farhad-exchange.com Open in urlscan Pro
172.67.9.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://farhad-exchange.com/
Submission: On October 25 via manual (October 25th 2021, 10:46:29 am UTC) from FR — Scanned from DE

Summary HTTP 77 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 17 domains to perform 77 HTTP transactions. The main IP is 172.67.9.6, located in United States and belongs to CLOUDFLARENET, US. The main domain is farhad-exchange.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 14th 2021. Valid for: a year.

This is the only time farhad-exchange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	172.67.9.6 172.67.9.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.227.52.111 91.227.52.111	56806 (ASCOM4S) (ASCOM4S)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
8	172.66.40.162 172.66.40.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.162.204 172.67.162.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.169.165 172.67.169.165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
10	2.16.186.211 2.16.186.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.118 18.66.97.118	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.116 18.66.112.116	16509 (AMAZON-02) (AMAZON-02)
1	54.68.102.112 54.68.102.112	16509 (AMAZON-02) (AMAZON-02)
1	142.251.5.155 142.251.5.155	15169 (GOOGLE) (GOOGLE)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
6	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
77	17

36 172.67.9.6 (United States)

ASN13335 (CLOUDFLARENET, US)

farhad-exchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.227.52.111 (Moscow, Russian Federation)

ASN56806 (ASCOM4S, RU)

www.webmoney.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.66.40.162 (United States)

ASN13335 (CLOUDFLARENET, US)

static.notifia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.notifia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.162.204 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.red-team-design.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.169.165 (United States)

ASN13335 (CLOUDFLARENET, US)

catalin.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.186.211 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-211.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.118 (United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.116 (United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.102.112 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-102-112.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	farhad-exchange.com farhad-exchange.com	302 KB
10	livechatinc.com cdn.livechatinc.com api.livechatinc.com secure.livechatinc.com accounts.livechatinc.com	288 KB
8	notifia.io static.notifia.io api.notifia.io	43 KB
6	googleapis.com fonts.googleapis.com	4 KB
4	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
1	google.de www.google.de	472 B
1	google.com www.google.com	472 B
1	doubleclick.net stats.g.doubleclick.net	416 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	googletagmanager.com www.googletagmanager.com	49 KB
1	catalin.red catalin.red
1	red-team-design.com 1 redirects www.red-team-design.com	606 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	webmoney.ru www.webmoney.ru	3 KB
0	farhadexchange.com Failed support.farhadexchange.com Failed
77	17

	Domain	Requested by
36	farhad-exchange.com	farhad-exchange.com static.cloudflareinsights.com
6	fonts.googleapis.com	static.notifia.io secure.livechatinc.com
6	api.notifia.io	static.notifia.io
5	cdn.livechatinc.com	farhad-exchange.com secure.livechatinc.com
4	www.google-analytics.com	farhad-exchange.com www.google-analytics.com www.googletagmanager.com
3	api.livechatinc.com	cdn.livechatinc.com
2	fonts.gstatic.com	fonts.googleapis.com
2	static.notifia.io	farhad-exchange.com static.notifia.io
1	accounts.livechatinc.com	cdn.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	www.google.de	farhad-exchange.com
1	www.google.com	farhad-exchange.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	farhad-exchange.com
1	certify.alexametrics.com	farhad-exchange.com
1	certify-js.alexametrics.com	farhad-exchange.com
1	www.googletagmanager.com	farhad-exchange.com
1	catalin.red	farhad-exchange.com
1	www.red-team-design.com	1 redirects
1	static.cloudflareinsights.com	farhad-exchange.com
1	www.webmoney.ru	farhad-exchange.com
0	support.farhadexchange.com Failed	farhad-exchange.com
77	22

This site contains links to these domains. Also see Links.

Domain
www.megastock.com
passport.webmoney.ru
www.auto-exchanger.com

Subject Issuer	Validity	Valid
*.farhad-exchange.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-14` - `2022-11-14`	a year	crt.sh
webmoney.ru Sectigo RSA Domain Validation Secure Server CA	`2020-04-06` - `2022-04-15`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
livechat.com DigiCert SHA2 Secure Server CA	`2021-04-20` - `2022-04-25`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://farhad-exchange.com/
Frame ID: 032D739068131EDBA31DE81CD5F64A24
Requests: 67 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=11042927&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: 3FB66B0C0ADD27B1AE16C94C1E508206
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Farhad-Exchange.com :

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

77
Requests

99 %
HTTPS

0 %
IPv6

17
Domains

22
Subdomains

17
IPs

3
Countries

750 kB
Transfer

2176 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.megastock.com/

Search URL Search Domain Scan URL

URL: https://passport.webmoney.ru/asp/certview.asp?wmid=426811416752
Title: Check passport

Search URL Search Domain Scan URL

URL: http://www.auto-exchanger.com/
Title: Auto-Exchanger.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.red-team-design.com/wp-content/themes/redv2/images/back.jpg HTTP 301
https://catalin.red/wp-content/themes/redv2/images/back.jpg

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
farhad-exchange.com/ 43 KB
10 KB 323ms
284ms Document
text/html 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca27c0f09a42ffe85d5fc9b2f7c50474629057cfa8c9c11193ddac08780d6aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: farhad-exchange.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 25 Oct 2021 10:46:24 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a3adc643c8121b7-DUS
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
set-cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23; path=/; secure; HttpOnly
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ae27gjUDrBIf-OqrpnfKQZ9Y8sM.js Show response
farhad-exchange.com/cdn-cgi/apps/head/ 9 KB
3 KB 25ms
25ms Script
application/javascript 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/cdn-cgi/apps/head/ae27gjUDrBIf-OqrpnfKQZ9Y8sM.js

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

954ee8ba1b5ffdc6a58aa1eb2a3ef90837983cc3cfa22242ef33b8b489732452

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/apps/head/ae27gjUDrBIf-OqrpnfKQZ9Y8sM.js
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 59RXBEE4PDFFP3J9
x-amz-id-2: 6UVWzVtpyfYNcNEYaaOWM5Al7Z5e51x+PQb7q5kXsTXIVls+NF0jgICxIrck0cBrwlEpwzG6K9k=
last-modified: Tue, 14 Sep 2021 07:53:16 GMT
server: cloudflare
etag: W/"416592944c2c38319d4f8f44e9939949"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: Jyt2yH0YqGv1AQPNsqEwUQ1NfVqtHXHu
cf-ray: 6a3adc662fd121b7-DUS

GET
H2 200 lib.js Show response
farhad-exchange.com/_skins/default/tpljs/ 3 KB
2 KB 21ms
20ms Script
application/javascript 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/tpljs/lib.js

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc8c9771a9a1710e1d19515f4341312c4396c6170a75cf8070256bbab29149

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tpljs/lib.js
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 23 Jan 2017 20:08:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6a3adc662fd421b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 cryptoaddress.js Show response
farhad-exchange.com/_skins/default/tpljs/ 627 KB
183 KB 44ms
44ms Script
application/javascript 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/tpljs/cryptoaddress.js

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25655fe45aae7c1238d312045ca708ba4912b371362b3690879ee0bbe353e452

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tpljs/cryptoaddress.js
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Feb 2021 22:23:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6a3adc662fd821b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 style2.css
farhad-exchange.com/_skins/default/tplcss/ 14 KB
4 KB 21ms
21ms Stylesheet
text/css 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/tplcss/style2.css

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ba70440dce3ba1b72e6afcf00cc0ea1ffd3b9a0d3d53cf6ac5183badd976744

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplcss/style2.css
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 26 May 2021 14:02:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6a3adc662fd621b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 api.js Show response
farhad-exchange.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 16ms
11ms Script
text/javascript 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: text/javascript
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-ray: 6a3adc662fe221b7-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 english.gif
farhad-exchange.com/_skins/default/tplimgs/languages/ 1006 B
1 KB 38ms
33ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/languages/english.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70157a609501350596583c265c25f3fd48485493a326d67b19ab2ba5d8a8446c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/languages/english.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1006
last-modified: Fri, 05 Mar 2021 09:54:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc662fe321b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 german.gif
farhad-exchange.com/_skins/default/tplimgs/languages/ 1003 B
1 KB 24ms
19ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/languages/german.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/languages/german.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1003
last-modified: Fri, 05 Mar 2021 09:54:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc662fe421b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 persian.gif
farhad-exchange.com/_skins/default/tplimgs/languages/ 1006 B
1 KB 25ms
21ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/languages/persian.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/languages/persian.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1006
last-modified: Fri, 05 Mar 2021 09:54:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc662fe521b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 russian.gif
farhad-exchange.com/_skins/default/tplimgs/languages/ 1006 B
1 KB 27ms
23ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/languages/russian.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987407b3bff6c7785ecdb057b9b4be01c28db9dc0343b68a2ada547d02c9f2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/languages/russian.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1006
last-modified: Fri, 05 Mar 2021 09:54:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc662fe621b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 user-icon.png
farhad-exchange.com/_skins/default/tplimgs/ico/ 2 KB
2 KB 39ms
35ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/ico/user-icon.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2408f35586ff92ea6fe9d5a1016598878fc34a96f7f65eadd57bf4de04e2d96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/ico/user-icon.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1926
last-modified: Fri, 05 Mar 2021 09:54:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663fea21b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 exchange.js Show response
farhad-exchange.com/_skins/default/tpljs/ 7 KB
2 KB 41ms
36ms Script
application/javascript 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/tpljs/exchange.js

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61138cc498e1fe38e5824fe46c08b7fb5da4a521419ad21adab29e9e49782c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tpljs/exchange.js
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 12 Jul 2021 14:55:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6a3adc662fdf21b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 3_combo.gif
farhad-exchange.com/_skins/default/tplimgs/bank_images/ 1 KB
1 KB 37ms
33ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/bank_images/3_combo.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2829b36e99c54c7f1fbdd371c5619d8a7daa7fa498a94683d0935b260d252ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/bank_images/3_combo.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1070
last-modified: Fri, 05 Mar 2021 09:53:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663feb21b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 Bitcoin.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 5 KB
5 KB 38ms
35ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/Bitcoin.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f3ffca564984203b1a2024902cfed617edddad5e2c677d450c001d55cb08c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/Bitcoin.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4868
last-modified: Wed, 26 May 2021 13:03:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663fec21b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 Ether.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 5 KB
5 KB 35ms
31ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/Ether.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e96cd1ebb1853d6a90ef80553898f3bedba29378150d0f2af4c0a095e2757a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/Ether.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5479
last-modified: Wed, 26 May 2021 13:03:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663fed21b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 Tether.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 5 KB
5 KB 35ms
32ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/Tether.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00fbb347bd31899cb660e734923d1d47979dbc5a3b0e471fd4f90c7b476b69e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/Tether.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4779
last-modified: Wed, 26 May 2021 13:04:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663fee21b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 Dogecoin.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 6 KB
6 KB 45ms
42ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/Dogecoin.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c6d9acc5bb3a947321b7cb06c26fb613081cac96c466f216d2a4fe047b9e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/Dogecoin.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5983
last-modified: Wed, 26 May 2021 13:05:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663ff021b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 XRP.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 5 KB
5 KB 37ms
34ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/XRP.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e6accf469f4b42bd102000f164f0b2f2e022648c77bbd5961ccd62e6cec9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/XRP.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5156
last-modified: Wed, 26 May 2021 13:02:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663ff121b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 Webmoney.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 6 KB
7 KB 36ms
33ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/Webmoney.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5009de23da451d789d09a5c4a0af57548b4d540589b76b636876bd5b81d606b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/Webmoney.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6624
last-modified: Wed, 26 May 2021 13:07:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663ff421b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 PSVoucher.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 3 KB
3 KB 24ms
21ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/PSVoucher.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86148f84feef0d1ad4811a72fe6b33a3eb243e5968257a95b9068d06c0f189f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/PSVoucher.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3376
last-modified: Wed, 26 May 2021 13:10:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663ff621b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 PerfectMoney.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 5 KB
5 KB 36ms
34ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/PerfectMoney.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6820f83d7f23bc327adc532070a996b7f06f5bfb04cee56db9decaa624ed195d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/PerfectMoney.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5013
last-modified: Wed, 26 May 2021 13:12:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663ff721b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 PMVoucher.png
farhad-exchange.com/_skins/default/tplimgs/plist/ 3 KB
3 KB 40ms
38ms Image
image/png 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/plist/PMVoucher.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45a8204f7987b1a07538bdb7b0daf8f30651f827568e7fd4360443cb35d8d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/plist/PMVoucher.png
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3017
last-modified: Wed, 26 May 2021 13:18:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc663ff921b7-DUS
expires: Sat, 30 Oct 2021 09:18:38 GMT

GET
H2 200 88x31_wm_blue.png
www.webmoney.ru/img/icons/ 3 KB
3 KB 169ms
52ms Image
image/png 91.227.52.111
ASCOM4S

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.webmoney.ru/img/icons/88x31_wm_blue.png

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

91.227.52.111 Moscow, Russian Federation, ASN56806 (ASCOM4S, RU),

Reverse DNS

Software

nginx /

Resource Hash

d3a69482ddf47de7a1e2dd5118107fecbf79742dcea9348229c5f87d14be2ea5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
last-modified: Mon, 22 May 2017 11:37:51 GMT
server: nginx
etag: "5922cd8f-c45"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3141
expires: Tue, 26 Oct 2021 10:46:25 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 87ms
41ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: farhad-exchange.com
URL: https://farhad-exchange.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6a3adc667a82218d-DUS

GET
H3 200 Hz_umu5iX296f7YeuKbJlTu5JNI.js Show response
farhad-exchange.com/cdn-cgi/apps/body/ 4 KB
2 KB 53ms
37ms Script
application/javascript 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/cdn-cgi/apps/body/Hz_umu5iX296f7YeuKbJlTu5JNI.js

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/cdn-cgi/apps/head/ae27gjUDrBIf-OqrpnfKQZ9Y8sM.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e834082fb0bca265946031586d28be48a1c44a2f9092b9ed62fc128887eaafc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/apps/body/Hz_umu5iX296f7YeuKbJlTu5JNI.js
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178064
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: J8SWSNM9SPYFSNPZ
x-amz-id-2: L6f+6ZA+dc3HZVE1X/X9pXR8rCDswt735HBeK2uCzf/AFWPBO1RIKQmx6JLwYCfDeBZWGUcmJt8=
last-modified: Tue, 14 Sep 2021 07:53:16 GMT
server: cloudflare
etag: W/"15aad2f75f0fe07f1f68340870bf7952"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: hPe5Qors7b20vi5yx01vzTEqjqPqPNAv
cf-ray: 6a3adc666eb02175-DUS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
22ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 2751
date: Mon, 25 Oct 2021 10:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Mon, 25 Oct 2021 12:00:34 GMT

GET
H2 200 widget.js Show response
static.notifia.io/ 88 KB
27 KB 74ms
31ms Script
application/javascript 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.notifia.io/widget.js
Requested by: Host: farhad-exchange.com
URL: https://farhad-exchange.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5be0f673361697b255e5ca6d2b3a85eb40e480af3faa8c30174d2d02a50300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 13 Mar 2021 05:26:41 GMT
server: cloudflare
etag: W/"604c4d11-15ee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hteL0lnum8BG7kZMdCusXdwEiflmVoYq8jpbYp4qFxgTxgK3sh%2BSDAEhr3JyW3CxTba0J%2F%2FqNBWICX6XGXofZD%2BGZvU66ye15DdfLh3z9gRSQLZ%2Bgr6VQs2ufMbo%2Fok42YVm0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6a3adc672a588745-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 background.gif
farhad-exchange.com/_skins/default/tplimgs/ 4 KB
5 KB 33ms
33ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/background.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

955ad6fd85972df64f63311ae3bf7a71956ecca1fa89b05525236c83512d4013

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/background.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4326
last-modified: Fri, 05 Mar 2021 09:53:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc66efe02175-DUS
expires: Sat, 30 Oct 2021 09:18:40 GMT

GET
H3 200 top_bg.gif
farhad-exchange.com/_skins/default/tplimgs/header/ 11 KB
12 KB 21ms
21ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/header/top_bg.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086b3169187786cc41609024bcab7e41b210e42305e88773f8a82664b91b6e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/header/top_bg.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11581
last-modified: Fri, 05 Mar 2021 09:54:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc66efe52175-DUS
expires: Sat, 30 Oct 2021 09:18:40 GMT

GET
H3 200 top_center.jpg
farhad-exchange.com/_skins/default/tplimgs/header/ 3 KB
4 KB 34ms
33ms Image
image/jpeg 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/header/top_center.jpg

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98068be30fa78958d33ed09fa438602ec5227a8dd094c079b1af98e2b1348202

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/header/top_center.jpg
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178065
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
last-modified: Fri, 05 Mar 2021 09:54:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-bgj: h2pri
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc66efe92175-DUS
expires: Sat, 30 Oct 2021 09:18:40 GMT

GET
H3 200 box.jpg
farhad-exchange.com/_skins/default/tplimgs/ 14 KB
14 KB 34ms
34ms Image
image/jpeg 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/box.jpg

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4560dc53bd39674e731f8524ad81e7330f3ab7cdf291323f83688a76c3100276

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/box.jpg
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178065
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14275
last-modified: Fri, 05 Mar 2021 09:54:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-bgj: h2pri
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc66efeb2175-DUS
expires: Sat, 30 Oct 2021 09:18:40 GMT

GET
H3 404 Shabnam.woff2
farhad-exchange.com/_skins/default/css/farsifont/ 0
0 54ms
54ms Font
text/html 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam.woff2

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
:path: /_skins/default/css/farsifont/Shabnam.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
Origin: https://farhad-exchange.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6a3adc66f8012175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 Shabnam-Bold.woff2
farhad-exchange.com/_skins/default/css/farsifont/ 0
0 55ms
55ms Font
text/html 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam-Bold.woff2

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
:path: /_skins/default/css/farsifont/Shabnam-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
Origin: https://farhad-exchange.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6a3adc66f8052175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET index.php
support.farhadexchange.com/visitor/ 0
0

GET
H2

404

back.jpg
catalin.red/wp-content/themes/redv2/images/
Redirect Chain

https://www.red-team-design.com/wp-content/themes/redv2/images/back.jpg
https://catalin.red/wp-content/themes/redv2/images/back.jpg

0
0

79ms
31ms

Image
text/html

172.67.169.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://catalin.red/wp-content/themes/redv2/images/back.jpg
Requested by: Host: farhad-exchange.com
URL: https://farhad-exchange.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.169.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

Redirect headers

date: Mon, 25 Oct 2021 10:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZwEek%2BBQTeGYY%2FOng4nzcTaQyrgMP9MeV07y%2BQUq8S21JVAH3z99%2BPH7CbeiCTZ5W4uLdf02wfdKgqswaZyUbCqAJmTYbUIKQfBK3ODHJvnAglHl78wt6XeTBLmEOXwwG9c%2BO1E991rrw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://catalin.red/wp-content/themes/redv2/images/back.jpg
cache-control: max-age=3600
cf-ray: 6a3adc6768f73b85-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 25 Oct 2021 11:46:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
49 KB 64ms
28ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D78Y9SNBMP

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/cdn-cgi/apps/body/Hz_umu5iX296f7YeuKbJlTu5JNI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

afb8da90c57d5e7c1a8b5c77fb6a83f82c94a2e034863776e95b4e77c51899fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49435
x-xss-protection: 0
expires: Mon, 25 Oct 2021 10:46:25 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 77 KB
23 KB 40ms
7ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: farhad-exchange.com
URL: https://farhad-exchange.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f0453c400813eb0c598b062204e19e13738ff8d52e94457e27d3c076176740e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: V0u8X8Es2sCuCrIiaRmgwbFbl3NCHH3U
content-encoding: br
last-modified: Wed, 20 Oct 2021 07:13:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"ccd233f34268c44b95440f8d75d4cbc7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Mon, 25 Oct 2021 10:46:25 GMT
content-length: 23662
x-amz-cf-id: NFMIV1ES1HOSNoICeY5gXZBtMqrXwukNaCiM7M8eb2c9P851-PsDJQ==
expires: Mon, 25 Oct 2021 18:46:25 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 25ms
7ms Script
application/javascript 18.66.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: farhad-exchange.com
URL: https://farhad-exchange.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 15611939
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 bbd2abbdb134a9d53c0a12f6566e69ff.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: _JPl8ZvaQvZ-7c7scVG343kfQUmth0vXyucpfbkjZ9P4uyf6b4qR1A==

GET
H3 200 1_combo.gif
farhad-exchange.com/_skins/default/tplimgs/bank_images/ 1 KB
1 KB 37ms
36ms Image
image/gif 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farhad-exchange.com/_skins/default/tplimgs/bank_images/1_combo.gif

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c99e3be772c732b750cca31cea7e27d7b4be5cc3bbd20b54f16ea3e2ebfbed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_skins/default/tplimgs/bank_images/1_combo.gif
pragma: no-cache
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 178065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1132
last-modified: Fri, 05 Mar 2021 09:53:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a3adc67287b2175-DUS
expires: Sat, 30 Oct 2021 09:18:40 GMT

GET
H3 404 Shabnam.woff
farhad-exchange.com/_skins/default/css/farsifont/ 0
0 59ms
59ms Font
text/html 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam.woff

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
:path: /_skins/default/css/farsifont/Shabnam.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
Origin: https://farhad-exchange.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6a3adc6789322175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 Shabnam-Bold.woff
farhad-exchange.com/_skins/default/css/farsifont/ 0
0 53ms
53ms Font
text/html 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam-Bold.woff

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
:path: /_skins/default/css/farsifont/Shabnam-Bold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
Origin: https://farhad-exchange.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6a3adc6789342175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 204 result Show response
farhad-exchange.com/cdn-cgi/bm/cv/ 0
490 B 12ms
12ms XHR
text/plain 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/cdn-cgi/bm/cv/result?req_id=6a3adc643c8121b7

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/cdn-cgi/bm/cv/669835187/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=6a3adc643c8121b7
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://farhad-exchange.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Accept-Encoding
set-cookie: __cf_bm=2TGi45sjzugSck1QLV3g48318C.RbCSW9JnzfI0dz04-1635158785-0-AcvZkoog2U6/BKT0wVQtK2EGFxtr0XMIs8B4AW/KntEvxLbHIyX2tVW9dArvYfALbO83mpVH+WrD328nBXAayxk0Aso7/0zbOysPX0Tvi1TdW5ng4tuT59OHr7igaCsKig==; path=/; expires=Mon, 25-Oct-21 11:16:25 GMT; domain=.farhad-exchange.com; HttpOnly; Secure; SameSite=None
cf-ray: 6a3adc67a9952175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 23ms
6ms Image
image/gif 18.66.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Farhad-Exchange.com%20%3A&time=1635158785222&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Ffarhad-exchange.com%2F&random_number=8259053528&sess_cookie=2c540ea617cb70efcc5570b8bee&sess_cookie_flag=1&user_cookie=2c540ea617cb70efcc5570b8bee&user_cookie_flag=1&dynamic=true&domain=farhad-exchange.com&account=R47Pw1zDGU20kU&jsv=20130128&user_lang=en-US
Requested by: Host: farhad-exchange.com
URL: https://farhad-exchange.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 21:18:46 GMT
Via: 1.1 cf2071a2896a4f71dbfdbc521d554363.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 48459
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: lqkhyBxqbpQKEQ4AUwVlFyNqMSFyxRiU94vSZ4vB_9ScDH_VbDor6A==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 539ms
173ms Image
text/plain 54.68.102.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: farhad-exchange.com
URL: https://farhad-exchange.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.102.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-102-112.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
server: Server

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 60ms
27ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=655034906&t=pageview&_s=1&dl=https%3A%2F%2Ffarhad-exchange.com%2F&ul=en-us&de=UTF-8&dt=Farhad-Exchange.com%20%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=895579718&gjid=480714781&cid=275856198.1635158785&tid=UA-55617658-1&_gid=999767982.1635158785&_r=1&_slc=1&z=1278165177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://farhad-exchange.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://farhad-exchange.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
20ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=655034906&t=pageview&_s=2&dl=https%3A%2F%2Ffarhad-exchange.com%2F&ul=en-us&de=UTF-8&dt=Farhad-Exchange.com%20%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=275856198.1635158785&tid=UA-55617658-1&_gid=999767982.1635158785&z=1683916073

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 03:56:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24595
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qxNmzJoXtbJDY Show response
api.notifia.io/api/v1/public/session/ 6 KB
2 KB 107ms
72ms Fetch
application/json 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.notifia.io/api/v1/public/session/qxNmzJoXtbJDY?origin=farhad-exchange.com&initialize=qxNmzJoXtbJDY

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf88ea07ee2bef26d49d65ec0d50d5052a22c91e8deabd5e9e2911467d8ba60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
vary: Origin
x-xss-protection: 1; mode=block
cf-ray: 6a3adc680ee42157-DUS
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yElWemDc7iaPXP8SAXVVnGWEiyLcYW1o0YNS9oE5JB8tHLe13ryxGHPMWgWlS2dxTUHihiu7DieogJ2qkf9pxW%2B5Pc4cPnBvb5Zzo80lEuCuFuFamCwy9epHWpBs4jusXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: https://farhad-exchange.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Authorization, Content-type, Accept, X-Access-Token, X-Key

OPTIONS
H2 200 track
api.notifia.io/api/v1/public/session/qxNmzJoXtbJDY/pixel/ Frame 0
0 61ms
27ms Preflight 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.notifia.io/api/v1/public/session/qxNmzJoXtbJDY/pixel/track

Protocol

Server

172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://farhad-exchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Authorization, Content-type, Accept, X-Access-Token, X-Key
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaFuWpfwQQJXTMgIK1GbQpHBf9GKntRtBV26lIl4pnv%2BS3iG6Zoyt%2BAJB8Ga20NqdxhS09he6wu%2BYjwTPMkhCPbotDNWtkbva%2FLRfH4Z4hfBjkUMTY8yBn2C07rSPHJCvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a3adc681ee62157-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 track Show response
api.notifia.io/api/v1/public/session/qxNmzJoXtbJDY/pixel/ 37 B
743 B 118ms
93ms Fetch
application/json 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.notifia.io/api/v1/public/session/qxNmzJoXtbJDY/pixel/track

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d03c3b021f236e22560638c3d047e0596eb8d9513b76cc0d1dfdf3665774922c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://farhad-exchange.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37
x-xss-protection: 1; mode=block
cf-ray: 6a3adc686a942181-DUS
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P54vF9MXaHk3bDfee4BYsb6jMoqOWqBVqs149C4oDZoIkAfGwgtNp2IG2DSJpoVoGHbEGr8kws99w8zLNsDukMNKmakmrd0EjVJvlg7pe9x5mafaKHLM5FbQgXwvnXwjXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Authorization, Content-type, Accept, X-Access-Token, X-Key

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 266 B
465 B 147ms
139ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=11042927&url=https%3A%2F%2Ffarhad-exchange.com%2F&channel_type=code&jsonp=__1d8ejooe1bm

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

ab4d5ffc17617112eb795765d8292d1d4787c859c7bbf0ffa7477ca8dfa92c85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://farhad-exchange.com/;
X-Frame-Options	allow-from https://farhad-exchange.com/

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://farhad-exchange.com/;
x-frame-options: allow-from https://farhad-exchange.com/
date: Mon, 25 Oct 2021 10:46:25 GMT
content-length: 266
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H3 404 Shabnam-Bold.ttf
farhad-exchange.com/_skins/default/css/farsifont/ 0
0 47ms
46ms Font
text/html 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam-Bold.ttf

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23; __asc=2c540ea617cb70efcc5570b8bee; __auc=2c540ea617cb70efcc5570b8bee; _ga=GA1.2.275856198.1635158785; __cf_bm=2TGi45sjzugSck1QLV3g48318C.RbCSW9JnzfI0dz04-1635158785-0-AcvZkoog2U6/BKT0wVQtK2EGFxtr0XMIs8B4AW/KntEvxLbHIyX2tVW9dArvYfALbO83mpVH+WrD328nBXAayxk0Aso7/0zbOysPX0Tvi1TdW5ng4tuT59OHr7igaCsKig==; _gid=GA1.2.999767982.1635158785; _gat=1
:path: /_skins/default/css/farsifont/Shabnam-Bold.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
Origin: https://farhad-exchange.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6a3adc67e9dd2175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 Shabnam.ttf
farhad-exchange.com/_skins/default/css/farsifont/ 0
0 50ms
49ms Font
text/html 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam.ttf

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/_skins/default/tplcss/style2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23; __asc=2c540ea617cb70efcc5570b8bee; __auc=2c540ea617cb70efcc5570b8bee; _ga=GA1.2.275856198.1635158785; __cf_bm=2TGi45sjzugSck1QLV3g48318C.RbCSW9JnzfI0dz04-1635158785-0-AcvZkoog2U6/BKT0wVQtK2EGFxtr0XMIs8B4AW/KntEvxLbHIyX2tVW9dArvYfALbO83mpVH+WrD328nBXAayxk0Aso7/0zbOysPX0Tvi1TdW5ng4tuT59OHr7igaCsKig==; _gid=GA1.2.999767982.1635158785; _gat=1
:path: /_skins/default/css/farsifont/Shabnam.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farhad-exchange.com/_skins/default/tplcss/style2.css
Origin: https://farhad-exchange.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6a3adc67e9e02175-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 27ms
27ms Ping
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D78Y9SNBMP&gtm=2oeak0&_p=655034906&sr=1600x1200&ul=en-us&cid=275856198.1635158785&_s=1&dl=https%3A%2F%2Ffarhad-exchange.com%2F&dt=Farhad-Exchange.com%20%3A&sid=1635158785&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D78Y9SNBMP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://farhad-exchange.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://farhad-exchange.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
416 B 66ms
21ms XHR
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-55617658-1&cid=275856198.1635158785&jid=895579718&gjid=480714781&_gid=999767982.1635158785&_u=IEBAAEAAAAAAAC~&z=288572786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://farhad-exchange.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Oct 2021 10:46:25 GMT
content-type: text/plain
access-control-allow-origin: https://farhad-exchange.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 notifia-style.css
static.notifia.io/ 74 KB
11 KB 63ms
47ms Stylesheet
text/css 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.notifia.io/notifia-style.css?v=1
Requested by: Host: static.notifia.io
URL: https://static.notifia.io/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a43ff569436095818e7c2f603497c62445c1443dc7d2880e91940d77dd434b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 13 Mar 2021 05:26:41 GMT
server: cloudflare
etag: W/"604c4d11-127d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efqAWh%2F6BI1R6Lj3Y4doCxSzFzMSxS77bGepb3X3beF7BKpIJihJuuTD8hmYfz8XJRlafGVbZwVTDnrFpGYnbaxWX1Pl%2FxFBBCqAR4hW%2B9MA4wvFQl%2FW1yvNTFC3cgDrhEuXUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 6a3adc68a95afadf-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 500 visitors Show response
api.notifia.io/api/v1/public/actions/ 72 B
816 B 111ms
110ms Fetch
application/json 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.notifia.io/api/v1/public/actions/visitors

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b6bd2ed4378e3d8e095d1568ace484775b11e44b8e73f60a8ce7ab2e9ca953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://farhad-exchange.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
vary: Origin
content-length: 72
x-xss-protection: 1; mode=block
cf-ray: 6a3adc68cb5b2181-DUS
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bi7GA%2FOwZbXDEdTO9T1xDH4yXEKpSaWrRsvk%2B%2BWlX4NYPOtgIDyWXY0mDdBWYwxWWIkWPEV9lrPuQve9PoDkL026ewzKUcS8BT0nTpT0Kp30rRCJ8XiaWqY4A32UWVWdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: https://farhad-exchange.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Authorization, Content-type, Accept, X-Access-Token, X-Key

OPTIONS
H3 200 visitors
api.notifia.io/api/v1/public/actions/ Frame 0
0 38ms
38ms Preflight 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.notifia.io/api/v1/public/actions/visitors

Protocol

Server

172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://farhad-exchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Authorization, Content-type, Accept, X-Access-Token, X-Key
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0MYWOE26JoSVWie0EDZABvfNIPN8ykPS9AgsN8JDZF30lBsFUbE%2B%2BR9KeDWER6plHMf1r8BTU99uGOX4JUiwmCoYKEXMGnpRUZxqWCn%2FO10ZNLmFvNctK318686BLq7xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a3adc688acf2181-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 101ms
46ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-55617658-1&cid=275856198.1635158785&jid=895579718&_u=IEBAAEAAAAAAAC~&z=269848891

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
472 B 100ms
46ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-55617658-1&cid=275856198.1635158785&jid=895579718&_u=IEBAAEAAAAAAAC~&z=269848891

Requested by

Host: farhad-exchange.com
URL: https://farhad-exchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 5 KB
2 KB 10ms
10ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=11042927&version=998.1.1.749.56.121.96.2.1.1.1.15&group_id=1&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f88f43bc3acc177112c79e1d557f2a6a48e7441c0638fbc5035e58c7528c0808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: gzip
cache-control: public, max-age=216
content-type: application/javascript; charset=UTF-8
content-length: 2010
vary: Accept-Encoding
expires: Mon, 25 Oct 2021 10:50:01 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 3FB6 4 KB
2 KB 156ms
141ms Document
text/html 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11042927&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5669f0ac724782fb4b2d8c6f67c3952c3934ef4138b8384bf0e123dc940aae8

Request headers

:method: GET
:authority: secure.livechatinc.com
:scheme: https
:path: /customer/action/open_chat?license_id=11042927&group=1&embedded=1&widget_version=3&unique_groups=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://farhad-exchange.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1996
expires: Mon, 25 Oct 2021 10:46:25 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 25 Oct 2021 10:46:25 GMT

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 14 KB
5 KB 10ms
10ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=11042927&version=f0aa1ccf1921d6a9e1a6f15c3757df37_51551a9b863672836c86e8b2885e00c3&language=fa&group_id=1&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8614f50200fd0de112f7a725edc8f786a43a3cee8bb2191ea1d5510663a6daaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: gzip
cache-control: public, max-age=217
content-type: application/javascript; charset=UTF-8
content-length: 4723
vary: Accept-Encoding
expires: Mon, 25 Oct 2021 10:50:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 81ms
29ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/notifia-style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

933553768d57abd0897585e4189b8970765772444ce756843a94f80aa573c106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.notifia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:52:23 GMT
server: ESF
date: Mon, 25 Oct 2021 10:46:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 10:46:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
585 B 81ms
30ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/notifia-style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

71ecb11a494d3b3215156dbbf44c85156a95406342385fe26477efcdaa2c3e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.notifia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:52:38 GMT
server: ESF
date: Mon, 25 Oct 2021 10:46:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 10:46:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 693 B
441 B 80ms
29ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titan+One

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/notifia-style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

479aaa63a323a8e8b74df4eec7977fb4891c6af524b3f95243f217de79e88391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.notifia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 10:09:52 GMT
server: ESF
date: Mon, 25 Oct 2021 10:46:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 10:46:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
584 B 81ms
30ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/notifia-style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.notifia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 10:25:58 GMT
server: ESF
date: Mon, 25 Oct 2021 10:46:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 10:46:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
622 B 80ms
30ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/notifia-style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

72676acfb147f0a710135be7a105d4917c25973352d37b4d36e0212579a17f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.notifia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 10:33:41 GMT
server: ESF
date: Mon, 25 Oct 2021 10:46:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 10:46:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3FB6 5 KB
711 B 69ms
35ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11042927&group=1&embedded=1&widget_version=3&unique_groups=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 09:51:48 GMT
server: ESF
date: Mon, 25 Oct 2021 10:46:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 10:46:25 GMT

GET
H2 200 0.76cc1569.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 3FB6 209 KB
65 KB 8ms
7ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.76cc1569.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11042927&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0cccff5b91fb55faae66e7c8e66cbca87f981578ef7811b47b80a53d6b7c00f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: xaD5ytkNpXEjwPs_G_VVCZvMwHK_255S
content-encoding: br
last-modified: Wed, 20 Oct 2021 07:13:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"b658a0807f5e859a468ab8609cc0ee1d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Mon, 25 Oct 2021 10:46:25 GMT
content-length: 66137
x-amz-cf-id: zkY6K9NtQEMHAgWiBwtdM6aLTm_BYiNObMfI1A8U4r7O6-tkAeLYEA==
expires: Tue, 25 Oct 2022 10:46:25 GMT

GET
H2 200 3.a9ab23b7.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 3FB6 170 KB
48 KB 15ms
14ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/3.a9ab23b7.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11042927&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 46f4c9dc44849da5f1adf81f0c6e330dbd379195d28d8a4541454077e7f5d79e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 97IA_46bToB6IcQT_3Ro2IwoK665aVus
content-encoding: br
last-modified: Wed, 20 Oct 2021 07:13:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"ff9366e53dc07a0c92aee7e147a6537e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Mon, 25 Oct 2021 10:46:25 GMT
content-length: 48565
x-amz-cf-id: ESFb93oeXvPPrFT55eMnbKP_NeAwkGdty4s0tgqOe5vIo_y9NfYpRw==
expires: Tue, 25 Oct 2022 10:46:25 GMT

GET
H2 200 iframe.3d7aea16.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 3FB6 446 KB
122 KB 17ms
17ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.3d7aea16.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11042927&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5c9e37b06757659939023fadc4d198e1afe4c248720444742b340cfb71e83086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 3KYTcCQFIWM2sdSoT5FWWv4pZZ7CVjZq
content-encoding: br
last-modified: Thu, 21 Oct 2021 09:24:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"b7a696e3f943ecbefb1dc4287d7fc3b9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Mon, 25 Oct 2021 10:46:25 GMT
content-length: 123972
x-amz-cf-id: dCLsxX1-2E59UCSb7-DYeQVwTb93oqYKFWEFFmcF8GnPsJ1P_S9OKg==
expires: Tue, 25 Oct 2022 10:46:25 GMT

GET
H3 200 en Show response
api.notifia.io/api/v1/public/userwidgets/60dde4c0b0b061239d3cc19e/localization/ 787 B
1 KB 73ms
73ms Fetch
application/json 172.66.40.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.notifia.io/api/v1/public/userwidgets/60dde4c0b0b061239d3cc19e/localization/en?origin=farhad-exchange.com&initialize=qxNmzJoXtbJDY&userWidgetId=60dde4c0b0b061239d3cc19e&language=en

Requested by

Host: static.notifia.io
URL: https://static.notifia.io/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.162 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1381bb4d3cec2fa105a70db32bc6c4658673f8145213c9560c76c814a3a163f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
vary: Origin
x-xss-protection: 1; mode=block
cf-ray: 6a3adc6a7e8d2181-DUS
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPUd6PYt4v1u5gdybZ9Egv4HjOpVEFefQ%2BxSs8I9EjCZspRJxAx141SxmX00zACo85YqjpiGvITLW9Y%2FsMepioWI7ZL%2BNT3JZaBBS2mQmlarqk%2BNK9ceTAk8FsWr9bnvmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: https://farhad-exchange.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Authorization, Content-type, Accept, X-Access-Token, X-Key

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 3FB6 16 KB
16 KB 108ms
53ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:50:35 GMT
x-content-type-options: nosniff
age: 348950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:44:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 09:50:35 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 3FB6 16 KB
16 KB 82ms
27ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 12:20:08 GMT
x-content-type-options: nosniff
age: 253577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 12:20:08 GMT

POST
H3 200 rum Show response
farhad-exchange.com/cdn-cgi/ 0
169 B 12ms
12ms XHR
text/plain 172.67.9.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farhad-exchange.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.9.6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://farhad-exchange.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: PHPSESSID=eL94qr9%2Cd8LXj6-gEmzs23; __asc=2c540ea617cb70efcc5570b8bee; __auc=2c540ea617cb70efcc5570b8bee; __cf_bm=2TGi45sjzugSck1QLV3g48318C.RbCSW9JnzfI0dz04-1635158785-0-AcvZkoog2U6/BKT0wVQtK2EGFxtr0XMIs8B4AW/KntEvxLbHIyX2tVW9dArvYfALbO83mpVH+WrD328nBXAayxk0Aso7/0zbOysPX0Tvi1TdW5ng4tuT59OHr7igaCsKig==; _gid=GA1.2.999767982.1635158785; _gat=1; _ga_D78Y9SNBMP=GS1.1.1635158785.1.0.1635158785.0; _ga=GA1.1.275856198.1635158785
content-length: 19292
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: farhad-exchange.com
referer: https://farhad-exchange.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://farhad-exchange.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Mon, 25 Oct 2021 10:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://farhad-exchange.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6a3adc6bafcf2175-DUS
vary: Origin

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame 3FB6 138 B
1 KB 160ms
152ms XHR
application/json 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.76cc1569.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c7389e9d36986b8d1ca79ecca825c63c0a498c2a12fb90d2f8cc7e83167429b2

Request headers

Referer: https://secure.livechatinc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 10:46:26 GMT
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-API-Type, X-Application, X-Region
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cdn.livechatinc.com/cloud/ 19 KB
19 KB 14ms
14ms Image
image/png 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2Fdefault%2FeyeCatchers%2Fnew039.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fcef43efad24d143147aa02eafc84c93a48c896cce651343578f5bb0c863e003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://farhad-exchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *, *
date: Mon, 25 Oct 2021 10:46:26 GMT
cache-control: public, max-age=62041427
server: Apache
content-type: image/png
content-length: 19446
expires: Fri, 13 Oct 2023 12:30:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: support.farhadexchange.com
URL: http://support.farhadexchange.com/visitor/index.php?/Default/LiveChat/HTML/SiteBadge/cHJvbXB0dHlwZT1jaGF0JnVuaXF1ZWlkPWxtc3RrajhxdmQmdmVyc2lvbj00LjQwLjExNDgmcHJvZHVjdD1GdXNpb24mZmlsdGVyZGVwYXJ0bWVudGlkPTEmcm91dGVjaGF0c2tpbGxpZD0yJnNpdGViYWRnZWNvbG9yPXdoaXRlJmJhZGdlbGFuZ3VhZ2U9ZW4mYmFkZ2V0ZXh0PWxpdmVoZWxwJm9ubGluZWNvbG9yPSMxOThjMTkmb25saW5lY29sb3Job3Zlcj0jNWZhZjVmJm9ubGluZWNvbG9yYm9yZGVyPSMxMjYyMTImb2ZmbGluZWNvbG9yPSNhMmE0YWMmb2ZmbGluZWNvbG9yaG92ZXI9I2JlYzBjNSZvZmZsaW5lY29sb3Jib3JkZXI9IzcxNzM3OCZhd2F5Y29sb3I9IzczN2M0YSZhd2F5Y29sb3Job3Zlcj0jOWVhNDgxJmF3YXljb2xvcmJvcmRlcj0jNTE1NzM0JmJhY2tzaG9ydGx5Y29sb3I9Izc4OGEyMyZiYWNrc2hvcnRseWNvbG9yaG92ZXI9I2ExYWU2NiZiYWNrc2hvcnRseWNvbG9yYm9yZGVyPSM1NDYxMTkmY3VzdG9tb25saW5lPSZjdXN0b21vZmZsaW5lPSZjdXN0b21hd2F5PSZjdXN0b21iYWNrc2hvcnRseT0KNjk2N2U4NGQ5ZWUyNzYwMjNiZWE3ZGQ1NWE2MzI4MDk4MDg3OTVlYg==

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 15:43:50	Name: __lc_cid Value: 5c1ceeb5-f597-4aca-5100-73816829ce2c
.accounts.livechatinc.com/v2/customer/token	1970-01-20 15:43:50	Name: __lc_cst Value: e1057f1486e1fa68595b80683ff4a6061d732d540a8e791dc65cc65302d64bd4d5bf45bc93b27beaf912b62e754b8884dd4662808e23290a31080b8ee6b3
.accounts.livechatinc.com/customer/token	1970-01-20 15:43:50	Name: __lc_cid Value: 5c1ceeb5-f597-4aca-5100-73816829ce2c
.accounts.livechatinc.com/customer/token	1970-01-20 15:43:50	Name: __lc_cst Value: e1057f1486e1fa68595b80683ff4a6061d732d540a8e791dc65cc65302d64bd4d5bf45bc93b27beaf912b62e754b8884dd4662808e23290a31080b8ee6b3
farhad-exchange.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: eL94qr9%2Cd8LXj6-gEmzs23
.farhad-exchange.com/	1970-01-19 22:12:40	Name: __asc Value: 2c540ea617cb70efcc5570b8bee
.farhad-exchange.com/	1970-01-20 06:59:41	Name: __auc Value: 2c540ea617cb70efcc5570b8bee
.farhad-exchange.com/	1970-01-19 22:12:40	Name: __cf_bm Value: 2TGi45sjzugSck1QLV3g48318C.RbCSW9JnzfI0dz04-1635158785-0-AcvZkoog2U6/BKT0wVQtK2EGFxtr0XMIs8B4AW/KntEvxLbHIyX2tVW9dArvYfALbO83mpVH+WrD328nBXAayxk0Aso7/0zbOysPX0Tvi1TdW5ng4tuT59OHr7igaCsKig==
.farhad-exchange.com/	1970-01-19 22:14:05	Name: _gid Value: GA1.2.999767982.1635158785
.farhad-exchange.com/	1970-01-19 22:12:38	Name: _gat Value: 1
.farhad-exchange.com/	1970-01-20 15:43:50	Name: _ga_D78Y9SNBMP Value: GS1.1.1635158785.1.0.1635158785.0
.farhad-exchange.com/	1970-01-20 15:43:50	Name: _ga Value: GA1.1.275856198.1635158785

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Mixed Content: The page at 'https://farhad-exchange.com/' was loaded over HTTPS, but requested an insecure script 'http://support.farhadexchange.com/visitor/index.php?/Default/LiveChat/HTML/SiteBadge/cHJvbXB0dHlwZT1jaGF0JnVuaXF1ZWlkPWxtc3RrajhxdmQmdmVyc2lvbj00LjQwLjExNDgmcHJvZHVjdD1GdXNpb24mZmlsdGVyZGVwYXJ0bWVudGlkPTEmcm91dGVjaGF0c2tpbGxpZD0yJnNpdGViYWRnZWNvbG9yPXdoaXRlJmJhZGdlbGFuZ3VhZ2U9ZW4mYmFkZ2V0ZXh0PWxpdmVoZWxwJm9ubGluZWNvbG9yPSMxOThjMTkmb25saW5lY29sb3Job3Zlcj0jNWZhZjVmJm9ubGluZWNvbG9yYm9yZGVyPSMxMjYyMTImb2ZmbGluZWNvbG9yPSNhMmE0YWMmb2ZmbGluZWNvbG9yaG92ZXI9I2JlYzBjNSZvZmZsaW5lY29sb3Jib3JkZXI9IzcxNzM3OCZhd2F5Y29sb3I9IzczN2M0YSZhd2F5Y29sb3Job3Zlcj0jOWVhNDgxJmF3YXljb2xvcmJvcmRlcj0jNTE1NzM0JmJhY2tzaG9ydGx5Y29sb3I9Izc4OGEyMyZiYWNrc2hvcnRseWNvbG9yaG92ZXI9I2ExYWU2NiZiYWNrc2hvcnRseWNvbG9yYm9yZGVyPSM1NDYxMTkmY3VzdG9tb25saW5lPSZjdXN0b21vZmZsaW5lPSZjdXN0b21hd2F5PSZjdXN0b21iYWNrc2hvcnRseT0KNjk2N2U4NGQ5ZWUyNzYwMjNiZWE3ZGQ1NWE2MzI4MDk4MDg3OTVlYg=='. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://farhad-exchange.com/ Message: Mixed Content: The page at 'https://farhad-exchange.com/' was loaded over HTTPS, but requested an insecure element 'http://www.red-team-design.com/wp-content/themes/redv2/images/back.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam-Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://catalin.red/wp-content/themes/redv2/images/back.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://farhad-exchange.com/_skins/default/css/farsifont/Shabnam.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.notifia.io/api/v1/public/actions/visitors Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.livechatinc.com
api.notifia.io
catalin.red
cdn.livechatinc.com
certify-js.alexametrics.com
certify.alexametrics.com
farhad-exchange.com
fonts.googleapis.com
fonts.gstatic.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
secure.livechatinc.com
static.cloudflareinsights.com
static.notifia.io
stats.g.doubleclick.net
support.farhadexchange.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.red-team-design.com
www.webmoney.ru
support.farhadexchange.com
104.16.95.65
142.250.185.131
142.250.185.78
142.250.186.163
142.250.186.164
142.250.186.170
142.251.5.155
172.217.23.104
172.66.40.162
172.67.162.204
172.67.169.165
172.67.9.6
18.66.112.116
18.66.97.118
2.16.186.211
54.68.102.112
91.227.52.111
00c6d9acc5bb3a947321b7cb06c26fb613081cac96c466f216d2a4fe047b9e3c
00fbb347bd31899cb660e734923d1d47979dbc5a3b0e471fd4f90c7b476b69e9
06b6bd2ed4378e3d8e095d1568ace484775b11e44b8e73f60a8ce7ab2e9ca953
086b3169187786cc41609024bcab7e41b210e42305e88773f8a82664b91b6e02
0cccff5b91fb55faae66e7c8e66cbca87f981578ef7811b47b80a53d6b7c00f7
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1381bb4d3cec2fa105a70db32bc6c4658673f8145213c9560c76c814a3a163f7
13e6accf469f4b42bd102000f164f0b2f2e022648c77bbd5961ccd62e6cec9a3
2408f35586ff92ea6fe9d5a1016598878fc34a96f7f65eadd57bf4de04e2d96e
25655fe45aae7c1238d312045ca708ba4912b371362b3690879ee0bbe353e452
2829b36e99c54c7f1fbdd371c5619d8a7daa7fa498a94683d0935b260d252ce6
39a43ff569436095818e7c2f603497c62445c1443dc7d2880e91940d77dd434b
3c99e3be772c732b750cca31cea7e27d7b4be5cc3bbd20b54f16ea3e2ebfbed6
4560dc53bd39674e731f8524ad81e7330f3ab7cdf291323f83688a76c3100276
46f4c9dc44849da5f1adf81f0c6e330dbd379195d28d8a4541454077e7f5d79e
479aaa63a323a8e8b74df4eec7977fb4891c6af524b3f95243f217de79e88391
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
5c9e37b06757659939023fadc4d198e1afe4c248720444742b340cfb71e83086
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61138cc498e1fe38e5824fe46c08b7fb5da4a521419ad21adab29e9e49782c18
64bc8c9771a9a1710e1d19515f4341312c4396c6170a75cf8070256bbab29149
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
6820f83d7f23bc327adc532070a996b7f06f5bfb04cee56db9decaa624ed195d
70157a609501350596583c265c25f3fd48485493a326d67b19ab2ba5d8a8446c
71ecb11a494d3b3215156dbbf44c85156a95406342385fe26477efcdaa2c3e1b
72676acfb147f0a710135be7a105d4917c25973352d37b4d36e0212579a17f6b
7e96cd1ebb1853d6a90ef80553898f3bedba29378150d0f2af4c0a095e2757a8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86148f84feef0d1ad4811a72fe6b33a3eb243e5968257a95b9068d06c0f189f8
8614f50200fd0de112f7a725edc8f786a43a3cee8bb2191ea1d5510663a6daaf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba70440dce3ba1b72e6afcf00cc0ea1ffd3b9a0d3d53cf6ac5183badd976744
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5
933553768d57abd0897585e4189b8970765772444ce756843a94f80aa573c106
954ee8ba1b5ffdc6a58aa1eb2a3ef90837983cc3cfa22242ef33b8b489732452
955ad6fd85972df64f63311ae3bf7a71956ecca1fa89b05525236c83512d4013
98068be30fa78958d33ed09fa438602ec5227a8dd094c079b1af98e2b1348202
987407b3bff6c7785ecdb057b9b4be01c28db9dc0343b68a2ada547d02c9f2f1
9f5be0f673361697b255e5ca6d2b3a85eb40e480af3faa8c30174d2d02a50300
ab4d5ffc17617112eb795765d8292d1d4787c859c7bbf0ffa7477ca8dfa92c85
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb8da90c57d5e7c1a8b5c77fb6a83f82c94a2e034863776e95b4e77c51899fd
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
c5669f0ac724782fb4b2d8c6f67c3952c3934ef4138b8384bf0e123dc940aae8
c7389e9d36986b8d1ca79ecca825c63c0a498c2a12fb90d2f8cc7e83167429b2
ca27c0f09a42ffe85d5fc9b2f7c50474629057cfa8c9c11193ddac08780d6aec
d03c3b021f236e22560638c3d047e0596eb8d9513b76cc0d1dfdf3665774922c
d3a69482ddf47de7a1e2dd5118107fecbf79742dcea9348229c5f87d14be2ea5
d45a8204f7987b1a07538bdb7b0daf8f30651f827568e7fd4360443cb35d8d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e834082fb0bca265946031586d28be48a1c44a2f9092b9ed62fc128887eaafc0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0453c400813eb0c598b062204e19e13738ff8d52e94457e27d3c076176740e2
f2f3ffca564984203b1a2024902cfed617edddad5e2c677d450c001d55cb08c4
f5009de23da451d789d09a5c4a0af57548b4d540589b76b636876bd5b81d606b
f88f43bc3acc177112c79e1d557f2a6a48e7441c0638fbc5035e58c7528c0808
faf88ea07ee2bef26d49d65ec0d50d5052a22c91e8deabd5e9e2911467d8ba60
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fcef43efad24d143147aa02eafc84c93a48c896cce651343578f5bb0c863e003

farhad-exchange.com Open in urlscan Pro 172.67.9.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

0 %IPv6

17 Domains

22 Subdomains

17 IPs

3 Countries

750 kBTransfer

2176 kBSize

12 Cookies

3 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

farhad-exchange.com Open in urlscan Pro
172.67.9.6 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

0 %
IPv6

17
Domains

22
Subdomains

17
IPs

3
Countries

750 kB
Transfer

2176 kB
Size

12
Cookies

77 HTTP transactions
0 data transactions