIj5cbiAgICAgIFxuICAgICAgPG1ldGEgY2xhc3M9XCJzd2lmdHlwZVwiIGRhdGEtdHlwZT1cInRleHRcIiBuYW1lPVwiZGVzY3JpcHRpb25cIiBjb250ZW50PVwiQ29ubmVjdGluZyBOZXcgWmVhbGFuZCB3aXRoIHRlY2hub2xvZ3kuIERpc2NvdmVyIGVuZGxlc3MgJmFtcDsgZmxleGlibGUgYnJvYWRiYW5kIHBsYW5zLCBtb2JpbGUgcGhvbmVzLCBtb2JpbGUgcGxhbnMgJmFtcDsgYWNjZXNzb3JpZXMgd2l0aCBTcGFyayBOWi4gXCI%2BXG4gICAgICA8bWV0YSBuYW1lPVwidGl0bGVcIiBjb250ZW50PVwiQnJvYWRiYW5kIEludGVybmV0IGFuZCBNb2JpbGUgUGhvbmUgU2VydmljZXMgfCBTcGFyayBOWlwiPlxuICAgICAgPG1ldGEgbmFtZT1cInZpZXdwb3J0XCIgY29udGVudD1cIndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xXCI%2BXG4gICAgICA8bWV0YSBodHRwLWVxdWl2PVwiWC1VQS1Db21wYXRpYmxlXCIgY29udGVudD1cIklFPWVkZ2VcIj5cbiAgICAgIFxuICAgICAgPG1ldGEgbmFtZT1cInJvYm90c1wiIGNvbnRlbnQ9XCJpbmRleCxmb2xsb3dcIj5cbiAgICAgIFxuICAgICAgXG4gICAgICAgICA8bGluayByZWw9XCJjYW5vbmljYWxcIiBocmVmPVwiaHR0cHM6Ly93d3cuc3BhcmsuY28ubnovXCI%2BXG4gICAgICBcbiAgICAgIFxuICAgICAgPG1ldGEgY2xhc3M9XCJzd2lmdHlwZVwiIGRhdGEtdHlwZT1cInN0cmluZ1wiIG5hbWU9XCJvZ190aXRsZVwiIHByb3BlcnR5PVwib2c6dGl0bGVcIiBjb250ZW50PVwiTloncyBCZXN0IEJyb2FkYmFuZCAmYW1wOyBNb2JpbGUgUGhvbmUgUGxhbnMgfCBTcGFyayBOWlwiPlxuICAgICAgPG1ldGEgY2xhc3M9XCJzd2lmdHlwZVwiIGRhdGEtdHlwZT1cInRleHRcIiBuYW1lPVwib2dfZGVzY3JpcHRpb25cIiBwcm9wZXJ0eT1cIm9nOmRlc2NyaXB0aW9uXCIgY29udGVudD1cIkRpc2NvdmVyIHVubGltaXRlZCAmYW1wOyBmbGV4aWJsZSBicm9hZGJhbmQgYW5kIG1vYmlsZSBwbGFucywgcGx1cyBwaG9uZXMgJmFtcDsgYWNjZXNzb3JpZXMgd2l0aCBTcGFyayBOWi5cIj5cbiAgICAgIFxuICAgICAgXG4gICAgICAgICA8bWV0YSBuYW1lPVwiZ29vZ2xlLXNpdGUtdmVyaWZpY2F0aW9uXCIgY29udGVudD1cIjJrNzdSRzVuRmZDTDNaZzB0WS1DSXk2MUR1OXJ1NEQ3NEkxV2w0THdfODRcIj5cbjxtZXRhIG5hbWU9XCJ0aGVtZS1jb2xvclwiIGNvbnRlbnQ9XCIjNGY0MzhhXCI%2BXG48bWV0YSBuYW1lPVwiZ29vZ2xlLXNpdGUtdmVyaWZpY2F0aW9uXCIgY29udGVudD1cInMyeTRJTi1nZkh6V19zdDZYbWJNUXU1ZTE1YjBZQnI5ZUxSalNZdXhydlFcIj5cbiAgICAgIFxuICAgICAgPG1ldGEgY2xhc3M9XCJlbGFzdGljXCIgbmFtZT1cImNhdGVnb3J5XCIgY29udGVudD1cImFydGljbGVcIj5cbiAgICAgIFxuICAgICAgXG4gICAgICBcbiAgICAgIFxuICAgICAgXG4gICAgICBcbiAgICAgIFxuICAgICAgXG4gICAgICBcbiAgICAgIFxuICAgICAgPG1ldGEgY2xhc3M9XCJlbGFzdGljXCIgZGF0YS10eXBlPVwic3RyaW5nXCIgbmFtZT1cInBhZ2V0eXBlXCIgY29udGVudD1cInBlcnNvbmFsXCI%2BXG4gICAgICBcbiAgICAgIDxtZXRhIGNsYXNzPVwiZWxhc3RpY1wiIG5hbWU9XCJjb25zdW1lcnJlbGV2YW5jZVwiIGRhdGEtdHlwZT1cImludGVnZXJcIiBjb250ZW50PVwiMTBcIj5cbiAgICAgIDxtZXRhIGNsYXNzPVwiZWxhc3RpY1wiIG5hbWU9XCJidXNpbmVzc3JlbGV2YW5jZVwiIGRhdGEtdHlwZT1cImludGVnZXJcIiBjb250ZW50PVwiMFwiPlxuICAgICJdLFstMzIsIjIiXSxbLTQ3LCJFdXJvcGUvQW1zdGVyZGFtLG5sLGxhdG4sZ3JlZ29yeSJdLFstNjUsIi0iXSxbLTcxLCJhMDExMDAxMDEwMDEwMDEwMTAwMDEwMTAwMTExMTEwMTAwMDAxMCJdLFstMTQsIi0iXSxbLTE2LCIwIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy03MCwiLSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0yLCI4LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcElzZ0lJalNRKzhpS2dxSTBvc0lBaXBGRUVRUklrVWdkRVFRcFVvSlNBdENBcVNIOUd5eTdaV1orZXIvZCtlOTJid3NDU0QvMWUiXSxbLTEwLCItIl0sWy0yMCwiLSJdLFstMjksIi0iXSxbLTM4LCJsLC0xLC0xLDEsMCwxLDAsOSwyNCwxNTQ0LC0xLDAsNDMzOC45LCw0NTg2LDQ1ODYiXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQ4LCIwLDAiXSxbLTYyLCI4MCJdLFstNjYsImdlb2xvY2F0aW9uLGNodWFmdWxsdmVyc2lvbmxpc3QsY3Jvc3NvcmlnaW5pc29sYXRlZCxzY3JlZW53YWtlbG9jayxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGNodWFhcmNoLGNvbXB1dGVwcmVzc3VyZSxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHVzYixjaHNhdmVkYXRhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLHNoYXJlZHN0b3JhZ2UscnVuYWRhdWN0aW9uLGNodWFmb3JtZmFjdG9ycyxjaGRvd25saW5rLG90cGNyZWRlbnRpYWxzLHBheW1lbnQsY2h1YSxjaHVhbW9kZWwsY2hlY3QsYXV0b3BsYXksY2FtZXJhLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYWNjZWxlcm9tZXRlcixjaHVhcGxhdGZvcm12ZXJzaW9uLGlkbGVkZXRlY3Rpb24scHJpdmF0ZWFnZ3JlZ2F0aW9uLGludGVyZXN0Y29ob3J0LGNodmlld3BvcnRoZWlnaHQsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsY2h3aWR0aCxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLGJyb3dzaW5ndG9waWNzLGVuY3J5cHRlZG1lZGlhLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsY2h1YWJpdG5lc3Msc3RvcmFnZWFjY2VzcyxzeW5jeGhyLGNoZGV2aWNlbWVtb3J5LGNodmlld3BvcnR3aWR0aCxwaWN0dXJlaW5waWN0dXJlLG1hZ25ldG9tZXRlcixjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy0yNCwiW10iXSxbLTY4LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02LCItIl0sWy0xNywiMTIiXSxbLTI3LCJbNTAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTQ5LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjEsIntcIndnc2xcIjpcIjQ7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO3JlYWRvbmx5X2FuZF9yZWFkd3JpdGVfc3RvcmFnZV90ZXh0dXJlcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjMsIjAiXSxbLTE1LCItIl0sWy0xOSwiWzExNzAsMTU3MCwxMTcwLDE1NzAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyODUsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjEsIi0iXSxbLTQ2LCIwIl0sWy01MywiMTAwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbImJuY2giLDEzNF0sWy05LCIrIl0sWy0xMiwibnVsbCJdLFstMjgsImVuLVVTLGVuIl0sWy0zMywiLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNTEsIi0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFsiZGRiIiwiMCw4LDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDEsMSwzLDE1LDAsMTcsMCwxLDAsMCwwLDAsMCwwLDAsMSw0LDAsNywwLDAsMCwwLDAsMCwxLDAsMCwxLDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDcsMCwwLDAsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=uv6KUq3Q0S&pto=4595&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1729833853.CvW0x4R1TuBrx1bb&suid=1.1729833853.Lgw3cBcFdvKxrkLK&tuid=1.1729833853.0mJbfNdRWtOZnorl&fbc=-&gtm=W10%3D&it=26%2C4344%2C108&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
11fa10ef7b83547215c80beef6563b80cc01d9fe099fe2d44fd437627f8f1d9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
https://salamemanbetoyareghadimi.online
content-encoding
gzip
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
1841
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
text/javascript
js
www.googletagmanager.com/gtag/
207 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48213762-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fd055027d4b29969e107adf3bcc351e7249a7076ec9f23085bf04f1dd2c7af9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 05:24:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76350
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-62VXG698NS&gtm=45je4al0v870015383za200&_p=1729833853023&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101686685~101823848&cid=1272596182.1729833853&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dl=salamemanbetoyareghadimi.online&sid=1729833853&sct=1&seg=0&dt=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=4651
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://salamemanbetoyareghadimi.online
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
565 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-62VXG698NS&cid=1272596182.1729833853&gtm=45je4al0v870015383za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101686685~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://salamemanbetoyareghadimi.online
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 7484
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-62VXG698NS&gacid=1272596182.1729833853&gtm=45je4al0v870015383za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101823848&z=1651019422
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salamemanbetoyareghadimi.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 05:24:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48213762-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
age
6844
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 05:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 03:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
purple.svg
salamemanbetoyareghadimi.online/content/dam/sparkdigital/images/logo/
34 KB
0
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/sparkdigital/images/logo/purple.svg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AxmRsNQLVA6DT0hLbHMpot1GsTHCeX8vfzw4dwNasm5ZiAvanbq%2FEV%2FcBU0HQHZV%2FXpp%2FNRnthobRKckWCnpz1MGO9jXSgltRiBSZrRl82ILpNtx%2FHx5UlP%2B1vXh1Z4z1WOXYQz31rF5C0pOnxtEtw7T"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13375&sent=239&recv=87&lost=0&retrans=0&sent_bytes=261047&recv_bytes=14791&delivery_rate=1875651&cwnd=36000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=3983&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:12 GMT
content-type
image/svg+xml
last-modified
Mon, 10 Jun 2024 11:02:57 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc763bc8866bb-AMS
accept-ranges
bytes
content-length
10484
server
cloudflare
shopping.svg
salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/
2 KB
0
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/shopping.svg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d65da0384164d3caeeee36b2e8b7b5da42e1183d4575725a3bd05213e786ec55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Faaw%2BNKC5OUTwcVrqgofmUuYWA%2FX8jqxZtxreTikbiIc9L7mY6nJk9bXA4ztR33UhK2LGbE64GUkQfswVxrErNNxjT9XGhcieZFw0Tp2W6f5aBQc11xvzktU%2Brc26MbkAScL1h5RC%2BnHptIOqVQ18Eqv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13534&sent=47&recv=36&lost=0&retrans=0&sent_bytes=42107&recv_bytes=11512&delivery_rate=9902&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2761&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
image/svg+xml
last-modified
Mon, 10 Jun 2024 11:32:36 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c9466bb-AMS
accept-ranges
bytes
content-length
929
server
cloudflare
shopping-disabled.svg
salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/
962 B
0
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/telecomcms/responsive/icons-svg/shopping-disabled.svg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b91ad0b85c39f6789caf49cec4beb06b7b9f0e4d0ac8feff0de8f79fdd12d97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGgP%2BgOMm5qQlP9rUhceMwNdzL%2BCG2hWeS%2F7n9u8xIC1b2OgPVx6OxApTMc7mDZdJwnsqW1nFg8bwggAFdqykz9GxtndpDCBbM%2FJdO3BGwL3Ia%2FDr54znzS4GoT5v11P3HLllUdDbFPDtQPpscJtWwz4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15066&sent=60&recv=46&lost=0&retrans=0&sent_bytes=53856&recv_bytes=12444&delivery_rate=10353&cwnd=24000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=2793&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:11 GMT
content-type
image/svg+xml
last-modified
Mon, 10 Jun 2024 11:32:36 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc75c1c9266bb-AMS
accept-ranges
bytes
content-length
512
server
cloudflare
91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-site/fonts/Avenir/
73 KB
73 KB
Font
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-site/fonts/Avenir/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5460d12873f565566367d90c804bdcdfad6f80522ce61a8fdb03b1cfc156f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://salamemanbetoyareghadimi.online
Referer
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddNt29n1mN3rdSaGvG9lq3i5tSTvvMusEUdCk4qSCfxYjLRWlS8xjVP83SnUr%2FbuVxjh%2BN0pCg7ayK1pkbipPFLmjjP7ArsgJ53kw1jaDQ69v5Yvd1xOiqulWs5rKni5Tdd3Xd7cQJ66nD5mt3b8zfZ5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15142&sent=755&recv=175&lost=0&retrans=0&sent_bytes=856187&recv_bytes=32160&delivery_rate=1303872&cwnd=141600&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6743&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
application/x-font-woff
last-modified
Thu, 11 Apr 2024 06:28:57 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc7718a1366bb-AMS
server
cloudflare
f26faddb-86cc-4477-a253-1e1287684336.woff
salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-site/fonts/Avenir/
74 KB
74 KB
Font
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-site/fonts/Avenir/f26faddb-86cc-4477-a253-1e1287684336.woff
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1bbdd52caac896e0afaf4e56e749b8181fb025bfc7afc16ea8f4f38ca99579
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://salamemanbetoyareghadimi.online
Referer
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4AD9N46Gh5%2B0AYiGl0dRE075cpndhv1uY%2FD5bVTaR2HXQghlwgB9NGH6k9Mct8jRNYbxaXg7Vq0b1FGhJhbCxdtCIv8qp%2FWjFAX2oFlaJQTd2dXAvl1%2FKA1n5I7nzsgjCbV8i2RCVqWVKOna3fldXP5J"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15142&sent=768&recv=175&lost=0&retrans=0&sent_bytes=871376&recv_bytes=32160&delivery_rate=1303872&cwnd=141600&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6752&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
application/x-font-woff
last-modified
Thu, 11 Apr 2024 06:28:57 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc7718a1466bb-AMS
server
cloudflare
spark-icon-family.woff
salamemanbetoyareghadimi.online/content/dam/sparkresponsive/font/Fontello/
28 KB
29 KB
Font
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/sparkresponsive/font/Fontello/spark-icon-family.woff
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-sparkv2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597577e553630e1a1a757b9a233376cc1c0ea7e590a796b708103f8b077b0631
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://salamemanbetoyareghadimi.online
Referer
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-sparkv2.css

Response headers

content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGfh9gH6q1ir%2F4%2F5Q2kgBSQ5jbiS4u9tMU9dn576NKjryPwvnRlhvKzezRaQVh2Pa6x933mfmi%2BHKQ7oT%2F9Sa9M0mVvv6Bb%2B5kDKMN9KrZVW9%2FAKu7P%2FZjTGz13QYGXUQfyd%2B53c%2B70G1thA%2FsWooFgb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14770&sent=781&recv=177&lost=0&retrans=0&sent_bytes=886570&recv_bytes=32251&delivery_rate=1174824&cwnd=141600&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6765&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
application/font-woff
last-modified
Thu, 06 Jun 2024 09:44:48 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc7718a1566bb-AMS
access-control-allow-origin
https://salamemanbetoyareghadimi.online
server
cloudflare
b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-site/fonts/Avenir/
74 KB
74 KB
Font
General
Full URL
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-site/fonts/Avenir/b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c454d5bf7977f3dc91fc22f4e3648a607b72c3677c59d5a4ed04b6c7f42e964b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://salamemanbetoyareghadimi.online
Referer
https://salamemanbetoyareghadimi.online/etc/designs/onespark/clientlib-all.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDGeUZFpoAdb21s%2B8eYHP%2FghKgNZyu1jMeJDxehENtmfGeHFN2gEWddSJ2FDGtgWSRt0YqWsVXvTcIuzDSj5eFMBm%2BtXkIxr07axBzmlYINWX8Cc2o2wnZksQaw76sMV9cAIkdFZTQvX1wCX%2FaKC7f8s"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14032&sent=807&recv=181&lost=0&retrans=0&sent_bytes=916634&recv_bytes=32432&delivery_rate=1231725&cwnd=141600&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=6779&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:15 GMT
content-type
application/x-font-woff
last-modified
Thu, 11 Apr 2024 06:28:57 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc7718a1766bb-AMS
server
cloudflare
js
www.googletagmanager.com/gtag/
276 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-973125260&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f7629a123ea671142b9ed3d15f0fed7e00cd86e80dea8ec85dc6f2a37c27d737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 05:24:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97752
x-xss-protection
0
server
Google Tag Manager
4615074c-e8a0-4af2-b112-15720559be3b
https://salamemanbetoyareghadimi.online/ Frame
0
0

/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=213308197274656&ev=CHEQ&dl=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&rl=&if=false&ts=1729833853758&sw=1600&sh=1200&v=2.9.174&r=stable&a=adobe_launch&ec=0&o=12318&fbp=fb.1.1729833853756.284523769394822705&ler=empty&cdl=API_unavailable&it=1729833853113&coo=false&rqm=GET
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1380, tbw=2945, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 25 Oct 2024 05:24:13 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=213308197274656&ev=CHEQ&dl=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&rl=&if=false&ts=1729833853758&sw=1600&sh=1200&v=2.9.174&r=stable&a=adobe_launch&ec=0&o=12318&fbp=fb.1.1729833853756.284523769394822705&ler=empty&cdl=API_unavailable&it=1729833853113&coo=false&rqm=FGET
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429579827326854032"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
zXqX0XnzcUyh+eetEwTqqAS1nnVV7R6PR/2CZvgqzrtH8DI5FsAUGXUQCx0TaZcXvdCnRuwuVsO7B9j2ysNd5w==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429579827326854032", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=14, mss=1380, tbw=3263, tp=-1, tpl=-1, uplat=178, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.google.com/pagead/1p-conversion/973125260/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0&ct_cookie_present=false&random=677057765&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWx...
  • https://www.google.com/pagead/1p-conversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0&ct_cookie_present=false&random=677057765&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgM...
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0&ct_cookie_present=false&random=677057765&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgMqEo-WoiQMV2Jn9Bx1qhR33MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUv&is_vtc=1&cid=CAQSKQCa7L7dqMh0Q-R3TYTlVa0MaO60CGBTLn8BKAlJFdX1kvjJN3Eg-m8Y&random=3563784581
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Oct 2024 05:24:14 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/973125260/?label=86mBCJXYnbYYEIztgtAD&guid=ON&script=0&ct_cookie_present=false&random=677057765&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgMqEo-WoiQMV2Jn9Bx1qhR33MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUv&is_vtc=1&cid=CAQSKQCa7L7dqMh0Q-R3TYTlVa0MaO60CGBTLn8BKAlJFdX1kvjJN3Eg-m8Y&random=3563784581
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Fri, 25 Oct 2024 05:24:13 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
tc_imp.gif
june.takingbackjuly.com/tracker/
43 B
79 B
Image
General
Full URL
https://june.takingbackjuly.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268e7cf36e94f8f9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f168e6c2e17071a10acf9f29f671ad7d68c022f394dac7d7504823fd733c557630c709a03535863005fc0b9684777be26bb25cb43e2923cf64c69ab13257b0fde50fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2549c1551ee6d59ac73135657920d31a3dcbbea64e96df57da4778e326d63e58e6c2c2b0d0cd63ed68409835c77a7cee43d4c7922c886302095804c7d7b12204552b88b2f676304a2e8556bcefeb43c9af259241c2efaf0a79d9922b9ded70be951ca596a6ac9e99ab1ff35938ee33a96621ccdeb97790a1cf56267a88c0621ac84e97e9d5ebb02f2c712dd50889e23956560cbc8798a30d48da1a2cdbab4417ba276ebe2e4760f68e58d368fa65ea1111313dd5c46979284cbd0f18970907b81c5fbc879ae243b18aa3865d494d116749ea864a841bfc003d667a879455b44cb26ff559c87e03fb98d789f5cd69ddfcb6ec2584921f146541d3e457dd3a766b753dfc18b64fdde69bdde6cdf81c8f07688bcf174603ed0a9110495f70d5a23fae7e538e043cef856fdfd3cae6ee26d8759bf17d4a120c41821f8af92663f3f7c022a0b5c14b6e08c6cd206ab444e4329ffa84edf981a04e2b9dfbabf6ddeece4fc85ffb3f057523ff3449aab5a698a5f781ad461416c6af67ac26a0b96ae9837986ac52495aa2bcfb1059a780724231c0f55fbc0acdf5e7a31df6a07ddd28be9a2d64146dbe9e96f9cdd7265d9d5103561fa92d15322a95bd2189c49916ced469db35bbae14e998994c0dc023bbbf231718368a78ab2a21e9f6f3c13068a681e2ae3f521db8e738ee6f1960b8fdb952f1c7507e82fa16ec749a0c32dcf2049215d28292ea50bf2de6004fd369ff997608e9612d26679ae0d6e78caaac30059ed78e99c508756230a4ba0296cdffa957ac1543d939901e1829fed8a42c64f0a6146a3652f538082531fe969a5eccb2e8cdaf01c023ff128320204d30509b0ccfc12108c702090858d47cbd6becf4530e373c247180a931d78268b87164bdd87bf95b7ff&cri=uv6KUq3Q0S&ts=517&cb=1729833853785
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Fri, 25 Oct 2024 05:24:13 GMT
pragma
no-cache
content-type
image/gif
85464e0d-4814-40c5-b2a2-0962e420df94
https://salamemanbetoyareghadimi.online/ Frame
0
0

collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1214773343.1729833854&auid=734337617.1729833854&npa=0&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&tft=1729833853899&tfd=5224&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973125260&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/973125260/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973125260/?random=1729833853892&cv=11&fst=1729833853892&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7d5151aafe672974cf9800b6f5f08d0e4e2115aabb7f4ea95ceef954221e4f0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2376
date
Fri, 25 Oct 2024 05:24:13 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
973125260
td.doubleclick.net/td/rul/ Frame E444
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/973125260?random=1729833853892&cv=11&fst=1729833853892&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973125260&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salamemanbetoyareghadimi.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1117
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 05:24:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/973125260/
5 KB
3 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/973125260/?random=1729833853936&cv=11&fst=1729833853936&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&gtm_ee=1&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
f7f8edc328182b9a75368da0433f3d55673377bdab1d57148fa0e02e567b7442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2667
date
Fri, 25 Oct 2024 05:24:13 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
973125260
td.doubleclick.net/td/rul/ Frame BE66
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/973125260?random=1729833853936&cv=11&fst=1729833853936&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&gtm_ee=1&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973125260&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salamemanbetoyareghadimi.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 05:24:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame AB31
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsalamemanbetoyareghadimi.online
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973125260&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 05:24:14 GMT
expires
Sat, 25 Oct 2025 05:24:14 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-conversion/973125260/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973125260/?random=2124209649&cv=11&fst=1729833853936&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l...
  • https://www.google.com/pagead/1p-conversion/973125260/?random=2124209649&cv=11&fst=1729833853936&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101...
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/973125260/?random=2124209649&cv=11&fst=1729833853936&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&gtm_ee=1&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIlvmKo-WoiQMVtZz9Bx0aDwjrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUvQlhDaEVJOE9EbnVBWVEyOENyLS1mUnJzQ21BUkl0QUZZVlViME1hY0paci1sSXdhNVZPQmNQTGhJZWpwelJUWWVCaVMwSWVxS2RpcVBmWGVZc244bk9YLW8x&is_vtc=1&cid=CAQSKQCa7L7dRZ7exB9ppvPcOMiDcXNIYEWRukAfqkF1sOA3u1Y2cAXHk5Jp&random=3451886153
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Oct 2024 05:24:14 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/973125260/?random=2124209649&cv=11&fst=1729833853936&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&gtm_ee=1&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIlvmKo-WoiQMVtZz9Bx0aDwjrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOihodHRwczovL3NhbGFtZW1hbmJldG95YXJlZ2hhZGltaS5vbmxpbmUvQlhDaEVJOE9EbnVBWVEyOENyLS1mUnJzQ21BUkl0QUZZVlViME1hY0paci1sSXdhNVZPQmNQTGhJZWpwelJUWWVCaVMwSWVxS2RpcVBmWGVZc244bk9YLW8x&is_vtc=1&cid=CAQSKQCa7L7dRZ7exB9ppvPcOMiDcXNIYEWRukAfqkF1sOA3u1Y2cAXHk5Jp&random=3451886153
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Fri, 25 Oct 2024 05:24:14 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/973125260/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/973125260/?random=1729833853892&cv=11&fst=1729832400000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9172039467za200zb870015383&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fsalamemanbetoyareghadimi.online%2F&hn=www.googleadservices.com&frm=0&tiba=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&npa=0&pscdl=noapi&auid=734337617.1729833854&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d-qEuJLTGp1ysBKyxzoDX5XcNYfhvDnkjX4TOl5rk3yNro4a3&random=425186095&rmt_tld=0&ipr=y
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Oct 2024 05:24:14 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
purple.svg
salamemanbetoyareghadimi.online/content/dam/sparkdigital/images/logo/
34 KB
0
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/sparkdigital/images/logo/purple.svg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AxmRsNQLVA6DT0hLbHMpot1GsTHCeX8vfzw4dwNasm5ZiAvanbq%2FEV%2FcBU0HQHZV%2FXpp%2FNRnthobRKckWCnpz1MGO9jXSgltRiBSZrRl82ILpNtx%2FHx5UlP%2B1vXh1Z4z1WOXYQz31rF5C0pOnxtEtw7T"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13375&sent=239&recv=87&lost=0&retrans=0&sent_bytes=261047&recv_bytes=14791&delivery_rate=1875651&cwnd=36000&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=3983&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:12 GMT
content-type
image/svg+xml
last-modified
Mon, 10 Jun 2024 11:02:57 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc763bc8866bb-AMS
accept-ranges
bytes
content-length
10484
server
cloudflare
girls-lying-on-grass-phone-1411x720.jpg
salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/
198 KB
199 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/girls-lying-on-grass-phone-1411x720.jpg
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe912a707eb6a1ba468c8e2cc2f9aab7a8837e1d54d4be849473e0fd6e64a63c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ihuOmLqOZpk2Uj37rurywdlf4guShFVXBwY5fZCKSbnCmhUiRJFpbY3XtOXblaGmYmplz9NHxmvU0XjQ00mv0e%2FZgz3Ug2UCRkYR65Wm9ngV0dVJu4tbFAUy8gBibnI2vwhOljynDqLhFG2Mi1JrdlY"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13776&sent=2029&recv=314&lost=0&retrans=0&sent_bytes=2362453&recv_bytes=38463&delivery_rate=9345217&cwnd=193200&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=7807&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:16 GMT
content-type
image/jpeg
last-modified
Thu, 06 Jun 2024 09:42:56 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc774cd9166bb-AMS
accept-ranges
bytes
content-length
203008
server
cloudflare
womanworksoutsidelaptop_homepage_desktop.png
salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/
1 MB
1 MB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/womanworksoutsidelaptop_homepage_desktop.png
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22b9745bea5f0bd766f4802b0b8f1d87fbca89511573e5c55d7705939e00c4d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owz%2BgpzsY2aK2vIHeRjilXi5aoMq1ijNfw4YUqKuvUy17ZkYhY2mtpMWl88ZaA7y2Yq5Vt4gb%2BcwE%2Ba42qTOQ%2F2TwaOUOiRD%2BwxmZK5vR57MIIB3UBLwnvWJKl6uN3ejYZkHi80uJUfqmoYlH%2BedE%2Bfz"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13851&sent=2056&recv=318&lost=0&retrans=0&sent_bytes=2394468&recv_bytes=38643&delivery_rate=3176411&cwnd=193200&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=7816&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:16 GMT
content-type
image/png
last-modified
Thu, 06 Jun 2024 09:42:56 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc774cd9266bb-AMS
accept-ranges
bytes
content-length
1364943
server
cloudflare
womanworksoutsidelaptop_homepage_mobile.png
salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/
306 KB
307 KB
Image
General
Full URL
https://salamemanbetoyareghadimi.online/content/dam/spark/images/backgrounds/marketing/hero-banners/womanworksoutsidelaptop_homepage_mobile.png
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca224d8284dabccd2bacc5cd05e6d98d7d4e7706592bdf848bd91780c19b2ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82CXvl6XExn5N55HUE1yGtk2pBqSGQ1QwEZL0Er7bRrIZqcl1VZBNpuYGkyA%2BqpS1J6kzxFkxTozmVwrqxHZprEiFdqUilzs%2FKKG4wYZ66IUQSAvgXEApX7okuc7ZT1lP8IpUkBZj0T964ZKUZs5%2BoJg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13611&sent=1659&recv=280&lost=0&retrans=0&sent_bytes=1925695&recv_bytes=36923&delivery_rate=2639685&cwnd=152400&unsent_bytes=0&cid=eb97c20e2698c6a8&ts=7542&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:24:16 GMT
content-type
image/png
last-modified
Thu, 06 Jun 2024 09:42:56 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc774cd9466bb-AMS
accept-ranges
bytes
content-length
313187
server
cloudflare
mon
june.takingbackjuly.com/
0
158 B
XHR
General
Full URL
https://june.takingbackjuly.com/mon
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://salamemanbetoyareghadimi.online/

Response headers

access-control-allow-origin
https://salamemanbetoyareghadimi.online
content-length
0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
june.takingbackjuly.com/
0
16 B
XHR
General
Full URL
https://june.takingbackjuly.com/mon
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://salamemanbetoyareghadimi.online/

Response headers

access-control-allow-origin
https://salamemanbetoyareghadimi.online
content-length
0
date
Fri, 25 Oct 2024 05:24:14 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
june.takingbackjuly.com/
0
39 B
XHR
General
Full URL
https://june.takingbackjuly.com/mon
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://salamemanbetoyareghadimi.online/

Response headers

access-control-allow-origin
https://salamemanbetoyareghadimi.online
content-length
0
date
Fri, 25 Oct 2024 05:24:16 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-62VXG698NS&gtm=45je4al0v870015383za200&_p=1729833853023&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101686685~101823848&cid=1272596182.1729833853&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=salamemanbetoyareghadimi.online&sid=1729833853&sct=1&seg=0&dt=Broadband%20Internet%20and%20Mobile%20Phone%20Services%20%7C%20Spark%20NZ&en=scroll&epn.percent_scrolled=90&_et=9&tfd=9664
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://salamemanbetoyareghadimi.online/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://salamemanbetoyareghadimi.online
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:24:18 GMT
content-type
text/plain
server
Golfe2
mon
june.takingbackjuly.com/
0
39 B
XHR
General
Full URL
https://june.takingbackjuly.com/mon
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://salamemanbetoyareghadimi.online/

Response headers

access-control-allow-origin
https://salamemanbetoyareghadimi.online
content-length
0
date
Fri, 25 Oct 2024 05:24:18 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
june.takingbackjuly.com/
0
39 B
XHR
General
Full URL
https://june.takingbackjuly.com/mon
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://salamemanbetoyareghadimi.online/

Response headers

access-control-allow-origin
https://salamemanbetoyareghadimi.online
content-length
0
date
Fri, 25 Oct 2024 05:24:23 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
june.takingbackjuly.com/
0
39 B
XHR
General
Full URL
https://june.takingbackjuly.com/mon
Requested by
Host: salamemanbetoyareghadimi.online
URL: https://salamemanbetoyareghadimi.online/etc.clientlibs/clientlibs/granite/jquery/granite.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://salamemanbetoyareghadimi.online/

Response headers

access-control-allow-origin
https://salamemanbetoyareghadimi.online
content-length
0
date
Fri, 25 Oct 2024 05:24:28 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
salamemanbetoyareghadimi.online
URL
https://salamemanbetoyareghadimi.online/content/dam/onespark/icon-images/shielded.png
Domain
salamemanbetoyareghadimi.online
URL
https://salamemanbetoyareghadimi.online/etc/designs/spark-responsive/clientlib-reactjs.js
Domain
salamemanbetoyareghadimi.online
URL
https://salamemanbetoyareghadimi.online/etc/designs/sparklabs/clientlib-all.js
Domain
salamemanbetoyareghadimi.online
URL
blob:https://salamemanbetoyareghadimi.online/4615074c-e8a0-4af2-b112-15720559be3b
Domain
salamemanbetoyareghadimi.online
URL
blob:https://salamemanbetoyareghadimi.online/85464e0d-4814-40c5-b2a2-0962e420df94

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spark (Telecommunication)

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| CQ function| $ function| jQuery object| matched object| browser object| Granite object| _g function| $CQ function| cq5forms_isArray function| cq5forms_isNodeList function| cq5forms_showMsg function| cq5forms_isEmpty function| cq5forms_regcheck function| cq5forms_multiResourceChange function| picturefill object| jQuery112409434937055328432 object| digitalData object| date number| clientHourOfDay object| pageVisitJson number| systemHourOfDay number| diffHourOfDay object| days string| isWeekend function| emptyDiv function| page object| tealiumDataProvider function| sendTealiumEvent function| isEmpty function| key function| distinct object| targetGlobalSettings object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| debugPrefix object| utag_data object| utag_cfg_ovrd object| dataLayer function| gtag function| __ctcg_ct_17319_exec object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| s_doPlugins function| s_getLoadTime function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s object| patt number| s_loadT string| GoogleAnalyticsObject function| ga object| utag string| theme object| gaplugins object| gaData object| _cq object| GooglebQhCsO function| emailPage function| xmlParser object| React object| ReactDOM function| styledComponents object| styledTools object| sparkTokens object| sparkTokenHelpers object| sparkElements

14 Cookies

Domain/Path Name / Value
salamemanbetoyareghadimi.online/ Name: BIGipServerpAEM-dispatcher-PRD
Value: 740092682.20480.0000
salamemanbetoyareghadimi.online/ Name: TS01145294
Value: 015b067a44cc785fda9852df07da9275f5b7f6849fca833faae8b8b9a9694bfe81712b0bd5124e0acbeb9f650639b99e3ca02c907dc391b829b8b31fab487276bbee1ec05c
.salamemanbetoyareghadimi.online/ Name: mbox
Value: session#d371e46e267a4c4983bcff4d3e3ba297#1729835714
.salamemanbetoyareghadimi.online/ Name: at_check
Value: true
.salamemanbetoyareghadimi.online/ Name: _cq_duid
Value: 1.1729833853.CvW0x4R1TuBrx1bb
.salamemanbetoyareghadimi.online/ Name: _cq_suid
Value: 1.1729833853.Lgw3cBcFdvKxrkLK
.salamemanbetoyareghadimi.online/ Name: _ga_62VXG698NS
Value: GS1.1.1729833853.1.0.1729833853.60.0.0
.salamemanbetoyareghadimi.online/ Name: utag_main
Value: v_id:0192c221e2ab001936ae8e62d1ad05065002805d00b08$_sn:1$_se:1$_ss:1$_st:1729835653616$ses_id:1729833853616%3Bexp-session$_pn:1%3Bexp-session
.salamemanbetoyareghadimi.online/ Name: _ga
Value: GA1.2.1272596182.1729833853
.salamemanbetoyareghadimi.online/ Name: _gid
Value: GA1.2.1435728341.1729833854
june.takingbackjuly.com/ Name: cg_uuid
Value: cee5536fb520548a2cc9c9ac7f406738
.salamemanbetoyareghadimi.online/ Name: _fbp
Value: fb.1.1729833853756.284523769394822705
.salamemanbetoyareghadimi.online/ Name: _gcl_au
Value: 1.1.734337617.1729833854
.doubleclick.net/ Name: IDE
Value: AHWqTUlmR50FEjOorPKTtMXBYYG10fhjOtkafKCeJ8HIVDWYM-I7UbPV0qyYjKyf

6 Console Messages

Source Level URL
Text
javascript warning URL: https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/launch-4c20c4466aca.min.js(Line 4)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.spark.co.nz/content/dam/telecomcms/cdp/utag.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/launch-4c20c4466aca.min.js(Line 4)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.spark.co.nz/content/dam/telecomcms/cdp/utag.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering warning URL: https://salamemanbetoyareghadimi.online/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F0EA05BC000000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://sparknewzealandtradi.tt.omtrdc.net/rest/v1/delivery?client=sparknewzealandtradi&sessionId=d371e46e267a4c4983bcff4d3e3ba297&version=2.10.0
Message:
Failed to load resource: the server responded with a status of 400 ()
rendering warning URL: https://salamemanbetoyareghadimi.online/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C0EA05BC000000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
worker verbose URL: blob:https://salamemanbetoyareghadimi.online/4615074c-e8a0-4af2-b112-15720559be3b(Line 1)
Message:
Error

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
august.takingbackjuly.com
connect.facebook.net
googleads.g.doubleclick.net
june.takingbackjuly.com
salamemanbetoyareghadimi.online
sparknewzealandtradi.tt.omtrdc.net
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.spark.co.nz
salamemanbetoyareghadimi.online
142.250.185.130
142.250.185.206
142.250.185.66
142.250.186.110
142.250.186.136
146.171.248.36
157.240.0.35
157.240.251.9
172.217.16.196
173.194.76.157
18.245.86.119
188.114.97.3
216.58.212.162
50.16.211.97
66.235.152.221
07d01c30b97388e50593976122e22ef16a9da92ea224df8f53a40ca174d66100
11fa10ef7b83547215c80beef6563b80cc01d9fe099fe2d44fd437627f8f1d9a
14fd5488cd35a65a9c8d98f0ac5e97fca338d1a3532179ee3dc92d7e4667c4ce
17566380940fe5270b9990e50e1017b302382ea45a21c7f85d2a1cfc1ffa85b4
1c1bbdd52caac896e0afaf4e56e749b8181fb025bfc7afc16ea8f4f38ca99579
1f67d403afe57df8c4941bbd977715a916142489e79419bf9c420a13584513c4
2d98b01da0724db55fe327b97a09ef64c25598eb8d8194414e63de0e82a20d3d
3a9fc6754d5c5542cc9511b8dc6f3b60f1ff2c1d9bf9a5a12522288d27098500
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b91ad0b85c39f6789caf49cec4beb06b7b9f0e4d0ac8feff0de8f79fdd12d97
597577e553630e1a1a757b9a233376cc1c0ea7e590a796b708103f8b077b0631
5a33b1b08faa141fe7a21f91a0f8bd26fb72c4f6ab530de586c1890efed6ff77
5c85b9b27a03314d530cc6f1cc103fc9d9e8f10e64194c5e5568802d3c300bdb
66c959ecd759f00fbe2a2c0bd9492bba38ee22a6c18ccc364151ebe15b914e49
6759b81453a6cf9c095063879c5be864a706af674c6e79a555d8e9d57e119726
6f395140cdd1f50b8aa5ed94160888952771aa7c3de5196908e782a28276a057
6fb7dad4f9d7beff051095ab2516f17f28031181aba5fd7a90b7d46691b723d5
7450493c3efcd1bafee25bd559e5c4c26cc9b6602560becd589e6489b018470d
77bbfa0cb24fc3fbd863563814a419f68661054ada740bc501a03bea5d7ce7cc
786e429789593e3a89d19e4869805c23a417449163acb5f3388d6c3ea3901d30
7d5151aafe672974cf9800b6f5f08d0e4e2115aabb7f4ea95ceef954221e4f0f
7fd91d73f06e4b853bd543dedabd4ab8748ac1f269446e1467660b55c9bf327b
82908823fd53d649648fb51f49f1fb701a847310cf51e8c64f3909e242dc4ac9
84eadc2e9da30e39260e3ff7bbbdeb9376fd8ac88df8d5924b92a93cc36f3dc0
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
8ec1be7bf4b13291a8e8b61ade8d3df506c53f38e2a14aafafe77f66eb5833e4
934c1c0474bd19feb129e9137984bc634cb53bd410b491a6b8b27c26383359bd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a3ca9ea3dc5a7cbe838dee9f712b8e87cc85e7478648751f7b2261806688923a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad340ec75cdac5518c80ace86515ba5f1b2eab0986dfe5f26fbf8efed114bab8
b22b9745bea5f0bd766f4802b0b8f1d87fbca89511573e5c55d7705939e00c4d
b8f61e550cc76f12aaed06f5f92fe359a074f83808b23e3ad4266cbc10df8fa0
b9dd2080ab9f46659b9ceb72fd93def941195e854ccfa6b5409a20c40a0425bd
bb464ad80f3513de7f91e95b1434ebcd0c3f6d96bbbd364fca0a37e343bb05d1
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c454d5bf7977f3dc91fc22f4e3648a607b72c3677c59d5a4ed04b6c7f42e964b
cb5460d12873f565566367d90c804bdcdfad6f80522ce61a8fdb03b1cfc156f5
cca224d8284dabccd2bacc5cd05e6d98d7d4e7706592bdf848bd91780c19b2ab
d5a2d6795ff2e03529d4e0675afed05cc8c52db5807f7b4b57b65adc0423bba2
d65da0384164d3caeeee36b2e8b7b5da42e1183d4575725a3bd05213e786ec55
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e312a32e1df52d74230673e61a14845ac83a85d42f26ddacc0c38edc1d2e944f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99e279ecec3e9fbcf4048c3226a6975c17990fd242d0f1417023bc7807c7dc2
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff832e440c193b33017fad6446867b20c8dc41abacba103d72ca52afa7ff3b8
f0a79f4fd1a6f9f2d5cb69e56a022f403734cd3f2d61d20163248454da26b8a3
f59da134f3c9f0eaf7d6e0f8070745d1285aa22b62ac1a40cce41a6d559798d2
f7629a123ea671142b9ed3d15f0fed7e00cd86e80dea8ec85dc6f2a37c27d737
f7f8edc328182b9a75368da0433f3d55673377bdab1d57148fa0e02e567b7442
fd055027d4b29969e107adf3bcc351e7249a7076ec9f23085bf04f1dd2c7af9f
fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1
fe912a707eb6a1ba468c8e2cc2f9aab7a8837e1d54d4be849473e0fd6e64a63c