urlscan.io logo urlscan.io
SecurityTrails logo

zaya.io Open in urlscan Pro
136.243.224.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://behnam.x1x2.ir/
Effective URL: https://zaya.io/page/domain-connection
Submission: On March 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 41 HTTP transactions. The main IP is 136.243.224.221, located in Eitensheim, Germany and belongs to HETZNER-AS, DE. The main domain is zaya.io.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time zaya.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    136.243.224.221 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: zaya.io
behnam.x1x2.ir
zaya.io
2    2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    185.166.104.3 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)
cdn.yektanet.com
audience.yektanet.com
5    185.166.104.4 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)
ua.yektanet.com
8    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    5.63.13.218 (Tehran, Iran, Islamic Republic Of)

ASN57497 (FARASOSAMANEHPASARGAD, IR)
PTR: myserver.goftino.com
www.goftino.com
3    2607:f8b0:4006:806::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
700 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 5
analytics.google.com — Cisco Umbrella Rank: 258
92 KB
8 zaya.io
zaya.io
212 KB
7 yektanet.com
cdn.yektanet.com — Cisco Umbrella Rank: 58004
audience.yektanet.com — Cisco Umbrella Rank: 63490
ua.yektanet.com — Cisco Umbrella Rank: 61576
18 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
157 KB
1 goftino.com
www.goftino.com — Cisco Umbrella Rank: 159185
4 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
248 B
1 x1x2.ir
behnam.x1x2.ir
1005 B
41 9
Domain Requested by
8 www.gstatic.com www.google.com
www.gstatic.com
8 www.google.com zaya.io
www.gstatic.com
www.google.com
8 zaya.io zaya.io
5 ua.yektanet.com cdn.yektanet.com
ua.yektanet.com
3 fonts.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com zaya.io
www.googletagmanager.com
1 www.goftino.com zaya.io
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 audience.yektanet.com cdn.yektanet.com
1 cdn.yektanet.com zaya.io
1 behnam.x1x2.ir 1 redirects
41 13

This site contains links to these domains. Also see Links.

Domain
t.me
blog.zaya.io
twitter.com
www.instagram.com
statsfa.com
Subject Issuer Validity Valid
zaya.io
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
cdn.yektanet.com
R3		 2024-03-03 -
2024-06-01		 3 months crt.sh
yektanet.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.goftino.com
Certum Domain Validation CA SHA2		 2023-09-24 -
2024-09-23		 a year crt.sh

This page contains 4 frames:

Primary Page: https://zaya.io/page/domain-connection
Frame ID: CECB59E8E00A6FF6F8A89DE094867C12
Requests: 22 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: 7DC8EE0CB3758C2C929D7C988DA2A4C0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK&co=aHR0cHM6Ly96YXlhLmlvOjQ0Mw..&hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&cb=dyszvuk7yap8
Frame ID: B30ED4CE8274EDCD9F35D627A6EF6988
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
Frame ID: D868061555AA920175C257EFFACC5917
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

دامنه اختصاصی در زایا - کوتاه کننده لینک زایا

Page URL History Show full URLs

  1. https://behnam.x1x2.ir/ HTTP 301
    https://zaya.io/page/domain-connection Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

41
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

11
IPs

3
Countries

1204 kB
Transfer

2916 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://behnam.x1x2.ir/ HTTP 301
    https://zaya.io/page/domain-connection Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request domain-connection
zaya.io/page/
Redirect Chain
  • https://behnam.x1x2.ir/
  • https://zaya.io/page/domain-connection
50 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
191da770419fc8afa71620e044ec71dab9a46db50d60aa6acd3901a760090ff7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, private
content-encoding
br
content-length
11293
content-type
text/html; charset=UTF-8
date
Fri, 22 Mar 2024 23:34:18 GMT
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
171
content-type
text/html; charset=UTF-8
date
Fri, 22 Mar 2024 23:34:18 GMT
location
https://zaya.io/page/domain-connection
vary
Accept-Encoding
home.min.css
zaya.io/css/ 		211 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zaya.io/css/home.min.css?v=179
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
edc7381115dd3d818f24796575dd8d0dac9433eccd035bae4aed108d2206d806

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/page/domain-connection
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:19 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 06:41:19 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33957
expires
Fri, 29 Mar 2024 23:34:19 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-166928498-1
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92b08451fb727c559d65d4d750662930ceaae40ca122547e88aa5685c315ea35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72887
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 21:47:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 23:34:20 GMT
zaya-min.png
zaya.io/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaya.io/assets/img/zaya-min.png
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
238bb80364f60c2fb421ddfada7d6ceb6895a3dd1cd6b21eb455fbadabbbf3f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/page/domain-connection
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/png
date
Fri, 22 Mar 2024 23:34:19 GMT
cache-control
public, max-age=604800
last-modified
Tue, 16 Mar 2021 19:26:35 GMT
accept-ranges
bytes
content-length
4034
expires
Fri, 29 Mar 2024 23:34:19 GMT
zaya.svg
zaya.io/assets/home/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaya.io/assets/home/img/zaya.svg
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
85b5805278fd1069bcb2343d3287b09bf475efcbb09ab64ddd7d049cfbc82de7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/page/domain-connection
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:19 GMT
content-encoding
br
last-modified
Tue, 28 Mar 2023 10:15:16 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1345
expires
Fri, 29 Mar 2024 23:34:19 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=fa
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8fc13b59c942ea2e8f002f12553c11f32abe78673fc636be02f86a33626ba93a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 22 Mar 2024 23:34:20 GMT
home.js
zaya.io/js/ 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaya.io/js/home.js?v=179
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
a9bfa9d89a1d0a2359f2cb8a15eb98e5902da9532d500c07833fda19c34ad1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/page/domain-connection
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:19 GMT
content-encoding
br
last-modified
Mon, 03 Jul 2023 10:45:33 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33753
expires
Fri, 29 Mar 2024 23:34:19 GMT
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/mfED2iTl/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v3/mfED2iTl/rg.complete.js?v=202402022013
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
82deee5d36146c34c56f4c0fd3844a5eb8f29e27ed8e674441977141880a5f85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:20 GMT
strict-transport-security
max-age=31536000
x-zrk-cs
HIT
last-modified
Mon, 19 Feb 2024 09:42:57 GMT
server
Delivery
x-amz-request-id
tx000002044fbb520bf05b7-0065fd86d9-99aafdc-default
etag
W/"2b90b1253d615724fc3021f6438e3046"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
content-encoding
br
x-rgw-object-type
Normal
cache-control
public, max-age=3600
x-zrk-us
200
x-zrk-sn
4201
YekanBakh-Regular.woff
zaya.io/css/fonts/YekanBakh/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zaya.io/css/fonts/YekanBakh/YekanBakh-Regular.woff
Requested by
Host: zaya.io
URL: https://zaya.io/css/home.min.css?v=179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
5e773f072a54c62d648d3ba31f460c94421bfd4675f7a9c766c07cf73c717c02

Request headers

Referer
https://zaya.io/css/home.min.css?v=179
Origin
https://zaya.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:19 GMT
last-modified
Sun, 26 Feb 2023 04:30:13 GMT
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25812
expires
Fri, 29 Mar 2024 23:34:19 GMT
YekanBakh-Bold.woff
zaya.io/css/fonts/YekanBakh/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zaya.io/css/fonts/YekanBakh/YekanBakh-Bold.woff
Requested by
Host: zaya.io
URL: https://zaya.io/css/home.min.css?v=179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
c89a12a588886b9b8191186da29cb2850cbaaeadf5add8b7fddf0b7cb5d88575

Request headers

Referer
https://zaya.io/css/home.min.css?v=179
Origin
https://zaya.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:19 GMT
last-modified
Sun, 26 Feb 2023 04:30:13 GMT
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25648
expires
Fri, 29 Mar 2024 23:34:19 GMT
icomoon.ttf
zaya.io/css/fonts/icomoon/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zaya.io/css/fonts/icomoon/icomoon.ttf?zx3as3
Requested by
Host: zaya.io
URL: https://zaya.io/css/home.min.css?v=179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.224.221 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
zaya.io
Software
/
Resource Hash
0ec79ff51ff1ee3c8f532c2c66f03e74d92d2822e6989d1723c5c920d34e7579

Request headers

Referer
https://zaya.io/css/home.min.css?v=179
Origin
https://zaya.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:19 GMT
last-modified
Fri, 25 Aug 2023 06:41:19 GMT
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
79368
expires
Fri, 29 Mar 2024 23:34:19 GMT
/
audience.yektanet.com/api/v1/scripts/preview/validate/ 		5 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=U8K9fshZ
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/mfED2iTl/rg.complete.js?v=202402022013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:21 GMT
strict-transport-security
max-age=0
x-zrk-cs
BYPASS
x-zrk-us
200
x-zrk-sn
4001
content-length
5
pragma
no-cache
server
Delivery
allow
GET, OPTIONS
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://zaya.io
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes, bytes
access-control-allow-headers
Authorization
expires
0
/
ua.yektanet.com/cookie/iframe/ Frame 7DC8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/cookie/iframe/
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/mfED2iTl/rg.complete.js?v=202402022013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://zaya.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
content-type
text/html
date
Fri, 22 Mar 2024 23:34:21 GMT
expires
0
last-modified
Friday, 22-Mar-2024 23:34:21 GMT
pragma
no-cache
server
Delivery
strict-transport-security
max-age=0
vary
Accept-Encoding
x-zrk-cs
BYPASS
x-zrk-sn
4001
x-zrk-us
200
__fake.gif
ua.yektanet.com/ 		42 B
657 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=1154d1f3-4ef3-45da-b030-ed8fb19f7795&abj=0&aed=adv&abh=19032&sv=3&st=rg.complete.js&ac=https%3A%2F%2Fzaya.io%2Fpage%2Fdomain-connection&ae=%7B%7D&ad=zaya.io&as=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7%20-%20%DA%A9%D9%88%D8%AA%D8%A7%D9%87%20%DA%A9%D9%86%D9%86%D8%AF%D9%87%20%D9%84%DB%8C%D9%86%DA%A9%20%D8%B2%D8%A7%DB%8C%D8%A7&aef=U8K9fshZ&aec=30961&ai=b42d8d10-c253-0117-f0a3-507723c6d640&abw=1600&abb=1054&aby=1600&abz=1200&al=1600&am=1200&abk=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/mfED2iTl/rg.complete.js?v=202402022013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 23:34:21 GMT
strict-transport-security
max-age=0
last-modified
Friday, 22-Mar-2024 23:34:21 GMT
server
Delivery
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us
200
accept-ranges
bytes, bytes
x-zrk-sn
4001
content-length
42
expires
0
__fake.gif
ua.yektanet.com/ 		42 B
657 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=a92602ab-e13b-4951-9dd6-df4186526e7c&abj=1&aed=adv&abh=19032&sv=3&st=rg.complete.js&psc=1417&psi=2680&ac=https%3A%2F%2Fzaya.io%2Fpage%2Fdomain-connection&ae=%7B%7D&ad=zaya.io&as=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7%20-%20%DA%A9%D9%88%D8%AA%D8%A7%D9%87%20%DA%A9%D9%86%D9%86%D8%AF%D9%87%20%D9%84%DB%8C%D9%86%DA%A9%20%D8%B2%D8%A7%DB%8C%D8%A7&aef=U8K9fshZ&aec=30961&ai=b42d8d10-c253-0117-f0a3-507723c6d640&abw=1600&abb=1054&aby=1600&abz=1200&al=1600&am=1200&abk=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/mfED2iTl/rg.complete.js?v=202402022013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 23:34:21 GMT
strict-transport-security
max-age=0
last-modified
Friday, 22-Mar-2024 23:34:21 GMT
server
Delivery
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us
200
accept-ranges
bytes, bytes
x-zrk-sn
4001
content-length
42
expires
0
__fake.gif
ua.yektanet.com/ 		42 B
658 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=45879d08-1769-446e-8064-b7f7d9eb9baf&abj=0&aed=adv&abh=19057&sv=3&st=rg.complete.js&ac=https%3A%2F%2Fzaya.io%2Fpage%2Fdomain-connection&ae=%7B%7D&ad=zaya.io&as=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7%20-%20%DA%A9%D9%88%D8%AA%D8%A7%D9%87%20%DA%A9%D9%86%D9%86%D8%AF%D9%87%20%D9%84%DB%8C%D9%86%DA%A9%20%D8%B2%D8%A7%DB%8C%D8%A7&aef=U8K9fshZ&aec=30961&ai=b42d8d10-c253-0117-f0a3-507723c6d640&abw=1600&abb=1054&aby=1600&abz=1200&al=1600&am=1200&abk=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/mfED2iTl/rg.complete.js?v=202402022013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 23:34:21 GMT
strict-transport-security
max-age=0
last-modified
Friday, 22-Mar-2024 23:34:21 GMT
server
Delivery
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-zrk-us
200
accept-ranges
bytes, bytes
x-zrk-sn
4001
content-length
42
expires
0
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 		528 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35b008f23afed85d2b5f498f345efa27c2c8e13ca90689f1a1d30dc7ece640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaya.io/
Origin
https://zaya.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 19:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206042
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 19:50:54 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SPFS9JXZ8G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166928498-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02960de68cadb48085b575b986383e56dcfd605ad9ef1d0851347fde68f5b0cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87290
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 23:34:21 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166928498-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 22:06:53 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5248
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 23 Mar 2024 00:06:53 GMT
collect
analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-SPFS9JXZ8G&gtm=45je43k0v9111056724za200&_p=1711150459394&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=502980064.1711150462&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1711150461&sct=1&seg=0&dl=https%3A%2F%2Fzaya.io%2Fpage%2Fdomain-connection&dt=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7%20-%20%DA%A9%D9%88%D8%AA%D8%A7%D9%87%20%DA%A9%D9%86%D9%86%D8%AF%D9%87%20%D9%84%DB%8C%D9%86%DA%A9%20%D8%B2%D8%A7%DB%8C%D8%A7&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4904
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPFS9JXZ8G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 23:34:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaya.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SPFS9JXZ8G&cid=502980064.1711150462&gtm=45je43k0v9111056724za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPFS9JXZ8G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 23:34:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaya.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1794668504&t=pageview&_s=1&dl=https%3A%2F%2Fzaya.io%2Fpage%2Fdomain-connection&ul=en-us&de=UTF-8&dt=%D8%AF%D8%A7%D9%85%D9%86%D9%87%20%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C%20%D8%AF%D8%B1%20%D8%B2%D8%A7%DB%8C%D8%A7%20-%20%DA%A9%D9%88%D8%AA%D8%A7%D9%87%20%DA%A9%D9%86%D9%86%D8%AF%D9%87%20%D9%84%DB%8C%D9%86%DA%A9%20%D8%B2%D8%A7%DB%8C%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=28288108&gjid=1725698586&cid=502980064.1711150462&tid=UA-166928498-1&_gid=1347726605.1711150462&_r=1&gtm=457e43k0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1276583257
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zaya.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 23:34:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaya.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame B30E 		46 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK&co=aHR0cHM6Ly96YXlhLmlvOjQ0Mw..&hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&cb=dyszvuk7yap8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7374fd5f05c6114635ac4c70bf2b853d704997a5e08b5309ab4f86eea1d0c17d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-19k58Z2yZ-jyMDdIL4xwLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zaya.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-19k58Z2yZ-jyMDdIL4xwLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 23:34:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
set
ua.yektanet.com/cookie/ Frame 7DC8 		78 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/cookie/set
Requested by
Host: ua.yektanet.com
URL: https://ua.yektanet.com/cookie/iframe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
1bc8e7f61f3fbd876d2aa9f7f26b52e2c983368a19bd3e4ca6023f9a255370c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ua.yektanet.com/cookie/iframe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 23:34:22 GMT
strict-transport-security
max-age=0
x-zrk-cs
BYPASS
last-modified
Friday, 22-Mar-2024 23:34:22 GMT
server
Delivery
content-encoding
br
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
x-zrk-us
200
x-zrk-sn
4001
expires
0
styles__rtl.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame B30E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK&co=aHR0cHM6Ly96YXlhLmlvOjQ0Mw..&hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&cb=dyszvuk7yap8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f206b060caf20ae38c428c1bad44ccaf68b6345b63f2a7f06428e9747526c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 19:58:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24601
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 19:58:45 GMT
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame B30E 		528 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK&co=aHR0cHM6Ly96YXlhLmlvOjQ0Mw..&hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&cb=dyszvuk7yap8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35b008f23afed85d2b5f498f345efa27c2c8e13ca90689f1a1d30dc7ece640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 19:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206042
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 19:50:54 GMT
Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js
www.google.com/js/bg/ Frame B30E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK&co=aHR0cHM6Ly96YXlhLmlvOjQ0Mw..&hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&cb=dyszvuk7yap8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
228259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7310
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 08:10:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B30E 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK&co=aHR0cHM6Ly96YXlhLmlvOjQ0Mw..&hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&cb=dyszvuk7yap8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
868bf560b2006296b3c8a1f56c209224585af55b530be5e65a21b73950cf7eb5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK&co=aHR0cHM6Ly96YXlhLmlvOjQ0Mw..&hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&cb=dyszvuk7yap8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 22 Mar 2024 23:34:22 GMT
WSGt7M
www.goftino.com/widget/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.goftino.com/widget/WSGt7M
Requested by
Host: zaya.io
URL: https://zaya.io/page/domain-connection
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.13.218 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
myserver.goftino.com
Software
nginx /
Resource Hash
a09894be61bb1ce84026e69da7c13f21d0e2ebf4269044ac1678bfa7e2a35caa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaya.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-dns-prefetch-control
off
cache-control
no-cache
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame D868 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f6c28c46986dc8260e7acea6aa5358d48a51a9339250857a74814261e8fa3ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZbsCb9UesbytJOjUyEKxKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zaya.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZbsCb9UesbytJOjUyEKxKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 23:34:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__rtl.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame D868 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f206b060caf20ae38c428c1bad44ccaf68b6345b63f2a7f06428e9747526c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 19:58:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24601
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 19:58:45 GMT
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame D868 		528 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35b008f23afed85d2b5f498f345efa27c2c8e13ca90689f1a1d30dc7ece640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 19:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206042
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 19:50:54 GMT
reload
www.google.com/recaptcha/api2/ Frame D868 		20 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eeadfabcb6a5d6fa9d6d2baa4107d02e41b7dd545f42064d03ed858ca77737c2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 22 Mar 2024 23:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 22 Mar 2024 23:34:24 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame D868 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 09:12:45 GMT
x-content-type-options
nosniff
age
224499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 27 Mar 2024 09:12:45 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame D868 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:55:37 GMT
x-content-type-options
nosniff
age
229127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 27 Mar 2024 07:55:37 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame D868 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:54:18 GMT
x-content-type-options
nosniff
age
229206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 27 Mar 2024 07:54:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D868 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:15:49 GMT
x-content-type-options
nosniff
age
137915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 09:15:49 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D868 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:00:10 GMT
x-content-type-options
nosniff
age
228854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 08:00:10 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D868 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:51:32 GMT
x-content-type-options
nosniff
age
229372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 07:51:32 GMT
Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js
www.google.com/js/bg/ Frame D868 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__fa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
228261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7310
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 08:10:03 GMT
payload
www.google.com/recaptcha/api2/ Frame D868 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA68IdRXFnnjgkTb3-8leCTcXBTiUWDYlPFDYfJeXOJ69Ys27gvQKqPc92ZZwZ5y_3-YmCFWXYPXcBrWVAbliLQZNnXQP00um5XLs6XUFKnnfHlQoaQre1V_bE1l0xxag6n4bKop-1Fcf7kZZPG7GEbz7WTPImDRaUlaUFOhqHpgRIMegK61FySlAZCyCWQrSgJI7GiuP95N9voDFhMhKESg86WR5A&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
179e857713b7d5045b43e3cb19e7a0421615e41936926cac933289edf9c7cb60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=fa&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Lcor_gUAAAAAMNeYxo8nTxFq36j_GwwVZ5bs9uK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 23:34:24 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 22 Mar 2024 23:34:24 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| gtag object| dataLayer string| yektanetAnalyticsObject function| yektanet function| onSubmitshortform boolean| busy function| myMove function| $ function| jQuery object| toastr object| ynWebpackJsonp object| regeneratorRuntime boolean| yektanet_ua-script-U8K9fshZ_is_loaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| recaptcha object| closure_lm_301248 object| Goftino function| goftinoRemoveLoad

18 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AKoyJksvk_EppfNsdpYFiNeYInbLVzZisLcZKHnXzF5Lw7XOCbUK6yhc2f4nXIp7evlnMDXZz9GE2fTYGf6iPBQ
behnam.x1x2.ir/ Name: XSRF-TOKEN
Value: eyJpdiI6Imc2MUsyVWhEeTdNNmJjd3VZb2g0NlE9PSIsInZhbHVlIjoiMWIrUlZLSlh2bTFFQ3NHdUNQSllUSlY5VWJSS0lZdDlMSlFlbndNNm1oWkRyWVY3aFhUcE5Xelp2aE5TbXRQUG5rTzdRS2NzZjU1OTNtYmdMbStUbUhOZlI2clFBbnY2dHVTdHQ2MFp0blBSdjEwVmd6bjQ0V0FNNEo3bDR5a1EiLCJtYWMiOiJjMTY3Nzg0NDk1YzcyNWI1NTg1MTA3OGU2YzVlMDQ1MDFkYWY2M2MyZmM5YjNkNThhMzg5MzUzN2JjNmI5MDJlIiwidGFnIjoiIn0%3D
behnam.x1x2.ir/ Name: zaya_session
Value: eyJpdiI6IjdPdUtTUlgra0JkVHJmN0NQNkJXc1E9PSIsInZhbHVlIjoiNy9hK0lyMU9IUC9mRjYvcVVRMzRHUldMRjNoYyt0YVQ0YkJUdmVnT0VxckJjQkFkcWRxNUZFV2ZyRFhVMjJSMEZrbi9HbitQd25yQlh1S2hJMDBKMG9lSkhMYWFmakhjM3BKQnZSdUdoTGQvc0ErT01jbGliYmtNRFVTTDVlajUiLCJtYWMiOiIxZDAwNjU5ODlhNzkxNjA4NDU1MWFkZDA1YzQ2MDcxY2E0YzI2ZGMwMjVkZDRiNzM4ZTJhYjM0OGIxNTc4NzFiIiwidGFnIjoiIn0%3D
behnam.x1x2.ir/ Name: dark_mode
Value: 0
zaya.io/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik5MQnR4S1B5ZkkydFVySlhUR3pveFE9PSIsInZhbHVlIjoiZWFxbWlBQVhHZ0lQR2dJdjI3SzE2UnFDYkkrNlRIaEJtbno0czdxKzV6YS9zNW1wd3g1cXRJYkZBSERFcjRLT1hYVFBDd3RTOG1mWGVHZ0lBbEJBMktxb1FJYmVVd1ZYZzBBVkg2R3hucHhVSmN3dkpkTll5SmR5cmxXYlhRWjkiLCJtYWMiOiI2YjZhMTFiYTA5MDJmYjJhNzVlMDg4ZGU4OTZjZWUzYWUzYzQzOGExY2UxNTFkYzNjODlkNTk5NzNmNWE4MzQwIiwidGFnIjoiIn0%3D
zaya.io/ Name: zaya_session
Value: eyJpdiI6ImVtRFAvRVVKUjlXTHpLNllaT0Vnb2c9PSIsInZhbHVlIjoiTzFFdzJ1OE84cEh6S1ZwVHloZkswdEhPdTE5cnpPSFUreXM1TWdxa2k2anN1b2MwWFBaVUVrL3dobmJLeVdocURyTTh0QnBjeWFQWDMxK3BLckJoR3ZzNEVJM21JOHRMb1hRM09hTEVMdlFaTWNRMmthZDNpS3RLd3FOVWhkV1EiLCJtYWMiOiIxY2Y5NzNiMmFhMGU3ODlkYmU5NGFhZjQ4ZWUzZDM5ODhhZWJhYzk3ZmRhNmJlZjExMjM1MGJmNjdmZTM4M2Y5IiwidGFnIjoiIn0%3D
zaya.io/ Name: dark_mode
Value: 0
zaya.io/ Name: analytics_token
Value: d8ba48c8-9e8b-c9e2-3e2b-542faf21bca9
zaya.io/ Name: analytics_session_token
Value: b42d8d10-c253-0117-f0a3-507723c6d640
zaya.io/ Name: yektanet_session_last_activity
Value: 3/23/2024
zaya.io/ Name: _yngt_iframe
Value: 1
.yektanet.com/ Name: gearbox_ad_token
Value: b8693e71-1827d-d13bc-cfb20-0166a96ed695f
.yektanet.com/ Name: analytics_global_token
Value: b8693e71-1827d-d13bc-cfb20-0166a96ed695f
.zaya.io/ Name: _ga_SPFS9JXZ8G
Value: GS1.1.1711150461.1.0.1711150461.60.0.0
.zaya.io/ Name: _ga
Value: GA1.2.502980064.1711150462
.zaya.io/ Name: _gid
Value: GA1.2.1347726605.1711150462
.zaya.io/ Name: _gat_gtag_UA_166928498_1
Value: 1
zaya.io/ Name: _yngt
Value: b8693e71-1827d-d13bc-cfb20-0166a96ed695f

12 Console Messages

Source Level URL
Text
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaya.io/page/domain-connection
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
audience.yektanet.com
behnam.x1x2.ir
cdn.yektanet.com
fonts.gstatic.com
stats.g.doubleclick.net
ua.yektanet.com
www.goftino.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
zaya.io
136.243.224.221
185.166.104.3
185.166.104.4
2001:4860:4802:36::181
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:806::2003
2607:f8b0:4006:806::2004
2607:f8b0:4006:807::200e
2607:f8b0:4006:81c::2008
2607:f8b0:4006:824::2003
5.63.13.218
02960de68cadb48085b575b986383e56dcfd605ad9ef1d0851347fde68f5b0cf
0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce
0ec79ff51ff1ee3c8f532c2c66f03e74d92d2822e6989d1723c5c920d34e7579
179e857713b7d5045b43e3cb19e7a0421615e41936926cac933289edf9c7cb60
191da770419fc8afa71620e044ec71dab9a46db50d60aa6acd3901a760090ff7
1bc8e7f61f3fbd876d2aa9f7f26b52e2c983368a19bd3e4ca6023f9a255370c2
238bb80364f60c2fb421ddfada7d6ceb6895a3dd1cd6b21eb455fbadabbbf3f8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e773f072a54c62d648d3ba31f460c94421bfd4675f7a9c766c07cf73c717c02
5f206b060caf20ae38c428c1bad44ccaf68b6345b63f2a7f06428e9747526c06
5f6c28c46986dc8260e7acea6aa5358d48a51a9339250857a74814261e8fa3ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7374fd5f05c6114635ac4c70bf2b853d704997a5e08b5309ab4f86eea1d0c17d
82deee5d36146c34c56f4c0fd3844a5eb8f29e27ed8e674441977141880a5f85
85b5805278fd1069bcb2343d3287b09bf475efcbb09ab64ddd7d049cfbc82de7
868bf560b2006296b3c8a1f56c209224585af55b530be5e65a21b73950cf7eb5
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8fc13b59c942ea2e8f002f12553c11f32abe78673fc636be02f86a33626ba93a
92b08451fb727c559d65d4d750662930ceaae40ca122547e88aa5685c315ea35
a09894be61bb1ce84026e69da7c13f21d0e2ebf4269044ac1678bfa7e2a35caa
a9bfa9d89a1d0a2359f2cb8a15eb98e5902da9532d500c07833fda19c34ad1df
c89a12a588886b9b8191186da29cb2850cbaaeadf5add8b7fddf0b7cb5d88575
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb35b008f23afed85d2b5f498f345efa27c2c8e13ca90689f1a1d30dc7ece640
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
edc7381115dd3d818f24796575dd8d0dac9433eccd035bae4aed108d2206d806
eeadfabcb6a5d6fa9d6d2baa4107d02e41b7dd545f42064d03ed858ca77737c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa