URL: https://bauto.xomali.ir/
Submission: On January 20 via api from US — Scanned from US

Summary

This website contacted 60 IPs in 2 countries across 55 domains to perform 135 HTTP transactions. The main IP is 2606:4700:3030::6815:25c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is bauto.xomali.ir.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.
This is the only time bauto.xomali.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 108.157.148.226 16509 (AMAZON-02)
6 151.101.194.133 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 151.101.65.44 54113 (FASTLY)
1 172.64.146.152 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 108.157.153.164 16509 (AMAZON-02)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.157.142.115 16509 (AMAZON-02)
4 6 2620:100:a001::c 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
4 141.226.224.48 200478 (TABOOLA-AS)
2 108.157.150.35 16509 (AMAZON-02)
2 2600:1408:20:... 20940 (AKAMAI-ASN1)
1 108.157.150.7 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001::f 19750 (AS-CRITEO)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.241.9.51 15169 (GOOGLE)
3 5 68.67.179.155 29990 (ASN-APPNEX)
1 2a03:2880:f10... 32934 (FACEBOOK)
10 34.107.254.252 396982 (GOOGLE-CL...)
1 34.194.161.83 14618 (AMAZON-AES)
1 18.210.237.60 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
1 74.119.119.139 19750 (AS-CRITEO)
4 35.84.127.182 16509 (AMAZON-02)
3 74.119.119.150 19750 (AS-CRITEO)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 142.251.167.155 15169 (GOOGLE)
1 2 35.211.178.172 15169 (GOOGLE)
6 7 52.86.33.22 14618 (AMAZON-AES)
2 2 50.19.176.119 14618 (AMAZON-AES)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 51.222.241.106 16276 (OVH)
1 1 34.195.165.211 14618 (AMAZON-AES)
1 23.48.8.28 16625 (AKAMAI-AS)
1 8.43.72.97 26667 (RUBICONPR...)
1 23.105.12.120 30633 (LEASEWEB-...)
1 23.222.197.151 16625 (AKAMAI-AS)
1 2 35.71.139.29 16509 (AMAZON-02)
3 4 3.225.218.10 14618 (AMAZON-AES)
2 23.40.207.64 20940 (AKAMAI-ASN1)
1 195.244.31.10 63140 (IGUANA-WO...)
1 23.39.185.111 16625 (AKAMAI-AS)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 63.251.28.234 26558 (FREEWHEEL)
1 107.23.204.122 14618 (AMAZON-AES)
3 3 18.235.212.218 14618 (AMAZON-AES)
2 2 108.157.150.29 16509 (AMAZON-02)
1 1 199.38.167.131 54312 (ROCKETFUEL)
1 107.178.254.65 15169 (GOOGLE)
1 54.198.189.169 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3.209.115.69 14618 (AMAZON-AES)
1 70.42.32.127 22075 (AS-OUTBRAIN)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 44.218.163.194 14618 (AMAZON-AES)
1 52.54.107.248 14618 (AMAZON-AES)
1 2600:9000:24f... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 50.19.136.150 14618 (AMAZON-AES)
1 108.157.142.48 16509 (AMAZON-02)
135 60
Apex Domain
Subdomains
Transfer
23 xomali.ir
bauto.xomali.ir
698 KB
12 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3125
api.permutive.com — Cisco Umbrella Rank: 2271
134 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
dynamic.criteo.com — Cisco Umbrella Rank: 4057
mug.criteo.com — Cisco Umbrella Rank: 3123
sslwidget.criteo.com — Cisco Umbrella Rank: 2254
dis.criteo.com — Cisco Umbrella Rank: 608
34 KB
8 googlesyndication.com
ceb7f8509f7387f3c86f4d191992fad6.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
42 KB
8 slate.com
compote.slate.com — Cisco Umbrella Rank: 56274
fpa-cdn.slate.com — Cisco Umbrella Rank: 107698
fpa-events.slate.com — Cisco Umbrella Rank: 71261
319 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 364
151 KB
7 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 3161
5 KB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1024
trc.taboola.com — Cisco Umbrella Rank: 646
trc-events.taboola.com — Cisco Umbrella Rank: 2085
sync-t1.taboola.com — Cisco Umbrella Rank: 1704
230 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
4 KB
5 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2634
api2.amplitude.com — Cisco Umbrella Rank: 1350
22 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
165 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
1 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
2 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2199
geo.privacymanager.io — Cisco Umbrella Rank: 1860
53 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8537
cdn.tinypass.com — Cisco Umbrella Rank: 6134
id.tinypass.com — Cisco Umbrella Rank: 15009
116 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1645
2 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1743
1 KB
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
740 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
696 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
699 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
1 KB
2 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5068
43 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
90 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 567
561 B
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
74 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
658 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
307 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
280 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2565
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 870
579 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 829
287 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1144
535 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 247
689 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1421
963 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 790
570 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
1 KB
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 698
199 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
662 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
548 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 731
342 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2620
278 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
687 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
972 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 709
813 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870
337 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3537
411 B
1 parsely.com
p1.parsely.com — Cisco Umbrella Rank: 2229
259 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 prmutv.co
16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co — Cisco Umbrella Rank: 132292
217 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
57 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7784
3 KB
1 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3301
3 KB
135 55
Domain Requested by
23 bauto.xomali.ir bauto.xomali.ir
10 api.permutive.com cdn.permutive.com
8 cdn.cookielaw.org bauto.xomali.ir
cdn.cookielaw.org
7 partner.mediawallahscript.com 6 redirects
6 gum.criteo.com 4 redirects cdn.taboola.com
dynamic.criteo.com
6 compote.slate.com bauto.xomali.ir
4 ups.analytics.yahoo.com 3 redirects
4 api2.amplitude.com cdn.amplitude.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 ib.adnxs.com 2 redirects cdn.permutive.com
3 i.liadm.com 3 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 trc-events.taboola.com bauto.xomali.ir
3 securepubads.g.doubleclick.net bauto.xomali.ir
securepubads.g.doubleclick.net
2 dpm.demdex.net 1 redirects
2 live.rezync.com 2 redirects
2 r.casalemedia.com 1 redirects
2 hb.yahoo.net
2 eb2.3lift.com 1 redirects
2 match.adsrvr.org 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 x.bidswitch.net 1 redirects
2 dis.criteo.com
2 cdn.permutive.com bauto.xomali.ir
cdn.permutive.com
2 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 connect.facebook.net bauto.xomali.ir
connect.facebook.net
2 cdn.taboola.com bauto.xomali.ir
cdn.taboola.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 c.amazon-adsystem.com bauto.xomali.ir
c.amazon-adsystem.com
1 aa.agkn.com
1 www.google.com tpc.googlesyndication.com
1 s.ad.smaato.net
1 match.sharethrough.com
1 trends.revcontent.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 c.bing.com
1 exchange.mediavine.com
1 pippio.com
1 p.rfihub.com 1 redirects
1 ad.360yield.com
1 ads.stickyadstv.com
1 tags.bluekai.com
1 visitor.omnitagjs.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 secure.adnxs.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 sslwidget.criteo.com dynamic.criteo.com
1 mug.criteo.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fpa-events.slate.com bauto.xomali.ir
1 p1.parsely.com bauto.xomali.ir
1 www.facebook.com bauto.xomali.ir
1 16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co cdn.permutive.com
1 dynamic.criteo.com bauto.xomali.ir
1 www.googletagmanager.com bauto.xomali.ir
1 fpa-cdn.slate.com bauto.xomali.ir
1 id.tinypass.com cdn.tinypass.com
1 ceb7f8509f7387f3c86f4d191992fad6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.tinypass.com experience.tinypass.com
1 trc.taboola.com cdn.taboola.com
1 ats-wrapper.privacymanager.io bauto.xomali.ir
1 experience.tinypass.com bauto.xomali.ir
1 www.npttech.com bauto.xomali.ir
1 cdn.amplitude.com bauto.xomali.ir
1 cd.connatix.com bauto.xomali.ir
135 74
Subject Issuer Validity Valid
xomali.ir
GTS CA 1P5
2024-01-02 -
2024-04-01
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.slate.com
R3
2023-11-30 -
2024-02-28
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
connatix.com
GTS CA 1P5
2024-01-02 -
2024-04-01
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-29 -
2024-01-27
3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02
2023-12-14 -
2025-01-12
a year crt.sh
npttech.com
GTS CA 1P5
2023-12-28 -
2024-03-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-13 -
2024-08-12
a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01
2023-07-27 -
2024-08-24
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-13
a year crt.sh
fpa-events.slate.com
Amazon RSA 2048 M02
2023-06-22 -
2024-07-20
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-12-26 -
2024-12-25
a year crt.sh
*.prmutv.co
R3
2023-11-29 -
2024-02-27
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
api.permutive.com
R3
2023-12-15 -
2024-03-14
3 months crt.sh
*.parsely.com
R3
2024-01-08 -
2024-04-07
3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2023-01-23 -
2024-02-14
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
hb.yahoo.net
R3
2023-12-18 -
2024-03-17
3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-13
a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01
2023-04-05 -
2024-05-03
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2023-11-20 -
2024-11-27
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
revcontent.com
Amazon RSA 2048 M02
2023-05-18 -
2024-06-16
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh

This page contains 7 frames:

Primary Page: https://bauto.xomali.ir/
Frame ID: 3FAA1EF1DCFB94B65B6FD6AAE7FFE663
Requests: 94 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=ed20abb8-f256-4574-a9b8-161bc2e90485
Frame ID: B35F725F4BE9B77A9D121242AE4A95B7
Requests: 1 HTTP requests in this frame

Frame: https://ceb7f8509f7387f3c86f4d191992fad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FFF5D38EE3D9E135403B09A713E369DE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=bauto.xomali.ir&origin=onetag&us_privacy=1---
Frame ID: 5B62776EFD79D4CD5F0E2368B19C10DB
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&google_gid=CAESEIcl3PMWqtHXL5NbqMWyD-k&google_cver=1&google_ula=913071,0
Frame ID: 63FA02CE34182AE48C78AD82C1E501BA
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBCDE9B8C2792D2E2798500FA6976C75
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46A9B53F9A2906252F42536FFABEFC9F
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Slate Magazine - Politics, Business, Technology, and the ArtsActivating this button will toggle the display of additional contentSlate homepageSubmit searchEnter queryActivating this button will toggle the display of additional contentOpen menuClose menuActivating this button will toggle the display of additional contentSlate on InstagramSlate on TwitterSlate on FacebookSlate on YouTubeSlate homepage*Slate on InstagramSlate on TwitterSlate on FacebookSlate on YouTubeAdviceAsk a questionContent Lockedfor Slate Plus membersContent Lockedfor Slate Plus membersContent Lockedfor Slate Plus membersContent Lockedfor Slate Plus membersSpeech Bubble iconArrow markerArrow markerArrow markerContent Lockedfor Slate Plus membersPodcast EpisodePodcast EpisodePodcast EpisodePodcast EpisodeContent Lockedfor Slate Plus membersContent Lockedfor Slate Plus membersContent Lockedfor Slate Plus membersPodcast EpisodePodcast EpisodeThe Slate Group logo

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

135
Requests

87 %
HTTPS

28 %
IPv6

55
Domains

74
Subdomains

60
IPs

2
Countries

2249 kB
Transfer

6785 kB
Size

89
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://gum.criteo.com/sid/json?origin=onetag&domain=xomali.ir&sn=ChromeSyncframe&so=0&topUrl=bauto.xomali.ir&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=hGB5hHxoYnBGS0Q5aU1PTDhrTm8vbUZRKzlEUkFaMlZxWTVjamtMcmhOSExNZ3pDNE5BaEJNMWNUN2YzendvUmRXWHc5RDU5Qm1yOHRIODJvOVBLZnlWLzlvZ3I5S1ZPMWVhemN1ZTZtVE9DQi9hZkJmWHlucjBFSEswdlFkb0lwZkI5NEJ5Wll6dHVTZlF4WFROTkp5dkIwVmZTM2dFSmp3ZUZmNS95dFZWTFJRdE1FY20rNTgyMHBhblVMUG1QdzVsalp2aWljbmV4TmJObStGdmNwRGIwZy9kUlptOEgzcmlpa3NCZ1BoKzFIQlovdnNicmZsZU9QRDJQZXJEbUJ5VFpxcG9qMmRwVU9ybWpQOFVzMzN4RlkvQT09fA&cppv=2
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&google_cm&google_hm=ay0wOHdoUjlpYmlld3FkdnNxdVRzcUc0VjkzZUJyQnhYMjFveXZoQQ&us_privacy=1--- HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&google_gid=CAESEIcl3PMWqtHXL5NbqMWyD-k&google_cver=1&google_ula=913071,0
Request Chain 93
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-eiWUqdibiewqdvsquTsqG4V93eCME7ejDZBoTQ&expires=30&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eiWUqdibiewqdvsquTsqG4V93eCME7ejDZBoTQ&expires=30&us_privacy=1---
Request Chain 94
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1--- HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6407949295961935321&us_privacy=1---
Request Chain 95
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&custom=&tag_format=img&tag_action=sync&custom=&cb=cc6d036e-2bca-48d3-a2e7-b1c9fa4c29be&us_privacy=1--- HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=cc6d036e-2bca-48d3-a2e7-b1c9fa4c29be&us_privacy=1---&final=true&reqid=a34e59b0-b7a2-11ee-8509-9fa173e629d0&timestamp=2024-01-20T14%3A46%3A04.748Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=6407949295961935321&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=a39acc00-b7a2-11ee-ae1a-adf78c0b44fc?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=a39acc00-b7a2-11ee-ae1a-adf78c0b44fc?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=d1420b7363389bf13b26c6f45671d205&tag_format=img&tag_action=sync&cb=147355937 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=b8ff7404-c182-4cce-8290-9c6698f6165f&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=a39acc00-b7a2-11ee-ae1a-adf78c0b44fc&cb=1705761966517&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1705761966517 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=57606e67-5a1d-4cf2-99e1-98bc28c3bbf6&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705761966517 HTTP 302
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=a4e2dc60-b7a2-11ee-ab35-159b86e69bdf
Request Chain 101
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-8N6qhtibiewqdvsquTsqG4V93eC2WV8HEiOOcw&dongle=013b&us_privacy=1--- HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-8N6qhtibiewqdvsquTsqG4V93eC2WV8HEiOOcw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---
Request Chain 102
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1---&verify=true
Request Chain 105
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1--- HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LRFSsKSknuX4RbgiShlozm8zxdhGUnKz
Request Chain 106
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cbBijtibiewqdvsquTsqG4V93eCQfCcbk9VMXA&us_privacy=1--- HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cbBijtibiewqdvsquTsqG4V93eCQfCcbk9VMXA&us_privacy=1---&C=1
Request Chain 109
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ezXZOtibiewqdvsquTsqG4V93eB_7dZZvz7PzQ&us_privacy=1--- HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ezXZOtibiewqdvsquTsqG4V93eB_7dZZvz7PzQ&us_privacy=1---&_li_chk=true&previous_uuid=d52adde56906482fac9001900c12556e HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d52adde5-6906-482f-ac90-01900c12556e&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=dbb5b680-9801-45cd-84bc-9c40326af15d%3A1705761966.4895737&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddbb5b680-9801-45cd-84bc-9c40326af15d%253A1705761966.4895737%26pid%3D500040%26it%3D1%26iv%3Ddbb5b680-9801-45cd-84bc-9c40326af15d%253A1705761966.4895737%26_%3D1705761966.4916885&cb=1705761966.491732 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=997336248598353251&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddbb5b680-9801-45cd-84bc-9c40326af15d%253A1705761966.4895737%26pid%3D500040%26it%3D1%26iv%3Ddbb5b680-9801-45cd-84bc-9c40326af15d%253A1705761966.4895737%26_%3D1705761966.4916885 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=dbb5b680-9801-45cd-84bc-9c40326af15d%3A1705761966.4895737&pid=500040&it=1&iv=dbb5b680-9801-45cd-84bc-9c40326af15d%3A1705761966.4895737&_=1705761966.4916885 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1705761966.4916885&iv=dbb5b680-9801-45cd-84bc-9c40326af15d:1705761966.4895737
Request Chain 124
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1--- HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=tLHZHn7ZLCPL3QSn057fTpR0FlmcDAWH HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tLHZHn7ZLCPL3QSn057fTpR0FlmcDAWH
Request Chain 130
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1--- HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=8yKXNKvnBaWUVzCVrYnGOONNhYIdr0AE
Request Chain 132
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HbWZ4cmRKRTJ1RTFyQWpkLlhzTUZxTFouMXNSM1hIen5B&ovsid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&dpid=58301&us_privacy=1---

135 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bauto.xomali.ir/
1 MB
234 KB
Document
General
Full URL
https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e38ff44af0aba0b00802f0948b3ec52a0d15a9f4e3ef19a7f6173caa6a7fc72e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2464
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84881aa8d8e97419-MIA
content-encoding
br
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
content-type
text/html; charset=utf-8
date
Sat, 20 Jan 2024 14:45:57 GMT
feature-policy
web-share 'self'; clipboard-write 'self' *;accelerometer 'none';autoplay 'none';camera 'none';ch-device-memory 'none';ch-downlink 'none';ch-dpr 'none';ch-ect 'none';ch-prefers-color-scheme 'none';ch-rtt 'none';ch-ua 'none';ch-ua-arch 'none';ch-ua-bitness 'none';ch-ua-full-version 'none';ch-ua-mobile 'none';ch-ua-model 'none';ch-ua-platform 'none';ch-ua-platform-version 'none';ch-viewport-width 'none';ch-width 'none';clipboard-read 'none';cross-origin-isolated 'none';display-capture 'none';document-domain 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';gyroscope 'none';hid 'none';idle-detection 'none';magnetometer 'none';microphone 'none';midi 'none';otp-credentials 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';screen-wake-lock 'none';serial 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none';ambient-light-sensor 'none';battery 'none';gamepad 'none';layout-animations 'none';legacy-image-formats 'none';oversized-images 'none';speaker-selection 'none';unoptimized-images 'none';unsized-media 'none';vibrate 'none';vr 'none';
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
web-share=(self),clipboard-write=(self *),accelerometer=(),autoplay=(),camera=(),ch-device-memory=(),ch-downlink=(),ch-dpr=(),ch-ect=(),ch-prefers-color-scheme=(),ch-rtt=(),ch-ua=(),ch-ua-arch=(),ch-ua-bitness=(),ch-ua-full-version=(),ch-ua-mobile=(),ch-ua-model=(),ch-ua-platform=(),ch-ua-platform-version=(),ch-viewport-width=(),ch-width=(),clipboard-read=(),cross-origin-isolated=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),idle-detection=(),magnetometer=(),microphone=(),midi=(),otp-credentials=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=(),ambient-light-sensor=(),battery=(),gamepad=(),speaker-selection=()
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuvJVjXG%2Bga3hJOvO5svZG50Q%2FzrkKyeReytdk%2BLwm9rfQQPhnBHAyTF4jkQT8rEUMqdkvO%2BPx7WpOpnn2OPtL1wIQgm9jJXYwnwqjR9crMkhU20CMXV3GBHXUsBCMs9Fj2dD4HpbOjW5lY3JW4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
via
1.1 varnish, 1.1 varnish
x-ab
8_0
x-cache
HIT, HIT
x-cache-hits
11, 1
x-content-type-options
nosniff
x-frame-options
sameorigin
x-is-eu
1
x-served-by
cache-iad-kiad7000157-IAD, cache-hel1410022-HEL
x-slate-uuid
ab80178b-91c3-4c6c-8658-984967f56e62
x-timer
S1705761958.608969,VS0,VE4
Register-Heavy-subset.woff2
bauto.xomali.ir/fonts/slate-com/
32 KB
32 KB
Font
General
Full URL
https://bauto.xomali.ir/fonts/slate-com/Register-Heavy-subset.woff2
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a571c0d8f7c25bd282e8d038c5c2c8cb13b094f9e0a756989e3764bba404ee1f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
32432
x-served-by
cache-iad-kiad7000140-IAD, cache-hel1410034-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761959.070228,VS0,VE0
etag
"5fd128de-7eb0"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inCVQ3H%2B0Z3tKCTri3CKiRafqZNPsqRoFGbX%2BoTlgUOtJyx8S2NlabDheCvogk2ZTJQP3W7pNgRJpnCg10WSsNt%2F7WPeVNJnJp%2F6ln71r6yAr3LC31ghiTUONcJp8XhVz8mTneXhTHMy0WvZ7CY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
84881ab1deee7419-MIA
x-cache-hits
17, 312
Register-HeavyItalic-subset.woff2
bauto.xomali.ir/fonts/slate-com/
34 KB
35 KB
Font
General
Full URL
https://bauto.xomali.ir/fonts/slate-com/Register-HeavyItalic-subset.woff2
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42bb800a50ddbf348ff64fa765ef182f93e2f8b64d65fc6ed2f5f97d602e64d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
35112
x-served-by
cache-iad-kcgs7200146-IAD, cache-hel1410034-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761959.052640,VS0,VE3
etag
"5fd128de-8928"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68NnhtobJ1D2RsW3zE0Awj0jbmJKdRk1t0BnB9Kpc5Oc%2FuvoxwemgOc8zUZ81M0KOkCZZ%2Fi4RWSgBiZCikcotihGMGKJfA5uZ8Hd87lF5qPri%2BlazlLK3CCG%2FYm8%2FXkUddPccXpbUVUGuc4NCgQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
84881ab1ef057419-MIA
x-cache-hits
125, 1
Retina-Book-subset.woff2
bauto.xomali.ir/fonts/slate-com/
41 KB
41 KB
Font
General
Full URL
https://bauto.xomali.ir/fonts/slate-com/Retina-Book-subset.woff2
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc123e1fdfe40c519213aed6431da35e0b5aa556e35dce4a4146417f02a335c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
41548
x-served-by
cache-iad-kcgs7200056-IAD, cache-hel1410025-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761959.061091,VS0,VE0
etag
"5fd128de-a24c"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUcRXhu9mTTY3iRRJqWCXi96TjU6wAuXRNPtQGxAf5IRlL6%2Fbfrll9tHgMETEoVjo%2B2xlmc701wARQgnzdm5SIw3laQeYWBGdUqIvwjpdq7y%2FWbD71fYeCYYbKkV6EgM6KhEN1yZShc2E4g4b70%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
84881ab1ef087419-MIA
x-cache-hits
17, 2
Retina-BookItalic-subset.woff2
bauto.xomali.ir/fonts/slate-com/
41 KB
42 KB
Font
General
Full URL
https://bauto.xomali.ir/fonts/slate-com/Retina-BookItalic-subset.woff2
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e351a4def3c5e76899bac16564adac935392a33d627a7e478b8f83a09f0d5045
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
42372
x-served-by
cache-iad-kcgs7200156-IAD, cache-hel1410023-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761959.050679,VS0,VE0
etag
"5fd128de-a584"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ossPh2SnMxwuFnFaT861GMVutmqUrxAwKgRqCnqepLAZZAvS7TE6LR1E2%2FaiXwz74Jxn7ax4llgkET%2B%2BrjFsUiMmijcgQkodBra32cWh44dpNUPSYg%2B08JrOnQF2HKLYOqvu%2FgpC30JjhoHdGsY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
84881ab1ef097419-MIA
x-cache-hits
17, 2
Retina-Bold-subset.woff2
bauto.xomali.ir/fonts/slate-com/
41 KB
42 KB
Font
General
Full URL
https://bauto.xomali.ir/fonts/slate-com/Retina-Bold-subset.woff2
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f1049a76c92d1b45e0751002bf59f26635d00018946c64213a4c43a840bd1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
42296
x-served-by
cache-iad-kiad7000085-IAD, cache-hel1410023-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761959.071634,VS0,VE0
etag
"5fd128de-a538"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FOzRWsVH77B8wAerCVGNaK2BNkDGrOafsUi%2BGRJ67siMxGIo6qQbypv%2FvBSRvd%2FUy%2BOzy4NAUFtmJMFR4JkBvhqEVofvelC%2BbotaxYCnJPyspvBiBXi%2FF9CY8h%2BgdjyboQaIG%2FoiwFwQLJqJrg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
84881ab1ef0a7419-MIA
x-cache-hits
19, 2
Retina-BoldItalic-subset.woff2
bauto.xomali.ir/fonts/slate-com/
42 KB
42 KB
Font
General
Full URL
https://bauto.xomali.ir/fonts/slate-com/Retina-BoldItalic-subset.woff2
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b4700d49a18bb29aa7bdfebcb6df3ddc2bb7f672a5e128f5d2979722693b9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
42972
x-served-by
cache-iad-kcgs7200125-IAD, cache-hel1410022-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761959.095273,VS0,VE0
etag
"5fd128de-a7dc"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkNH2KPtsUBRKQg%2FqEEjUwg1PdVav5S0jFwiIfaQEnFH82mftQ1cyK3Nru%2F2yKAiOYnqdQTWvvHbOTwqiudmBgj2F%2FJV9hX0MZKmrSBFfVe4pYVC%2BYJm%2Bzelrb66M4TcvTR9wh0LUEIcGrfCRSE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
84881ab1ef0b7419-MIA
x-cache-hits
16, 4
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
19164
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jan 2024 03:30:15 GMT
server
cloudflare
etag
0x8DC17D5C943CD25
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3072541c-501e-00a4-5d84-4a3025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84881ab529c29aba-MIA
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
6947
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c19e7251-301e-0069-5d8f-1300cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84881ab529c09aba-MIA
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19be3494bf9d4471c2f48972046012666f28a0cb0912d56490467eb84d22b641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29355
x-xss-protection
0
server
cafe
etag
396 / 19742 / m202401160101 / config-hash: 15866861927224639442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 14:45:59 GMT
apstag.js
c.amazon-adsystem.com/aax2/
282 KB
71 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.148.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-148-226.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:13:47 GMT
content-encoding
gzip
via
1.1 51081841af61b5839c183849bf0d2774.cloudfront.net (CloudFront), 1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:22 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5, MCI50-P2
age
1933
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
UE31lq5uK_EeNgBHnh4mHH2iIA_-iY4mT-h2AeUW-HseRfppzYLJbg==
8c244998-3b03-452a-9dd1-e26b573b57c8.jpeg
compote.slate.com/images/
22 KB
23 KB
Image
General
Full URL
https://compote.slate.com/images/8c244998-3b03-452a-9dd1-e26b573b57c8.jpeg?width=480
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb6217c1529c91f36160647650aeac4d32c8fd2a44de21abfb85e5499feb93b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
FIQP.E7s9ACbt0PI5C7VhNPIGdtI5aie
via
1.1 varnish, 1.1 varnish
date
Sat, 20 Jan 2024 14:45:59 GMT
x-amz-request-id
6M39APJD0ES6WRYS
age
3212005
x-amz-server-side-encryption
AES256
x-io
/images/8c244998-3b03-452a-9dd1-e26b573b57c8.jpeg?width=480&auto=avif
x-cache
HIT, HIT
fastly-io-info
ifsz=315315 idim=1560x1040 ifmt=jpeg ofsz=22773 odim=480x320 ofmt=avif
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
22773
x-amz-id-2
Oy3ol7reTHwLg3IMHcOjy6ANjjRYfJjGqKoM8cMIG+R+pG83+EK5jxhW+eIj1CLkDAXdvrDr6yY=
x-served-by
cache-iad-kiad7000083-IAD, cache-mia-kmia1760025-MIA
server
AmazonS3
x-timer
S1705761959.222493,VS0,VE0
etag
"VMyxSBJMXOcrJG4KVEXYwfUeSLtSE1MF6LhuVJSb4jQ"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
54413, 2
prudie.png
bauto.xomali.ir/media/components/homepage-advice/
149 KB
150 KB
Image
General
Full URL
https://bauto.xomali.ir/media/components/homepage-advice/prudie.png
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1405e38c8d4d815d56efc6eec6865289cd34ac551e0835c82289b7c3e81f31eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
153027
x-served-by
cache-iad-kjyo7100170-IAD, cache-hel1410033-HEL
last-modified
Fri, 30 Jun 2023 15:24:40 GMT
server
cloudflare
x-timer
S1705761959.061338,VS0,VE1
etag
"649ef3b8-255c3"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6jKyCYCt8ze3D3ZHgbU6sewqpeQjbLc7KTtpM0tKhm%2B%2BrR3zUoEDufzTIr8m0wkKltMny6mIMnCfc9cKnOu3j3R2Lo4Kv%2BNXVsnXQAO6T3DnxJbGsyVmjGhKOIO%2BaVvMuJCxJVC7mSxE2o1%2B1A%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
84881ab1ef137419-MIA
x-cache-hits
194, 1
privacyoptions29x14.png
bauto.xomali.ir/media/components/onetrust-update/ccpa-icons/
697 B
1 KB
Image
General
Full URL
https://bauto.xomali.ir/media/components/onetrust-update/ccpa-icons/privacyoptions29x14.png
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f5996735ffed762a680d48858858502b52c2c32509a5c5f598c5d9f2fdcaea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
697
x-served-by
cache-iad-kcgs7200146-IAD, cache-hel1410020-HEL
last-modified
Thu, 04 Jan 2024 20:51:21 GMT
server
cloudflare
x-timer
S1705761960.659472,VS0,VE0
etag
"65971a49-2b9"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hr5jo7QNIILE8onZtSWEn0IBrcuN%2FzgZyr0nsY2DySeajjzJrqOEswkaYzH5ceMMl%2Bnltq%2BBSxNaNuXtHzYxV%2FRqcnZdBsrup%2BJO4jSW6JwKaqCjh4aM3CNqVGaTLjPHOLMEpOJYowTFUMNA9GY%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
84881ab59ef44c1b-MIA
x-cache-hits
16, 4
0e1d2de3-ec2a-48ca-8f78-11045575a199.json
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/
6 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/0e1d2de3-ec2a-48ca-8f78-11045575a199.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237a6570eb880a13aee42bf274b1c2469453755b518b12b7fedc768fd839318e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
xkmI0+gjGPPk2y7O+5wxGg==
content-length
1965
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:45:28 GMT
server
cloudflare
etag
0x8DC0D6E77D8DBFB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4051ebf0-301e-008d-03b3-4a0e51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84881ab5eb315c75-MIA
expires
Sun, 21 Jan 2024 14:45:59 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
77 B
255 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
84881ab61d7c3347-MIA
vary
Accept-Encoding
content-type
text/javascript
loader.js
cdn.taboola.com/libtrc/slate1-network/
354 KB
55 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/slate1-network/loader.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf5111bcdbe5f5df8ad6ebee69309d70fbf8ba287f816d39ee3ff848b1110767

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
iX_tz7DmNXRn1zUYfMpXGUas72R9tIKW
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 Jan 2024 14:45:59 GMT
x-amz-request-id
66E2JJ0Q2469QZ77
age
91
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
56179
x-amz-id-2
kai1O2sm3PrczagzfcpKZ3xHXp2kMdYlGL52SwLA56bBdtXtxrUQvObnsIsuKEvwoEAlG84l6OE=
x-served-by
cache-mia-kmia1760063-MIA
last-modified
Thu, 18 Jan 2024 21:01:50 GMT
server
AmazonS3
x-timer
S1705761959.410326,VS0,VE2
etag
"0dd4417ec2a59f83a233d2725b698aa7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
connatix.playspace.js
cd.connatix.com/ Frame B35F
7 KB
3 KB
Script
General
Full URL
https://cd.connatix.com/connatix.playspace.js?cid=ed20abb8-f256-4574-a9b8-161bc2e90485
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0967face1b9400b00f5519e88c54ba0af06f30b733ad8dc786f669f4cfc820a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84881ab65c54d9c1-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
sprite.svg
bauto.xomali.ir/media/components/masthead/
17 KB
8 KB
Other
General
Full URL
https://bauto.xomali.ir/media/components/masthead/sprite.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae879df9e9203b60ca482e1723bc15ffda91285b95b30636ad3f468b1b8aae7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kcgs7200022-IAD, cache-hel1410031-HEL
last-modified
Wed, 06 Dec 2023 14:28:29 GMT
server
cloudflare
x-timer
S1705761960.673124,VS0,VE0
etag
W/"6570850d-45cb"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHttuXBuLxK37%2BLDoSt64oPAwteBYthcE7axk431X1RHHoO9AJ2VwU6KnilFAaxCe%2FqephdEDIDpV2EZ%2B6Lj9DB96S4Kc7RSHticvmz2qa%2Fj4QMG9W8u5R1gITdm%2F7J2aau78F%2F%2Be6Ncy8%2FBMX4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab5cf234c1b-MIA
x-cache-hits
17, 2792
global-sprite.svg
bauto.xomali.ir/media/sites/slate-com/
23 KB
10 KB
Other
General
Full URL
https://bauto.xomali.ir/media/sites/slate-com/global-sprite.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1af11c32d42ff7931eb8ca57c539ed1f6c7da50a729c24c40b98bcba83d181b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kiad7000136-IAD, cache-hel1410033-HEL
last-modified
Thu, 20 Apr 2023 17:00:14 GMT
server
cloudflare
x-timer
S1705761960.670825,VS0,VE0
etag
W/"64416f9e-5bd4"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzELfo6lbatWrA6SGJnLp%2FWx1YG7jiyMM0bHhKNkN2maE7azoYPUkXZ8wixGC1U21oeCrrCJEi8%2Bf6l2Sf%2FqKav%2FUHzCRJFY7lbvmVxL7Y%2BZNnWafqmHzOHzzU5wKgm0QOqdg73MCIsSBLd101Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab5cf2a4c1b-MIA
x-cache-hits
18, 5
Lora-Regular-subset.woff2
bauto.xomali.ir/fonts/slate-com/
25 KB
26 KB
Font
General
Full URL
https://bauto.xomali.ir/fonts/slate-com/Lora-Regular-subset.woff2
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07933861209e28131bb69e64f37c37afdd2999678f8a147f6a6bab05ae7148b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
26032
x-served-by
cache-iad-kcgs7200034-IAD, cache-hel1410033-HEL
last-modified
Fri, 20 Jan 2023 20:15:29 GMT
server
cloudflare
x-timer
S1705761960.691655,VS0,VE1
etag
"63caf661-65b0"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Enh2CIrAIewV7g%2FKP3A7UgFLz%2BrC10RGNTzcQ4ojyffV7h%2FYRR1UGGDrDVvU5etvsQHwqlyBXW%2FaXWg6MZRlW%2Bay6DAGvgYCnydcuE8jc%2Fe9I8NPbDlblwutwPX0GWEI3WCi5H0QwbDU3sBFHM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
84881ab5df404c1b-MIA
x-cache-hits
3, 1
prudie-sprite.svg
bauto.xomali.ir/media/sites/slate-com/
8 KB
4 KB
Other
General
Full URL
https://bauto.xomali.ir/media/sites/slate-com/prudie-sprite.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad1465ec2456fd39f0b19048529729e8de572fa8797f7381eb3ec7da6e3e1f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kiad7000045-IAD, cache-hel1410029-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761960.751547,VS0,VE1
etag
W/"5fd128de-217b"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wIh1MJ0gbIjGVMuOA7KIgMuIK0tvDKRbV%2Fo06%2BGqNP4Umh0lXfWyPux0UFSDz9DgsFMwIr1IT7APTg%2FL1Rcxsjos%2BxkhmKKuYyD4kXRmDaAUclQBcAy9uMDgMMaaPdonsNsj0MPNzavp9TZIeU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab65fb94c1b-MIA
x-cache-hits
3895, 1
sprite.svg
bauto.xomali.ir/media/components/roadblock-signifier/
248 B
962 B
Other
General
Full URL
https://bauto.xomali.ir/media/components/roadblock-signifier/sprite.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c065e668729c733fc85bcd0a6503faf9b2931d2967b0552e9db845277e20cd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kcgs7200120-IAD, cache-hel1410032-HEL
last-modified
Fri, 30 Jun 2023 15:24:40 GMT
server
cloudflare
x-timer
S1705761960.766006,VS0,VE1
etag
W/"649ef3b8-f8"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xih2mM0kU4VPU%2FTSrOJOmf%2F7GvYI6N92q3sIpo23GHVAsA94VRUIIIfjQtRHLPHcPfQm95W8wJj9jqvMbtSRpGslSv8D6Oq9D3jdRroqRBDnzjLF1hnkck5MZQ3%2FwKCv9ombNJ%2BR7COwGK1o6xM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab65fba4c1b-MIA
x-cache-hits
3844, 1
signifiers.svg
bauto.xomali.ir/media/sites/slate-com/
1 KB
1 KB
Other
General
Full URL
https://bauto.xomali.ir/media/sites/slate-com/signifiers.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f311d8aa7e370357ab10b71e399d73cddd2c90d6cc75f3168897ff386241888
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kiad7000139-IAD, cache-hel1410024-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761960.766460,VS0,VE0
etag
W/"5fd128de-458"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKgXSPvNz0HrhE%2BusXOTjcyrVL5n0wdIq08KBhjMp3fmG4YKcrRKkARS%2F6dZqhYuPmSRnzKKgWu1s%2BaZFbEyfXJD9hBlJbpxLTt31k24Wdz928z8aUYxsu9slh%2BhP0vwK7XxlAxOmDHx016QxJo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab65fbb4c1b-MIA
x-cache-hits
15, 2
sprite.svg
bauto.xomali.ir/media/components/homepage-advice/
16 KB
8 KB
Other
General
Full URL
https://bauto.xomali.ir/media/components/homepage-advice/sprite.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6e24a24df7645c5eb0b948aeb760b53990175f8f980ea14045ed7007ac13d3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kjyo7100038-IAD, cache-hel1410029-HEL
last-modified
Fri, 30 Jun 2023 15:24:40 GMT
server
cloudflare
x-timer
S1705761960.765887,VS0,VE0
etag
W/"649ef3b8-3f3c"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHeKCp0c52aTFkV45Bh8lmUV59aEkiSoM41xb7V5MWCU6imZBd%2Bd3qcAddlo0wq0J4t%2BboXa8GFtL84X4aOfo%2B0Z4mURIyNzo8rWaJcBnkF%2F86%2BkI0GzLWdcUVS%2FEwmYrBmkxLbxORGmHkU15Ac%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab65fbc4c1b-MIA
x-cache-hits
1941, 2
sprite.svg
bauto.xomali.ir/media/components/roadblock-indicator/
243 B
956 B
Other
General
Full URL
https://bauto.xomali.ir/media/components/roadblock-indicator/sprite.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e941afb84eb88968bdf93ee42a99941485f8a78b311577b0b3845e5ca78eba90
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kjyo7100045-IAD, cache-hel1410020-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761960.752250,VS0,VE0
etag
W/"5fd128de-f3"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaKf3nQCuAJ2H7xs9somwRqVjvswCPDSlwnaGTtI23wCNAdt3K1pR2o%2FgylW1oTH9z5Fit%2FuK2bvuw6cJCmfWzs0J3JBGHxkY3fapKlChZzu0OdDbwkU5tRJDW0mnd%2BVeJ4iPQhiM7tCzeHSYIk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab65fbf4c1b-MIA
x-cache-hits
2460, 472
slate-group.svg
bauto.xomali.ir/media/components/global-footer/
4 KB
2 KB
Other
General
Full URL
https://bauto.xomali.ir/media/components/global-footer/slate-group.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50832693980e5c77ec736487ce344a40bee1e0e241cf9a4b756b8673bc346854
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kiad7000172-IAD, cache-hel1410025-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761960.765998,VS0,VE0
etag
W/"5fd128de-f4f"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgzavsZM6uG2Za4qYEXxeTuNWTwzogbwydanh0zWbZlxtSxXyGoUVrke6Sn7iFr1ZkN4qesyqBZP85TyM09Y81kxrGiwLh4xL4M%2FxTTcj1GaJEXL1%2BFxrIoB9u1i2S4a37mZytCzTbjMatGBTt8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab65fc04c1b-MIA
x-cache-hits
18, 4
fbevents.js
connect.facebook.net/en_US/
213 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 20 Jan 2024 14:45:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57023
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
a9iH6tFBfUHYfVXlWkWBZH8Ag7sbgMV+ISCAiIQtbCdQB3waJh3CDJDVJHJUvjff8lLb91wuSDf54GOq+rIxrw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics-browser-1.1.4-min.js.gz
cdn.amplitude.com/libs/
68 KB
21 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.153.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-153-164.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85959941ab12a5f6a9debebbf56c7b1471d829a390444ee7ca96116afc7b8ff2

Request headers

Referer
https://bauto.xomali.ir/
Origin
https://bauto.xomali.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 12:56:38 GMT
content-encoding
gzip
via
1.1 c8027aca1fb4d6f5e5ddf4023fcf8a34.cloudfront.net (CloudFront)
x-amz-version-id
ekSPhRG79Jx.VT8XE3IJ6fa8DOn9bG_F
x-amz-cf-pop
MCI50-P2
age
92963
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21189
last-modified
Sat, 13 Aug 2022 03:30:51 GMT
server
AmazonS3
etag
"60863dd34935487e8591c29a976c6f8c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
1pQEyo7sEBBxZZ1zpEjNuO3BOAIM5uwBHiGXV99vzF4xWq082gTebg==
resize.js
bauto.xomali.ir/piano/scripts/
4 KB
2 KB
Script
General
Full URL
https://bauto.xomali.ir/piano/scripts/resize.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd909b8bef25305eab3c01341369df8eeace213432077753bcfeaf5c922bb28
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kcgs7200174-IAD, cache-hel1410023-HEL
last-modified
Tue, 23 May 2023 20:26:34 GMT
server
cloudflare
x-timer
S1705761960.910963,VS0,VE0
etag
W/"646d217a-ebe"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpWGg9k%2B9CdOuwMM5IxhBXlpIIwpjk%2BIaiihaW%2FN1zRb4IfhVfZKtOyokhahu2UmQOtnxAIdayRwV2S1i8T9fxJiCH%2Fn9Etl0DqDz6hOQ3Ltmt8ITY1Gu42xmFDazE73bZ%2Blok4PXs%2Bxrke2xcw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=60
cf-ray
84881ab748c24c1b-MIA
x-cache-hits
36305, 3
advertising.js
www.npttech.com/
6 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:00 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PPKG0BH3D6235G7G
age
5321
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VPLZdLE0V6rD53deo5Z5Ne07djuq1B6uHQ7nJUOf6ZKqmJTTM3u3Mge65g18kN6igD6hFBteZpM=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U35mApQ3etOn1Dn4aPJVxZsklMpu29%2BYrzqgm%2FEtemr4T0BCGAw3vQ6MAqRB6g0jd3TKM7pYIzBKlhaST5g%2B7Fa%2BC%2F99uJ%2BUdOq4%2BJiHNaJ7zM5jm5HgIihNH0GZF6n9KbgMt5zmW5vJZft%2BoI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
84881abddafd259d-MIA
load
experience.tinypass.com/xbuilder/experience/
4 KB
1 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=homyv5Uzpu
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43cecb942dedd0e30e6cf86a69f8d7fbcec2b02c909fc6cab118f23c84d5d5c0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Sat, 20 Jan 2024 14:46:00 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Jan 2024 14:02:02 GMT
server
cloudflare
age
2638
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
84881abddc5c31fb-MIA
alt-svc
h3=":443"; ma=86400
x-request-id
k7yr24zgm8
expires
Sat, 20 Jan 2024 15:16:00 GMT
podcast-sprite.svg
bauto.xomali.ir/media/sites/slate-com/
11 KB
5 KB
Other
General
Full URL
https://bauto.xomali.ir/media/sites/slate-com/podcast-sprite.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86c144af7d301fb3ae0165ee310da09e4e3f26920d171f5b29a13475792d7f24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:00 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kiad7000060-IAD, cache-hel1410032-HEL
last-modified
Thu, 27 May 2021 15:10:46 GMT
server
cloudflare
x-timer
S1705761960.943150,VS0,VE2
etag
W/"60afb676-2be1"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zILpv5p7d2OnC%2Fv9%2B8ZFPj0LdbfKDhfqZ12u7RwRsrlnAWO3uWW4IeAqOq3wC4GGpvDdL%2ByjlcnhX6Zaq%2BFMGh9QkQoS%2FFrB4SkwYp%2BpBtWbvczwgUcaaagtCRPYG7%2B%2FUQsF2plw7NhVbkfsUxU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab758cc4c1b-MIA
x-cache-hits
3814, 1
the-slatest.png
bauto.xomali.ir/media/components/newsletter-signup/
6 KB
7 KB
Image
General
Full URL
https://bauto.xomali.ir/media/components/newsletter-signup/the-slatest.png
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49f353bb42cb724a409d8e592ed28e9880b0053670c4f0684f262a61a592c058
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:00 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
content-length
6380
x-served-by
cache-iad-kiad7000027-IAD, cache-hel1410023-HEL
last-modified
Thu, 11 May 2023 18:47:10 GMT
server
cloudflare
x-timer
S1705761960.944290,VS0,VE4
etag
"645d382e-18ec"
x-frame-options
sameorigin
vary
Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7HUb42%2BfqBVq6qM%2By0yDppKFmDgVmAvucX9UYndTD0%2FCjeYlHYyrVR5JU7KUh7N%2BfGidObNfD8CcQpraInNi%2BvcH%2FN5BnOL8rkCT6FVdI2vRKklXkV78gkieSsMlD078NUie3jVUL8VA0f0Jw8%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
84881ab758cf4c1b-MIA
x-cache-hits
3829, 1
favicon.svg
bauto.xomali.ir/media/components/meta-icons/
937 B
1 KB
Image
General
Full URL
https://bauto.xomali.ir/media/components/meta-icons/favicon.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ac621592b8f0b6e334f0663e675c2355021d9900c346bf8845f90815a314e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kiad7000120-IAD, cache-hel1410024-HEL
last-modified
Thu, 04 Mar 2021 19:49:42 GMT
server
cloudflare
x-timer
S1705761960.911934,VS0,VE0
etag
W/"604139d6-3a9"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AGx5gAQTyIKnMyCXOW2jGYkGoVFVisIMFEmRbUsUy%2B%2BsBy%2B7%2BCi1DRZUFJWB9JyCdHrvH%2FhGG04o36AgKrrdTjeLJCho2RGPYTOkfSNV5vN0RUiMWkzffAEu338BtTmY7U3GeurR8ktoPHHnz4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab758d24c1b-MIA
x-cache-hits
16, 2
apple-podcasts-icon.svg
bauto.xomali.ir/media/sites/slate-com/
2 KB
2 KB
Image
General
Full URL
https://bauto.xomali.ir/media/sites/slate-com/apple-podcasts-icon.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:25c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127684a7a2984aa5f6deeafb2b1b6c27cec577c472bec44bbb9ea4ac67f502ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:00 GMT
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
content-encoding
br
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-iad-kjyo7100147-IAD, cache-hel1410028-HEL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
server
cloudflare
x-timer
S1705761960.948715,VS0,VE0
etag
W/"5fd128de-64a"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyv6MW49KUt8m4TjH34FZX1UEt9Zft1%2FQohhf8PxwqLDREpJw%2BuXrhKGzKAd%2FyWpvjECeUkMZzWZrs%2FW65K2GYo00fiE0gnc0%2Fz%2BOv2lQbtx1bVDyVq%2FbuShbPUGXjKxz0IBxcXZVVY9d%2Bjei0w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84881ab758d34c1b-MIA
x-cache-hits
3810, 3
d71c9376-2c6b-4d7d-bc35-00c12db69c9c.jpeg
compote.slate.com/images/
164 KB
165 KB
Image
General
Full URL
https://compote.slate.com/images/d71c9376-2c6b-4d7d-bc35-00c12db69c9c.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-1170
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1286526d3c57be0dac0408695d91a37bbeb6484e10943eed9b4e6bbf03a2a4ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
GTeC8sX.xqM78GzXfeSQOYBb49STClwE
via
1.1 varnish, 1.1 varnish
date
Sat, 20 Jan 2024 14:45:59 GMT
fastly-io-served-by
vpop-kiad7010248
x-amz-request-id
V2MR9FNW0JK9T2SK
x-amz-server-side-encryption
AES256
age
55803
x-cache
HIT, HIT
fastly-io-info
ifsz=486048 idim=1560x1040 ifmt=jpeg ofsz=168275 odim=1170x780 ofmt=avif
x-io
/images/d71c9376-2c6b-4d7d-bc35-00c12db69c9c.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-1170&width=1170&height=780&auto=avif
fastly-stats
io=1
content-length
168275
x-amz-id-2
CvhJ7WQ80Ri6NOui4X0shknk7K+6zHhRm9ETtx93EnJS4yBpzqrmo/KEaIAY6ziyp5vZEHexNBg=
x-served-by
cache-iad-kcgs7200081-IAD, cache-mia-kmia1760025-MIA
server
AmazonS3
x-timer
S1705761960.580011,VS0,VE1
etag
"bv9AaM71Rnka2sTKuE3c0ppmu9hA2qhgG4S2khxjS4E"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
39, 1
fabefd71-bd01-406c-b600-45949ef66ccb.jpeg
compote.slate.com/images/
11 KB
11 KB
Image
General
Full URL
https://compote.slate.com/images/fabefd71-bd01-406c-b600-45949ef66ccb.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf268c4daa88c0598eb50eb58581a11bd5656f1c285410afaebf1fc93cb91309

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
DEqr15LfA5W6xjhT9HaOUlmDhQ.EGxIA
via
1.1 varnish, 1.1 varnish
date
Sat, 20 Jan 2024 14:45:59 GMT
fastly-io-served-by
vpop-kiad7010212
x-amz-request-id
2V7BGY9SRSYEWR07
x-amz-server-side-encryption
AES256
age
71967
x-cache
HIT, HIT
fastly-io-info
ifsz=256995 idim=1560x1040 ifmt=jpeg ofsz=11193 odim=390x260 ofmt=avif
x-io
/images/fabefd71-bd01-406c-b600-45949ef66ccb.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390&width=390&height=260&auto=avif
fastly-stats
io=1
content-length
11193
x-amz-id-2
1MFLJgpLlBjASUgyKJJ8CzDHjwYWe8sOw4U+ksjnPN0yx8qPKw76rcYQSYvlGrnfUSUk5Tu6iBw=
x-served-by
cache-iad-kiad7000166-IAD, cache-mia-kmia1760025-MIA
server
AmazonS3
x-timer
S1705761960.580120,VS0,VE0
etag
"SlHhwJobEuKNWtOPnBncIJffU3MXDHI+lHVKaKao2FI"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
4, 3
3c4a7303-30c8-4438-a9e3-b838ab443a20.jpeg
compote.slate.com/images/
73 KB
73 KB
Image
General
Full URL
https://compote.slate.com/images/3c4a7303-30c8-4438-a9e3-b838ab443a20.jpeg?crop=2691%2C1794%2Cx0%2Cy0&s=image-585
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8796a798ce8f3e7d4dc29beee5f75f91bb98195a88264ea1b58532ea3787e931

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
Wyl63Xj8V2POMZyOMLqxLpHdbrJ1EQ4V
via
1.1 varnish, 1.1 varnish
date
Sat, 20 Jan 2024 14:45:59 GMT
fastly-io-served-by
vpop-kiad7010227
x-amz-request-id
XPR0GDNEC2Q1SJAA
x-amz-server-side-encryption
AES256
age
158913
x-cache
HIT, HIT
fastly-io-info
ifsz=2770327 idim=3000x1794 ifmt=jpeg ofsz=74522 odim=585x390 ofmt=avif
x-io
/images/3c4a7303-30c8-4438-a9e3-b838ab443a20.jpeg?crop=2691%2C1794%2Cx0%2Cy0&s=image-585&width=585&height=390&auto=avif
fastly-stats
io=1
content-length
74522
x-amz-id-2
WzI2OhvyDOrrVFdVUjIhdlqTC1wVXN4p21k+J2RujVQylTqtjmFcGgan9EmBVlpJqlc5pXNrLjI=
x-served-by
cache-iad-kiad7000053-IAD, cache-mia-kmia1760025-MIA
server
AmazonS3
x-timer
S1705761960.580229,VS0,VE2
etag
"9Sr/ZsJM4yy/xQ14DRhVm5/g5bhawokQrxR01tbr9yw"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
25, 1
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
68 B
306 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:45:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
84881ab7ccbe0359-MIA
access-control-allow-headers
Content-Type
impl.20240118-41-RELEASE.js
cdn.taboola.com/libtrc/
841 KB
174 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
804c82c1f71019d6f077585d76d632a0359fffe3ef1c5b3a3cbfc80319b4aff3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
lUKCNR44Ng8MmlKaJQZn9W2VI8BuGtQM
content-encoding
br
via
1.1 varnish
date
Sat, 20 Jan 2024 14:45:59 GMT
x-amz-request-id
39ZMK056B7ZDCQCP
age
8912
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
177634
x-amz-id-2
nd/kWZjJyTEan1pwRWOnWiewBc/kAbns3PtkgwZCIjDjMYYguLcDmeq2qfiErxTDHid1vZk2vhQ=
x-served-by
cache-mia-kmia1760063-MIA
last-modified
Thu, 18 Jan 2024 20:17:15 GMT
server
AmazonS3-br
x-timer
S1705761960.641469,VS0,VE0
etag
"cd33b4a66bfc73e151bf02608aef3fbb"
vary
Accept-Encoding
content-type
application/javascript
abp
49
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
16712
ats.js
ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/
157 KB
52 KB
Script
General
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ats.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.142.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-115.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b4cd976b8ecd9dc78e3042692b91de6173d8633c411e374f418dfaa5c889b91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
VNmzZfXKTwOsUmlRjs_.PUNYEdcbJP0b
content-encoding
gzip
via
1.1 a32c95e360d4eb0b33f08b3a74cb0984.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 14:05:17 GMT
last-modified
Thu, 14 Dec 2023 12:30:08 GMT
server
AmazonS3
x-amz-cf-pop
MCI50-P1
age
2443
x-amz-server-side-encryption
AES256
etag
W/"6fe089e0f90d6043dba275907373c5a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
mXyK59nn6y1UIojM5ZHMYZPHOncX7RB_MGs4Gmcef0039VuE57ZC3g==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:11:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
27264
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138162
x-xss-protection
0
server
cafe
etag
1666572220375911148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 19 Jan 2025 07:11:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
66 B
84 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bauto.xomali.ir
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beb37fd5b1fef2fb3cc21607104c5bd8e92923361468d6254c623927c3fb9c82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
expires
Sat, 20 Jan 2024 14:46:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.148.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-148-226.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:01 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 084aee51c27f761149c5fc97f2b483ca.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
AgI7Ixi56sRiN6RUL4_2k4xkhHVQHN3XxoRQeMzst5as5oAVR6aZCw==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202312.1.0/
428 KB
104 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f3e1b209eebcd0ae7a1d19aa7d7bc6a7753995a2e412a5933c97dbe040112f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NgWSX+Cq7lSczucQPtQGiA==
age
70405
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106373
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 03:41:47 GMT
server
cloudflare
etag
0x8DC118E12803BCF
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f6bb5f8b-301e-000b-1df8-43c2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84881ab81dbc9aba-MIA
5d083c52-558e-4a3f-b899-d2a33e1cdbb9.jpeg
compote.slate.com/images/
19 KB
20 KB
Image
General
Full URL
https://compote.slate.com/images/5d083c52-558e-4a3f-b899-d2a33e1cdbb9.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60a4663e07b33114962ad76b42315bde1383f7f2724a11aa2e36228a5b7dd02a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
.M9kh_1oKdgO6aR_tyG0Y3OSLxA4SV97
via
1.1 varnish, 1.1 varnish
date
Sat, 20 Jan 2024 14:46:00 GMT
fastly-io-served-by
vpop-kiad7010230
x-amz-request-id
8NP11W3CV83FSD82
x-amz-server-side-encryption
AES256
age
147339
x-cache
HIT, HIT
fastly-io-info
ifsz=368144 idim=1560x1040 ifmt=jpeg ofsz=19592 odim=390x260 ofmt=avif
x-io
/images/5d083c52-558e-4a3f-b899-d2a33e1cdbb9.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390&width=390&height=260&auto=avif
fastly-stats
io=1
content-length
19592
x-amz-id-2
06dI4SYu90bCYA7WRbD4zEg+lzRiZCq5YstgTdnnPaz3MH+pPCCibFmdBXIhbMl2NbevtMvHLMc=
x-served-by
cache-iad-kiad7000088-IAD, cache-mia-kmia1760025-MIA
server
AmazonS3
x-timer
S1705761960.325296,VS0,VE0
etag
"8jegLhWUQ/tHYGmWqRZsV3jA7LvdpStw92sbl8o7pzQ"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
47, 3
c5fda45b-87b0-49d2-9829-bc6b3cac6b23.jpeg
compote.slate.com/images/
7 KB
7 KB
Image
General
Full URL
https://compote.slate.com/images/c5fda45b-87b0-49d2-9829-bc6b3cac6b23.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdd0e648d34149cd95588065acc32cc5c5ae126b2143bc5f2a986f7b16fd297e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
fRfqX1_VYe10O1M92ePmbeCo1RBuwTYK
via
1.1 varnish, 1.1 varnish
date
Sat, 20 Jan 2024 14:46:00 GMT
fastly-io-served-by
vpop-kiad7010217
x-amz-request-id
EFJ0Z2SSRQ7QD1WW
x-amz-server-side-encryption
AES256
age
78331
x-cache
HIT, HIT
fastly-io-info
ifsz=139098 idim=1560x1040 ifmt=jpeg ofsz=7060 odim=390x260 ofmt=avif
x-io
/images/c5fda45b-87b0-49d2-9829-bc6b3cac6b23.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390&width=390&height=260&auto=avif
fastly-stats
io=1
content-length
7060
x-amz-id-2
4CwI+tGeMH30If8TjEPkGdVJE+N5KUaAmKOlTCn4sNvoPsF9P+at67yFTfFIVVDFVKHNY2KMJQA=
x-served-by
cache-iad-kcgs7200095-IAD, cache-mia-kmia1760025-MIA
server
AmazonS3
x-timer
S1705761960.325394,VS0,VE1
etag
"gp3On1p+dTF6SX4xU2PP57Ip26g2wKhsgjQSXeWMar8"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
33, 1
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
216616
expires
60
json
trc.taboola.com/unknown-site-on-slate1-network/trc/3/
31 B
393 B
XHR
General
Full URL
https://trc.taboola.com/unknown-site-on-slate1-network/trc/3/json?tim=04%3A46%3A00.703&lti=deflated&data=%7B%22id%22%3A633%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1705611708143%2C%22vi%22%3A1705761960700%2C%22cv%22%3A%2220240118-41-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslate.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fbauto.xomali.ir%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7948%2C%22nsid%22%3A%22slate1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dslate1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A7426.9375%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dslate1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
41
date
Sat, 20 Jan 2024 14:46:00 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
30788
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760063-MIA
x-log-content-encoding
gzip
server
nginx
x-timer
S1705761961.721766,VS0,VE41
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://bauto.xomali.ir
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
tinypass.min.js
cdn.tinypass.com/api/
388 KB
115 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=homyv5Uzpu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:00 GMT
x-amz-version-id
H7a115WEqNXFo.QtnkpxpTVDitW2prKU
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
NW6RXCTYSS86RNK9
age
13835
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zJWjmK5EG06UpRQ+ACNAuP/k30/mQsFRBt05o1YTaCvR+oPK2J2ieJBb3Ib5bcPEK7bEfLBEEooSfiYm61RwajNRgt3QA4EI
last-modified
Mon, 15 Jan 2024 07:11:57 GMT
server
cloudflare
etag
W/"aa1d660c48c990b14bcbd31be164beca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
84881abe8d1c31fb-MIA
expires
Sat, 20 Jan 2024 18:46:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
0
0

container.html
ceb7f8509f7387f3c86f4d191992fad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFF5
6 KB
3 KB
Document
General
Full URL
https://ceb7f8509f7387f3c86f4d191992fad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bauto.xomali.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 14:46:01 GMT
expires
Sun, 19 Jan 2025 14:46:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.json
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/c507653a-35ae-44b0-95a8-d2350a161087/
114 KB
24 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/c507653a-35ae-44b0-95a8-d2350a161087/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88da1049e32a51998d094a3ae3b89c5152517f539879adebfce9fd24058637df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
cd0gg0JniTJsgTvOTJoqig==
content-length
23840
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:46:57 GMT
server
cloudflare
etag
0x8DC0D6EAC709916
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f37acbd5-801e-0088-5cb3-4adc8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84881ac21ee25c75-MIA
expires
Sun, 21 Jan 2024 14:46:01 GMT
debug
trc-events.taboola.com/unknown-site-on-slate1-network/log/2/
0
89 B
Image
General
Full URL
https://trc-events.taboola.com/unknown-site-on-slate1-network/log/2/debug?tim=04%3A46%3A01.284&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=4373&cv=20240118-41-RELEASE&lt=deflated&pct=1
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63735
debug
trc-events.taboola.com/unknown-site-on-slate1-network/log/2/
0
89 B
Image
General
Full URL
https://trc-events.taboola.com/unknown-site-on-slate1-network/log/2/debug?tim=04%3A46%3A01.286&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=6930&cv=20240118-41-RELEASE&lt=deflated&pct=1
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63735
debug
trc-events.taboola.com/unknown-site-on-slate1-network/log/2/
0
90 B
Image
General
Full URL
https://trc-events.taboola.com/unknown-site-on-slate1-network/log/2/debug?tim=04%3A46%3A01.286&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=7503&cv=20240118-41-RELEASE&lt=deflated&pct=1
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63735
/
geo.privacymanager.io/
30 B
610 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.150.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-150-35.mci50.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:11:39 GMT
via
1.1 0d28f7015cfb69cd3eb6e14359add86e.cloudfront.net (CloudFront), 1.1 50bcc1ff63a798f0f7082ac859d1d732.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4, MCI50-P2
age
23662
x-amzn-requestid
4572b5d9-66ec-4bd8-ad4b-582ffc7e5fbd
x-amzn-trace-id
Root=1-65ab803b-4691119d0ac76f194d2054cb;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
R1D5aHxgDoEEK-Q=
content-length
30
x-amz-cf-id
LOPJkMkjQeOq2z9Y5VfL_GFdd0gZCtpUugZr7dN1E1Ly0Kx1r9SaLg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
cx.cce.js
cdn.cxense.com/
23 KB
6 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:38d::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 14:46:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Sat, 20 Jan 2024 15:46:02 GMT
verify
id.tinypass.com/id/api/v1/identity/token/
0
0
Script
General
Full URL
https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=lrm6mowpz6mlrccw&page_view_id=lrm6mowp9fmqpq2e&content_type=website&page_title=Slate+Magazine+-+Politics%2C+Business%2C+Technology%2C+and+the+Arts&callback=jsonp965&client_id=homyv5Uzpu&site=https%3A%2F%2Fbauto.xomali.ir
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

bLayout-en.json
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/c507653a-35ae-44b0-95a8-d2350a161087/
14 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/c507653a-35ae-44b0-95a8-d2350a161087/bLayout-en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6affc43b2e71979bfbb1d0270c92f42165b313b045abdc90bf5f74b7fa7e84c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2948
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:47:08 GMT
server
cloudflare
etag
0x8DC0D6EB359BF85
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c8f8d63d-e01e-0008-03af-4b238c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84881ac368d95c75-MIA
expires
Sun, 21 Jan 2024 14:46:01 GMT
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:46:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 03:41:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9abdd52b-701e-0047-33b3-4a52d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84881ac368db5c75-MIA
/
geo.privacymanager.io/
30 B
610 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.150.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-150-35.mci50.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:11:39 GMT
via
1.1 0d28f7015cfb69cd3eb6e14359add86e.cloudfront.net (CloudFront), 1.1 50bcc1ff63a798f0f7082ac859d1d732.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4, MCI50-P2
age
23662
x-amzn-requestid
4572b5d9-66ec-4bd8-ad4b-582ffc7e5fbd
x-amzn-trace-id
Root=1-65ab803b-4691119d0ac76f194d2054cb;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
R1D5aHxgDoEEK-Q=
content-length
30
x-amz-cf-id
Oz_bGGkzms-oG6eqIJOcnmZ8HdX8CIZEeImELM7BEroudtSZuW9Vvg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ads
securepubads.g.doubleclick.net/gampad/
0
0

ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
510 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 20 Jan 2024 14:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
12631
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jan 2024 03:30:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
557de1fb-c01e-006d-66ca-498dc8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84881aca7f959aba-MIA
p.js
fpa-cdn.slate.com/keys/slate.com/
57 KB
19 KB
Script
General
Full URL
https://fpa-cdn.slate.com/keys/slate.com/p.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.150.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-150-7.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb59b80fac02f84de6115b5fbda6bdc0855835195edb7083a0773c208ccb5a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 05:47:50 GMT
content-encoding
gzip
via
1.1 f7f9f3d588a38a4cee083e9af044ddb0.cloudfront.net (CloudFront)
last-modified
Tue, 15 Mar 2022 16:42:38 GMT
server
AmazonS3
x-amz-cf-pop
MCI50-P2
age
32293
etag
W/"bbc31bfacbc04e696822f712268e3245"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Cc_LEXxtC-Afx6-jRuTePE7fcA47cIGssfV7XM1HpzEDTD8ew3nDPw==
166975463695820
connect.facebook.net/signals/config/
127 KB
33 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/166975463695820?v=2.9.141&r=stable&domain=bauto.xomali.ir
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c9430d5853d971c4137284387bd2d4ead073955f9607a88424024c14407d009
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 20 Jan 2024 14:46:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
oV1QQx08XzAYyPnL+gqvEyheFAoPVDLah1tCOAstvb2FsmMAQ6OtpVlaSG1pGFJpS4+2wyjcMnqrtDT+kVhVIQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
150 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794295919
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
695c8f94fdc48e9404c1e5baf9e7006f24c541f9f5273f1400530828f9fa8f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58169
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jan 2024 14:46:02 GMT
ld.js
dynamic.criteo.com/js/ld/
46 KB
20 KB
Script
General
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=92394
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f4b41cde4aadd8b2f22b1c66a62c75df9187e428e5a16091f3a69b0cbdf233c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
cdn.permutive.com/
491 KB
115 KB
Script
General
Full URL
https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3bbdffc487e693a5f03f14ac6a5925b9647814c3095f68e13251fdcd66920cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:02 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
16d3bd5c-bf92-4bf0-815a-eac397d3aadf
age
0
x-guploader-uploadid
ABPtcPqWLvrC0KyTz6gk2_GR265guV0zS19qaCGEjzCwTXKZo6ebgX18ySiE2RPm14dr2w4AwN8VQDhL_w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
117134
last-modified
Fri, 19 Jan 2024 20:06:10 GMT
server
cloudflare
etag
"3b5fddca6b154980a948db624595f957"
vary
Accept-Encoding
x-goog-generation
1705694770818191
content-type
application/javascript
x-goog-hash
crc32c=feof2g==, md5=O1/dymsVSYCpSNtiRZX5Vw==
cache-control
public, max-age=900
x-goog-stored-content-length
117134
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84881acaf9349ab7-MIA
expires
Sat, 20 Jan 2024 15:01:02 GMT
cx.js
cdn.cxense.com/
112 KB
37 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:38d::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d6532503517dc33a226156c4beecefadd88096a0af5d9d3ba3c082f2601f157

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 14:46:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 12:20:42 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37289
Expires
Sat, 20 Jan 2024 15:46:02 GMT
pxid
16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co/v2.0/
12 B
217 B
XHR
General
Full URL
https://16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co/v2.0/pxid?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 20 Jan 2024 14:46:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://bauto.xomali.ir
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
getuidj
ib.adnxs.com/
11 B
574 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:03 GMT
an-x-request-uuid
93953154-445e-4ffc-96bd-027b9d6b5f24
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bauto.xomali.ir
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
7c40071d-7e2c-4818-9a1f-b7d698b98cfa
https://bauto.xomali.ir/
164 KB
0
Other
General
Full URL
blob:https://bauto.xomali.ir/7c40071d-7e2c-4818-9a1f-b7d698b98cfa
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c6e38e6ff85fd7d37b784fa3473bf7748bd699c5aa31c71a066ad7e0d52bd17

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
167923
Content-Type
0318e593-c3de-4298-b8c7-3e04bea78154
https://bauto.xomali.ir/
164 KB
0
Other
General
Full URL
blob:https://bauto.xomali.ir/0318e593-c3de-4298-b8c7-3e04bea78154
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c6e38e6ff85fd7d37b784fa3473bf7748bd699c5aa31c71a066ad7e0d52bd17

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
167923
Content-Type
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=166975463695820&ev=PageView&dl=https%3A%2F%2Fbauto.xomali.ir&rl=&if=false&ts=1705761963232&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4125&fbp=fb.1.1705761962771.1161783396&cs_est=true&pm=1&hrl=d35b2b&ler=empty&it=1705761962632&coo=false&cs_cc=1&cs_cc=1&cas=3689187221101849&cas=3689187221101849&cdl=&rqm=GET
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 20 Jan 2024 14:46:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
geoip
api.permutive.com/v2.0/
300 B
398 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip&include=ip_hash&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0a2c9f09cfa16e699b286a0891533dcc1a6da1efd49b71931f12bbb48bb7187e

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 20 Jan 2024 14:46:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://bauto.xomali.ir
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
213
watson
api.permutive.com/v2.0/
2 B
78 B
XHR
General
Full URL
https://api.permutive.com/v2.0/watson?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 20 Jan 2024 14:46:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://bauto.xomali.ir
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
/
p1.parsely.com/plogger/
43 B
259 B
Image
General
Full URL
https://p1.parsely.com/plogger/
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 14:46:03 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 20-Jan-2024 14:46:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
fpa-events.slate.com/plogger/
43 B
259 B
Image
General
Full URL
https://fpa-events.slate.com/plogger/?rand=1705761963307&plid=25009491&idsite=slate.com&url=https%3A%2F%2Fbauto.xomali.ir%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fbauto.xomali.ir%2F&sref=&sts=1705761963301&slts=0&title=Slate+Magazine+-+Politics%2C+Business%2C+Technology%2C+and+the+Arts&date=Sat+Jan+20+2024+04%3A46%3A03+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=20345083&u=pid%3D1e355ba43e1dcf1d4626637cf9eba71b
Requested by
Host: bauto.xomali.ir
URL: https://bauto.xomali.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.210.237.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-237-60.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 14:46:03 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 20-Jan-2024 14:46:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
16d3bd5c-bf92-4bf0-815a-eac397d3aadf-models.bin
cdn.permutive.com/models/v2/
24 KB
17 KB
XHR
General
Full URL
https://cdn.permutive.com/models/v2/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a95f1152e40660937302f43f7d0ac1e45123b34cf7fba3d04587df3d3cb4bb7

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 20 Jan 2024 14:46:03 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-oid
16d3bd5c-bf92-4bf0-815a-eac397d3aadf
age
0
x-guploader-uploadid
ABPtcPpBQ7Lsft8R-eoq8sNaQehPPd3HUHsxqYLluihwtvcN6E1N0DdpV9-XP5DZ-W0C6zWzc31gqhn0ZQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
17099
last-modified
Fri, 19 Jan 2024 20:06:16 GMT
server
cloudflare
etag
"a4a19c15453da85608b4f1cd5951ee9d"
vary
Accept-Encoding
x-goog-generation
1704693836507034
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=F56CQg==, md5=pKGcFUU9qFYItPHNWVHunQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
17099
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84881acf3b853347-MIA
expires
Sat, 20 Jan 2024 14:46:03 GMT
syncframe
gum.criteo.com/ Frame 5B62
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=bauto.xomali.ir&origin=onetag&us_privacy=1---
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bauto.xomali.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 14:46:02 GMT
server
Kestrel
server-processing-duration-in-ticks
822005
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/794295919/
0
0
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794295919/?random=1705761963337&cv=11&fst=1705761963337&bg=ffffff&guid=ON&async=1&gtm=45be41h0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbauto.xomali.ir%2F&hn=www.googleadservices.com&frm=0&tiba=Slate%20Magazine%20-%20Politics%2C%20Business%2C%20Technology%2C%20and%20the%20Arts&us_privacy=1---&auid=105633213.1705761963&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794295919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

sid
mug.criteo.com/ Frame 5B62
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=xomali.ir&sn=ChromeSyncframe&so=0&topUrl=bauto.xomali.ir&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=hGB5hHxoYnBGS0Q5aU1PTDhrTm8vbUZRKzlEUkFaMlZxWTVjamtMcmhOSExNZ3pDNE5BaEJNMWNUN2YzendvUmRXWHc5RDU5Qm1yOHRIODJvOVBLZnlWLzlvZ3I5S1ZPMWVhemN1ZTZtVE9DQi9hZkJmWHlucjBFSEswdl...
423 B
1 KB
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=hGB5hHxoYnBGS0Q5aU1PTDhrTm8vbUZRKzlEUkFaMlZxWTVjamtMcmhOSExNZ3pDNE5BaEJNMWNUN2YzendvUmRXWHc5RDU5Qm1yOHRIODJvOVBLZnlWLzlvZ3I5S1ZPMWVhemN1ZTZtVE9DQi9hZkJmWHlucjBFSEswdlFkb0lwZkI5NEJ5Wll6dHVTZlF4WFROTkp5dkIwVmZTM2dFSmp3ZUZmNS95dFZWTFJRdE1FY20rNTgyMHBhblVMUG1QdzVsalp2aWljbmV4TmJObStGdmNwRGIwZy9kUlptOEgzcmlpa3NCZ1BoKzFIQlovdnNicmZsZU9QRDJQZXJEbUJ5VFpxcG9qMmRwVU9ybWpQOFVzMzN4RlkvQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
87b713d0c79c32d241379b6896fe2feab1ec263157d983a3c704a5a016df3a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4928906
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=hGB5hHxoYnBGS0Q5aU1PTDhrTm8vbUZRKzlEUkFaMlZxWTVjamtMcmhOSExNZ3pDNE5BaEJNMWNUN2YzendvUmRXWHc5RDU5Qm1yOHRIODJvOVBLZnlWLzlvZ3I5S1ZPMWVhemN1ZTZtVE9DQi9hZkJmWHlucjBFSEswdlFkb0lwZkI5NEJ5Wll6dHVTZlF4WFROTkp5dkIwVmZTM2dFSmp3ZUZmNS95dFZWTFJRdE1FY20rNTgyMHBhblVMUG1QdzVsalp2aWljbmV4TmJObStGdmNwRGIwZy9kUlptOEgzcmlpa3NCZ1BoKzFIQlovdnNicmZsZU9QRDJQZXJEbUJ5VFpxcG9qMmRwVU9ybWpQOFVzMzN4RlkvQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
333578
content-length
0
expires
0
identify
api.permutive.com/v2.0/
50 B
255 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
58ae70a7055fc061f4772494e0a3e6fe63729414ac6a1c6dd362101a124f7bd3

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 20 Jan 2024 14:46:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://bauto.xomali.ir
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff6ebe7daa627065f1b1042c806811bbfe007c6f272ae93f3ff1fff99aa87aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12390
x-xss-protection
0
httpapi
api2.amplitude.com/2/
93 B
307 B
Fetch
General
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.127.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-127-182.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
24529a9c4c48aec12b135d582649d84c12713c844f3c9b7eacb31d16694057f3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Jan 2024 14:46:04 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
trace-id
Root=1-65abdcac-256ae6181e49d7f577064e08
content-length
93
segment
api.permutive.com/clm/v1/
42 B
96 B
XHR
General
Full URL
https://api.permutive.com/clm/v1/segment?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
4fc0877e9979bb1ad14dc062667ccab419a29746d240cd7cbb84a78beed45cfe

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 20 Jan 2024 14:46:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
content-type
application/json
segment
api.permutive.com/adv/v2/
14 B
67 B
XHR
General
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 20 Jan 2024 14:46:03 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
audiences
api.permutive.com/audience-matching/v1/id/b70784c1-2eb9-4762-bff8-6253d9914b29/
12 B
25 B
XHR
General
Full URL
https://api.permutive.com/audience-matching/v1/id/b70784c1-2eb9-4762-bff8-6253d9914b29/audiences?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 20 Jan 2024 14:46:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame
0
0
Preflight
General
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.127.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-127-182.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bauto.xomali.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Sat, 20 Jan 2024 14:46:04 GMT
strict-transport-security
max-age=15768000
event
sslwidget.criteo.com/
11 KB
5 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=92394&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=TZLZsl9uSkNNWUFqM1JwVTNOc1dsdkZlVm1QM3FVclFZdWs0N0psZjhVYUEycHo3eTkxN25lakVheGNib0pMU0VzZjdiNVdybXVaeVZwYjVnVHpoRjYxWVlBR2FZUnl3dnRzdUFjZDlYeTFTWUFoNDNGc3klMkJmQyUyRklPVU13UGZuYXJkZGZJMSUyQmElMkI5WmJmSWthUEg1bXg3Y0F2dyUzRCUzRA&tld=xomali.ir&dy=1&fu=https%253A%252F%252Fbauto.xomali.ir%252F&ceid=7d647f57-2aad-41ff-9a40-87d610581856&dtycbr=86527&cs=1---&cv=1
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2856b9d8b0ccfbcb1a569882114ef8e889281a2d3034988a5c1a58b9efb5371a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
12499592
timing-allow-origin
*
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 14:46:04 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 63FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&google_cm&google_hm=ay0wOHdoUjlpYmlld3FkdnNxdVRzcUc0VjkzZUJyQnhYM...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&google_gid=CAESEIcl3PMWqtHXL5NbqMWyD-k&google_cver=1&google_ula=913071,0
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&google_gid=CAESEIcl3PMWqtHXL5NbqMWyD-k&google_cver=1&google_ula=913071,0
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1224065
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&google_gid=CAESEIcl3PMWqtHXL5NbqMWyD-k&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame 63FA
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-eiWUqdibiewqdvsquTsqG4V93eCME7ejDZBoTQ&expires=30&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eiWUqdibiewqdvsquTsqG4V93eCME7ejDZBoTQ&expires=30&us_privacy=1---
43 B
510 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eiWUqdibiewqdvsquTsqG4V93eCME7ejDZBoTQ&expires=30&us_privacy=1---
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 14:46:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eiWUqdibiewqdvsquTsqG4V93eCME7ejDZBoTQ&expires=30&us_privacy=1---
Date
Sat, 20 Jan 2024 14:46:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 63FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1---
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1---
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6407949295961935321&us_privacy=1---
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6407949295961935321&us_privacy=1---
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3102217
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
an-x-request-uuid
cd21169c-df40-40ff-a3f9-c6d45e2be3a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6407949295961935321&us_privacy=1---
x-proxy-origin
38.132.118.76; 38.132.118.76; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
partner.mediawallahscript.com/ Frame 63FA
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&custom=&tag_format=img&tag_action=sync&custom=&cb=cc6d036e-2bca-48d3-a2e7-b1c9fa4...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-08whR9ibiewqdvsquTsqG4V93eBrBxX21oyvhA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=cc6d036e-2bca-48d...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=6407949295961935321&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=a39acc00-b7a2-11ee-ae1a-adf78c0b44fc?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=a39acc00-b7a2-11ee-ae1a-adf78c0b44fc?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=d1420b7363389bf13b26c6f45671d205&tag_format=img&tag_action=sync&cb=147355937
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=b8ff7404-c182-4cce-8290-9c6698f6165f&tag_format=img&tag_action=sync&cb=
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=a39acc00-b7a2-11ee-ae1a-adf78c0b44fc&cb=1705761966517&rmn=y&redirect=https%3A%2F%2Fpartner.me...
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=57606e67-5a1d-4cf2-99e1-98bc28c3bbf6&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705761966517
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=a4e2dc60-b7a2-11ee-ab35-159b86e69bdf
0
405 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=a4e2dc60-b7a2-11ee-ab35-159b86e69bdf
Protocol
H2
Server
52.86.33.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-33-22.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Sat, 20 Jan 2024 14:46:07 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=a4e2dc60-b7a2-11ee-ab35-159b86e69bdf
date
Sat, 20 Jan 2024 14:46:07 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
content-length
0
cksync.php
contextual.media.net/ Frame 63FA
57 B
813 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k--3GdSNibiewqdvsquTsqG4V93eDkFE-qcloztg&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 14:46:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 20 Jan 2024 14:46:05 GMT
tap.php
pixel.rubiconproject.com/ Frame 63FA
42 B
972 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-qpWu9tibiewqdvsquTsqG4V93eCojLDmdD3mRg&expires=30&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 63FA
43 B
687 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GbcCdNibiewqdvsquTsqG4V93eAeKgSc5Ote4w&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 63FA
0
374 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ZlssoNibiewqdvsquTsqG4V93eCLuqsnktuhgA&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63051
um
criteo-sync.teads.tv/ Frame 63FA
23 B
278 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-vX4oENibiewqdvsquTsqG4V93eD-iAEa669pOA&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 20 Jan 2024 14:46:04 GMT
pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 63FA
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-8N6qhtibiewqdvsquTsqG4V93eC2WV8HEiOOcw&dongle=013b&us_privacy=1---
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-8N6qhtibiewqdvsquTsqG4V93eC2WV8HEiOOcw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-8N6qhtibiewqdvsquTsqG4V93eC2WV8HEiOOcw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 Jan 2024 14:46:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-8N6qhtibiewqdvsquTsqG4V93eC2WV8HEiOOcw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---
date
Sat, 20 Jan 2024 14:46:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/ Frame 63FA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1---&verify=true
0
313 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1---&verify=true
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1---&verify=true
date
Sat, 20 Jan 2024 14:46:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame 63FA
57 B
669 B
Image
General
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.64 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-64.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 20 Jan 2024 14:46:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sat, 20 Jan 2024 14:46:05 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 63FA
49 B
342 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-6QCX6tibiewqdvsquTsqG4V93eDO5ahO9bLn1w&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0
sync
tags.bluekai.com/site/29001/ Frame 63FA
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1---
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LRFSsKSknuX4RbgiShlozm8zxdhGUnKz
62 B
548 B
Image
General
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LRFSsKSknuX4RbgiShlozm8zxdhGUnKz
Protocol
H2
Server
23.39.185.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 20 Jan 2024 14:46:05 GMT
content-length
62
bk-server
ad02
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LRFSsKSknuX4RbgiShlozm8zxdhGUnKz
date
Sat, 20 Jan 2024 14:46:03 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1186509
content-length
0
rum
r.casalemedia.com/ Frame 63FA
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cbBijtibiewqdvsquTsqG4V93eCQfCcbk9VMXA&us_privacy=1---
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cbBijtibiewqdvsquTsqG4V93eCQfCcbk9VMXA&us_privacy=1---&C=1
43 B
544 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cbBijtibiewqdvsquTsqG4V93eCQfCcbk9VMXA&us_privacy=1---&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yxk1ePfOe2sh55MDPBSh4WufFbv3jXwkMTmgE4gcYG3g4bQRXuV2sPkrLEsvhRxhBLZzJPcQfGoUdRpFaQNBuoxEzS5SEzg2T8u%2Fqzn2%2BHw6C6azjRq2oTXpCdGSbUntOB4w"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84881ae0ed5b2209-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Jwx3F8Li0By9XeAvztBmBMTfTGj1y71aiM%2Bl%2BguTpAaW3QHMMv2K%2F8M%2B4YfVJuhgzTuxFZYM3ZkmfSpWS7Tn3wea9h542dAkdLt6enMz92WHCdsm08hdSsqI7%2BUzSsFSzrf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-cbBijtibiewqdvsquTsqG4V93eCQfCcbk9VMXA&us_privacy=1---&C=1
cache-control
no-cache
cf-ray
84881addaa292209-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
user-registering
ads.stickyadstv.com/ Frame 63FA
43 B
662 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-kvNKh9ibiewqdvsquTsqG4V93eBmyGI1ok3PbA&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Jan 2024 14:46:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705761965395020-313
match
ad.360yield.com/ Frame 63FA
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-50C7G9ibiewqdvsquTsqG4V93eA-nHTF1j1_zQ&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.23.204.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-204-122.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Jan 2024 14:46:05 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
pippio.com/api/ Frame 63FA
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ezXZOtibiewqdvsquTsqG4V93eB_7dZZvz7PzQ&us_privacy=1---
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ezXZOtibiewqdvsquTsqG4V93eB_7dZZvz7PzQ&us_privacy=1---&_li_chk=true&previous_uuid=d52adde56906482fac9001900c12556e
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d52adde5-6906-482f-ac90-01900c12556e&us_privacy=1---
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=dbb5b680-9801-45cd-84bc-9c40326af15d%3A1705761966.4895737&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddbb5b680-9801-45cd...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=997336248598353251&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddbb5b68...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=dbb5b680-9801-45cd-84bc-9c40326af15d%3A1705761966.4895737&pid=500040&it=1&iv=dbb5b680-9801-45cd-84bc-9c40326af15d%3A1705761966.4895737&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1705761966.4916885&iv=dbb5b680-9801-45cd-84bc-9c40326af15d:1705761966.4895737
42 B
570 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1705761966.4916885&iv=dbb5b680-9801-45cd-84bc-9c40326af15d:1705761966.4895737
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:07 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1705761966.4916885&iv=dbb5b680-9801-45cd-84bc-9c40326af15d:1705761966.4895737
Date
Sat, 20 Jan 2024 14:46:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
push
exchange.mediavine.com/usersync/ Frame 63FA
0
963 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dc78atibiewqdvsquTsqG4V93eBlGlVDl3WlrA&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.189.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:05 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
c.gif
c.bing.com/ Frame 63FA
42 B
689 B
Image
General
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-tYBuDNibiewqdvsquTsqG4V93eBv1v1Q_s5ByQ&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:04 GMT
last-modified
Wed, 10 Jan 2024 01:59:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BBB89EB38EE542F78CF69231770A802C Ref B: MIAEDGE2121 Ref C: 2024-01-20T14:46:05Z
etag
"c5fcfc9c6843da1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
1017
jadserve.postrelease.com/suid/ Frame 63FA
43 B
535 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-iC69ENibiewqdvsquTsqG4V93eBhJ29KwlKcfg&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.115.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-115-69.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 63FA
0
287 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-rKtQ4dibiewqdvsquTsqG4V93eCXiAbVicF8kQ&initiator=partner&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 14:46:06 GMT
Cache-Control
no-cache
X-TraceId
336b20bfae786ccf09a8cc70b111272e
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 63FA
42 B
579 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-DJ0riNibiewqdvsquTsqG4V93eC5WMWTDTCN-g&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 20 Jan 2024 14:46:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/ Frame 63FA
0
0
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-Tvz6D9ibiewqdvsquTsqG4V93eB-Aw_hqzW5zQ&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.218.163.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-163-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

v1
match.sharethrough.com/sync/ Frame 63FA
68 B
280 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-u-0IM9ibiewqdvsquTsqG4V93eChbIWreN1NuQ&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.107.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-107-248.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:06 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
s.ad.smaato.net/c/ Frame 63FA
0
307 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-xAJbVtibiewqdvsquTsqG4V93eAUWHqfOjPnRA&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f8:6200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:06 GMT
cache-control
no-cache, must-revalidate
via
1.1 12da75dd0294ffd6ebbfbc19f6a9b0f4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MCI50-P1
x-amz-cf-id
d53BVmlpk5bMH2Dy0BbIgwpnWZQPuc4geqG6c6gl39wirTZNLVtsug==
x-cache
Miss from cloudfront
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBCD
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bauto.xomali.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
33339
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 05:30:25 GMT
expires
Sun, 19 Jan 2025 05:30:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 46A9
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61131d22c8ac0848a6aadba1005ccd81e17f9b6e86e215b494883f77a24fdd89
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c7R-aJud37aeVgAHWoSGdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bauto.xomali.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-c7R-aJud37aeVgAHWoSGdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 14:46:07 GMT
expires
Sat, 20 Jan 2024 14:46:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
events
api.permutive.com/v2.0/batch/
101 B
130 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4c402089728feaaaac6c08af3bb57137bf207296804bc1370ec9fe6579498a0a

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 20 Jan 2024 14:46:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://bauto.xomali.ir
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
setuid
ib.adnxs.com/ Frame 63FA
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-OApRC9ibiewqdvsquTsqG4V93eCwdzxhhhfbBw&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:05 GMT
an-x-request-uuid
a981355a-c07a-4740-bcbb-9e39197d827a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame DBCD
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 02:14:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
45110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Jan 2025 02:14:15 GMT
state
api.permutive.com/v1.0/
0
34 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 20 Jan 2024 14:46:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
demconf.jpg
dpm.demdex.net/ Frame 63FA
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1---
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=tLHZHn7ZLCPL3QSn057fTpR0FlmcDAWH
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tLHZHn7ZLCPL3QSn057fTpR0FlmcDAWH
42 B
716 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tLHZHn7ZLCPL3QSn057fTpR0FlmcDAWH
Protocol
H2
Server
50.19.136.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-136-150.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-03564d7a1.edge-va6.demdex.com 11 ms
pragma
no-cache
date
Sat, 20 Jan 2024 14:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
G2etsAHySAA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-0c06c0e72.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Sat, 20 Jan 2024 14:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
3r+9T3LjToU=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tLHZHn7ZLCPL3QSn057fTpR0FlmcDAWH
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
identify
api.permutive.com/v2.0/
50 B
123 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
58ae70a7055fc061f4772494e0a3e6fe63729414ac6a1c6dd362101a124f7bd3

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 20 Jan 2024 14:46:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://bauto.xomali.ir
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
generate_204
tpc.googlesyndication.com/ Frame DBCD
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?HF9qvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:46:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
httpapi
api2.amplitude.com/2/
94 B
308 B
Fetch
General
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.127.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-127-182.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b24ba19d40537ee50e1e38e08a74b0c65ecc8e9ca5fc250c31a2a5c4005d1905
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Jan 2024 14:46:06 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
trace-id
Root=1-65abdcae-12de8d1f72ae6cfa20e823c0
content-length
94
httpapi
api2.amplitude.com/2/ Frame
0
0
Preflight
General
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.127.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-127-182.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bauto.xomali.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Sat, 20 Jan 2024 14:46:05 GMT
strict-transport-security
max-age=15768000
audiences
api.permutive.com/audience-matching/v1/id/b70784c1-2eb9-4762-bff8-6253d9914b29/
12 B
25 B
XHR
General
Full URL
https://api.permutive.com/audience-matching/v1/id/b70784c1-2eb9-4762-bff8-6253d9914b29/audiences?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://bauto.xomali.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 20 Jan 2024 14:46:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
g.pixel
aa.agkn.com/adscores/ Frame 63FA
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1---
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=8yKXNKvnBaWUVzCVrYnGOONNhYIdr0AE
43 B
658 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=8yKXNKvnBaWUVzCVrYnGOONNhYIdr0AE
Protocol
H2
Server
108.157.142.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-142-48.mci50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:46:06 GMT
via
1.1 a32c95e360d4eb0b33f08b3a74cb0984.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
MCI50-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
9zx76xHtV2mvyoqK4xAE1UE6zfiUPFJZtpL45o3TKIBqwiChuQa7OQ==
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=8yKXNKvnBaWUVzCVrYnGOONNhYIdr0AE
date
Sat, 20 Jan 2024 14:46:05 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
666497
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=868186526945879&bg=!8vGl8b7NAAa8BdJLnAU7ADQBe5WfOLXk2nrGrMuGBXd8ox00s8jbq450jVyNTxq5Gw2kRZnzT1It6gZh09oLwqsHUEvyAgAAARdSAAAAA2gBB5kCxaUYdAzS-zbbvpYD-SKHZHvXEL_2estu-8rpInb1_ssUVXxMbT7WDvlucfHh4gC1j6V63JRhDnUoD_cc0oeN5iBMSoHk-3le4xSn4BwXdbz0LTmlKikHjUdqrj0ZNdzTIaPXw6i-rLmwOa80kRWLhvgp0MLk8z5On1QdDq5-kT34gVrKheUX3kmeyKJ_4pYMkpTdpTdnm-t9-Xsj-C1CgVDsLmLBjiYQMLjl6WniIGLEQtj2M9H_iRS7NI-6FnqZq4nWmZU7Xz1_1iYoS10yG7bpIC9p8tocTCFsvgivHIxzOmCIRkWHU9SdJDFy-0VWaTBepEkMP_pZkkxjd4iHsIz34s7DgBAzIfbFj1Hb-pwFCGlBEIXtfPTEIPsRLr_uObDXWRY6Qqc-ymqHcMzlRkdKO7XFUe3Wx_GvnDn41MJhdGrdKKLTezVrFUUhikI3NEvW2yvkLaroMVzVFCbkB01_A1hqmyiME4-cHyllNLhuROq4oBsh6sZYHrHgidoF0zUt6VYqbW7OIDmJKSVhQqtCzqtFjKhuNIyUA5Yi1DMKC_K-pz3UMN6Sz-KgAJ_buWf0KDjKoRTDMbyLJ6W5KQ0QzZ-9a4fD2pedHkGxDWuZ8QWYF4qkmda76I3x8lB_eScz6bSRFiAsc4td_8WSXF7l5Os-AMCer4Gu26CRnK-BxcmqUvWAqXbSYsmXLdCAAAFBNSTy77U0RT-360Gw7GodUuu9zPYmIyuNJtuf6RxxS7vfuuIwOZUk604d0fIEfvjDHLcDRUKyZoQw98Boi9JXuKu_yNMfJn8fpLpoCNdR2Tym77pn8PHVmIKicA7O352n0P8ELw5DILuOjq4GRj8UD5xVmWLMy3FjyLVt2O0JzxdwADiUkI7zU9jJk6p8wKnQLlj-ZWYCI5oE9-izKM_Tv4FxUlFUBXtqNx88jIqm7E9ythY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bauto.xomali.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cksync
hb.yahoo.net/ Frame 63FA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HbWZ4cmRKRTJ1RTFyQWpkLlhzTUZxTFouMXNSM1hIen5B&ovsid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&dpid=58301&us_privacy=1---
57 B
503 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HbWZ4cmRKRTJ1RTFyQWpkLlhzTUZxTFouMXNSM1hIen5B&ovsid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&dpid=58301&us_privacy=1---
Protocol
H2
Server
23.40.207.64 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-64.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 20 Jan 2024 14:46:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sat, 20 Jan 2024 14:46:06 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HbWZ4cmRKRTJ1RTFyQWpkLlhzTUZxTFouMXNSM1hIen5B&ovsid=k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ&dpid=58301&us_privacy=1---
date
Sat, 20 Jan 2024 14:46:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ Frame 46A9
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=868186526945879&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=868186526945879&correlator=1173694766041136&eid=31080258%2C31080493%2C31080526%2C95320408%2C44807746%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x2&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705761961251&lmt=1705761961&adxs=1093&adys=1185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbauto.xomali.ir%2F&vis=1&psz=357x0&msz=357x0&fws=4&ohw=1600&ga_vid=371643982.1705761961&ga_sid=1705761961&ga_hid=1854948400&ga_fc=false&dlt=1705761958653&idt=2100&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dhp-native-main-1%26threshold%3D400%26outstream_eligible%3Dfalse&cust_params=permutive%3D%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclrm50s28002pv8m8l7etrvrz%26page_type%3Dhomepage%26ab_var%3D8_0%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled&adks=878418835&frm=20
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=868186526945879&correlator=1173694766041136&eid=31080258%2C31080493%2C31080526%2C95320408%2C44807746%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1x3&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705761962206&lmt=1705761962&adxs=315&adys=326&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbauto.xomali.ir%2F&vis=1&psz=970x250&msz=970x250&fws=4&ohw=1600&ga_vid=371643982.1705761961&ga_sid=1705761961&ga_hid=1854948400&ga_fc=false&dlt=1705761958653&idt=2100&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dleaderboard-1%26threshold%3D400%26outstream_eligible%3Dfalse&cust_params=permutive%3D%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclrm50s28002pv8m8l7etrvrz%26page_type%3Dhomepage%26ab_var%3D8_0%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled&adks=3262606562&frm=20

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| slateGlobal function| FontFaceObserver object| OneTrustTCFStub object| TARGETING_CATEGORIES function| receiveOTMessage object| cX object| slateCMP object| nonIabVendorApi object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| slateAmplitudeQueue object| slateParsely object| pbjs function| cnxps boolean| isMobile function| loadAdLightning object| googletag object| apstag object| _taboola object| permutive object| slatePermutiveData string| selected object| dd function| fbq function| _fbq object| _comscore object| _qevents function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| mountLegacyServices function| tryToMount function| mountComponentModules object| modules function| require object| process object| DS object| Eventify object| regeneratorRuntime object| lazySizesConfig object| lazySizes object| pbjsChunk object| _pbjsGlobals object| criteo_q object| amplitude object| _slateCriteo object| tp object| __otccpaooLocation function| _typeof object| TRC object| _tblConsole undefined| msg object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles boolean| _SLATE_PIANO_RESIZE_INITIALIZED function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| BlockAdBlock object| blockAdBlock undefined| google_measure_js_timing number| google_unique_id object| gaGlobal function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp function| jsonp965 object| Optanon object| OneTrust object| PARSELY function| gtag object| analyticsConnectorInstances function| cxCCE_callQueueExecute object| cxTest object| ari object| Criteo object| google_tag_manager object| GooglebQhCsO object| GoogleGcLKhOms object| google_image_requests

89 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCCFw
bauto.xomali.ir/ Name: slate-uuid
Value: ab80178b-91c3-4c6c-8658-984967f56e62
bauto.xomali.ir/ Name: slate-uuid-js
Value: ab80178b-91c3-4c6c-8658-984967f56e62
bauto.xomali.ir/ Name: AB
Value: 8_0
bauto.xomali.ir/ Name: usprivacy
Value: 1---
.xomali.ir/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAmATgFYA7AAZew8dwBsAFi79J-EAF8gA
.xomali.ir/ Name: _pcid
Value: %7B%22browserId%22%3A%22lrm6mowpz6mlrccw%22%7D
.xomali.ir/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
bauto.xomali.ir/ Name: __adblocker
Value: false
id.tinypass.com/ Name: AWSELBCORS
Value: D54D83371CA73269B30D9CD8F7A2329AB776287862FFD8DC0100DB03DE8A35C66583798973BD56FD844A5701BCD5F7A9FB54EF3D8E4AE7294365ED4A08F98E0D25F17595A2
.doubleclick.net/ Name: IDE
Value: AHWqTUkO2XaPQx3hrPQK2yLBqIkhffnSP3mVK6n9xlHSmDw5c8mANm9Xkg_alkST
bauto.xomali.ir/ Name: _lr_geo_location_state
Value: FL
bauto.xomali.ir/ Name: _lr_geo_location
Value: US
.xomali.ir/ Name: _fbp
Value: fb.1.1705761962771.1161783396
.xomali.ir/ Name: permutive-id
Value: b70784c1-2eb9-4762-bff8-6253d9914b29
.xomali.ir/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://bauto.xomali.ir/%22%2C%22sref%22:%22%22%2C%22sts%22:1705761963301%2C%22slts%22:0}
.xomali.ir/ Name: _parsely_visitor
Value: {%22id%22:%22pid=1e355ba43e1dcf1d4626637cf9eba71b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1705761963301}
.xomali.ir/ Name: _gcl_au
Value: 1.1.105633213.1705761963
.criteo.com/ Name: uid
Value: 97060b95-d154-4331-b7df-f76e9544f0e7
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.xomali.ir/ Name: _parsely_tpa_blocked
Value: {%22tpab%22:false}
.criteo.com/ Name: partitioned_bundle
Value: wGbbjl9uSkNNWUFqM1JwVTNOc1dsdkZlVm1QM3FVclFZdWs0N0psZjhVYUEycHo3eTkxN25lakVheGNib0pMU0VzZjdiNVdybXVaeVZwYjVnVHpoRjYxWVlBR2FZUnl3dnRzdUFjZDlYeTFTWUFoNDNGc3klMkJmQyUyRklPVU13UGZuYXJkZGZmV1ZpRE04SGo4dllYTFBNeCUyRnIzc3MlMkJRUFVGOEZtenlwd3lGdm1iYnJiUSUzRA
.xomali.ir/ Name: cto_bundle
Value: TZLZsl9uSkNNWUFqM1JwVTNOc1dsdkZlVm1QM3FVclFZdWs0N0psZjhVYUEycHo3eTkxN25lakVheGNib0pMU0VzZjdiNVdybXVaeVZwYjVnVHpoRjYxWVlBR2FZUnl3dnRzdUFjZDlYeTFTWUFoNDNGc3klMkJmQyUyRklPVU13UGZuYXJkZGZJMSUyQmElMkI5WmJmSWthUEg1bXg3Y0F2dyUzRCUzRA
.adnxs.com/ Name: uuid2
Value: 6407949295961935321
.taboola.com/ Name: t_gid
Value: 45b863ed-abc3-486a-a740-35b32f66f455-tuctca5622c
.taboola.com/ Name: t_pt_gid
Value: 45b863ed-abc3-486a-a740-35b32f66f455-tuctca5622c
.rubiconproject.com/ Name: khaos
Value: LRM6MRI9-10-6JYU
.rubiconproject.com/ Name: audit
Value: 1|bQw8koa0nH9sm98yL/lJ9Y5IA6+FB1mlAyDc6t5ZDl+bz16xSA9sXTEuSd4EPj/y8hs52oiiUuiM1KxoLazIt+aleybw1oy9Ba0etFFpiE3F1SaF7SAU7Nd4teDj6QnmpWvVw7PIaARBK7R1SvHTn26TfRMmpcJ7Xs6UKoprCwfmQdVc7iIhNLmuVI3BKwvQ8Yx4/xf3yka2DwHVhkWelQpZIr1EtStGCax3pyYFnS0=
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.teads.tv/ Name: tt_viewer
Value: c65dbbe3-c8cf-48fa-a0c5-fa3a8f036251
.smartadserver.com/ Name: pid
Value: 334741423654467127
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 79:k-GbcCdNibiewqdvsquTsqG4V93eAeKgSc5Ote4w
.3lift.com/ Name: tluid
Value: 4208182423767673056029
.bidswitch.net/ Name: tuuid
Value: ba346a22-e4d4-4989-bdf6-1302448162e4
.bidswitch.net/ Name: c
Value: 1705761964
.media.net/ Name: visitor-id
Value: 3487635651524412000V10
.media.net/ Name: data-c-ts
Value: 1705761965
.media.net/ Name: data-c
Value: k--3GdSNibiewqdvsquTsqG4V93eDkFE-qcloztg~~3
.mediawallahscript.com/ Name: mCookie
Value: a39acc00-b7a2-11ee-ae1a-adf78c0b44fc
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E?hj'NxN!]tbPl@/D!9hy6]/Cwi[^tv0D4/GD<`Gj5n]PTNpYv#j0/lA`wj``kA[_n_7/?'%>B`_xItp[8.*bpRz*qF1`*bfXl-B<HU
.bidswitch.net/ Name: tuuid_lu
Value: 1705761965
.hb.yahoo.net/ Name: visitor-id
Value: 3487635651524484000V10
.adnxs.com/ Name: XANDR_PANID
Value: 9Kl9HclxEpc6ft3U6RzvHxNjdu_iE99TS72ty92fZ48Pv3_VC5x9ZXVzHSDphXPfXYI-si99QmVmUb22t14UYwXQePVIFeFS22DUpxSRcCE.
.omnitagjs.com/ Name: ayl_visitor
Value: 2565554e4f12f399b1fc281f21449717
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1L4DJzQLr2QfmpirB19kvuLX1pLMJgX3N3vo/0U9wp4mr9QeEqOzk
.bluekai.com/ Name: bku
Value: uUW99vlz3tVhtWXg
.bing.com/ Name: MUID
Value: 20E4E72C5A7F6BB21E73F3205BD86A19
.c.bing.com/ Name: MR
Value: 0
.ads.stickyadstv.com/ Name: UID
Value: 49e56c67a68e1a3333c584480a9f85d
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-kvNKh9ibiewqdvsquTsqG4V93eBmyGI1ok3PbA
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-DJ0riNibiewqdvsquTsqG4V93eC5WMWTDTCN-g&KRTB&23144-uid:k-DJ0riNibiewqdvsquTsqG4V93eC5WMWTDTCN-g&KRTB&23286-uid:k-DJ0riNibiewqdvsquTsqG4V93eC5WMWTDTCN-g&KRTB&23287-uid:k-DJ0riNibiewqdvsquTsqG4V93eC5WMWTDTCN-g
.pubmatic.com/ Name: PugT
Value: 1705761965
.postrelease.com/ Name: visitor
Value: f5434b5c-29ab-45d0-86ca-2033b3b7c7ea
.postrelease.com/ Name: status
Value: 0
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.demdex.net/ Name: demdex
Value: 29784340908599051750643864219342341052
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22a3e605d0-b7a2-11ee-a266-0b1919e51d85%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%22a3e605d0-b7a2-11ee-a266-0b1919e51d85%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22a3e605d0-b7a2-11ee-a266-0b1919e51d85%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%22a3e605d0-b7a2-11ee-a266-0b1919e51d85%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-dc78atibiewqdvsquTsqG4V93eBlGlVDl3WlrA%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/ Name: CMID
Value: ZavcrccJXxcYsYdyZ8ATHgAA
.casalemedia.com/ Name: CMPS
Value: 1478
.casalemedia.com/ Name: CMPRO
Value: 1478
.liadm.com/ Name: lidid
Value: d52adde5-6906-482f-ac90-01900c12556e
.yahoo.com/ Name: A3
Value: d=AQABBK3cq2UCENQSf2ACVycqsbLwCqSRhGIFEgEBAQEurWW1ZdxH0iMA_eMAAA&S=AQAAAmp9rXrdUXyDCkbhHIBMz54
.dpm.demdex.net/ Name: dpm
Value: 29784340908599051750643864219342341052
.sharethrough.com/ Name: stx_user_id
Value: 0a4b6e9d-f4cb-4deb-9d0d-3f0514842a86
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~2gae:19e0~2gae"
.adsrvr.org/ Name: TDID
Value: b8ff7404-c182-4cce-8290-9c6698f6165f
.smaato.net/ Name: SCM
Value: 5fd33a7f78
.hb.yahoo.net/ Name: data-crt
Value: k-MfHzVdibiewqdvsquTsqG4V93eATHXKKww19mQ~~63
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjQqNG5qPTMPBAFOAE.
.agkn.com/ Name: ab
Value: 0001%3AnrmfD%2FV0GHu5mckC%2FQNkbVZESIi8PPXy
.rezync.com/ Name: zync-uuid
Value: dbb5b680-9801-45cd-84bc-9c40326af15d:1705761966.4895737
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzKxMLW0MDY1NjI1FOIz1DUOKnIMMS3x9HeJrAAAvpfaWCQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzKxMLW0MDY1NjI1FOIz1DUOKnIMMS3x9HeJrAAAvpfaWCQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIuRGAQAgAwAqMrg4c8HjtRmAsyNDQSg0dw91rWGdKqiOEIwFLNThnQRTj3PQ4SXonQzGlUF3ZQ2zaPZYvLfj5W16768wAWgAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4EACHNiNwFiIlWf3vzBVVh5MGSyk1kOh1ZStvJe_n9g8Aja4pPutkYaNAzWY4m06AAAA
.rqtrk.eu/ Name: browser_id
Value: 1:57606e67-5a1d-4cf2-99e1-98bc28c3bbf6
.mediawallahscript.com/ Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024
Value: %7B%221pVtae%22%3A1%7D
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOgyAQANC7zFoaYJiB4TJGPk1IK21ENzXevS5f8k6Yv3Vbl177DnHfjjpBfrdbA-IJo_3W-oIIIh6RrQskAQktGbgmGHWM9ulzK3cpKVHioJUEbZSjXFRwKSvJTqPl5WmoROM1eTbC_HBByKOH6w-XRiWG.Zavcrw.gTNGaNXT_-NyEtkRiHAzW9bUq7Q
.pippio.com/ Name: did
Value: K5v-bBH2GuHl9cL7
.pippio.com/ Name: didts
Value: 1705761967
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=

24 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'unoptimized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'unsized-media'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: clipboard-write, accelerometer, autoplay, camera, ch-device-memory, ch-downlink, ch-dpr, ch-ect, ch-prefers-color-scheme, ch-rtt, ch-ua, ch-ua-arch, ch-ua-bitness, ch-ua-full-version, ch-ua-mobile, ch-ua-model, ch-ua-platform, ch-ua-platform-version, ch-viewport-width, ch-width, clipboard-read, cross-origin-isolated, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, hid, idle-detection, magnetometer, microphone, midi, otp-credentials, picture-in-picture, publickey-credentials-get, screen-wake-lock, serial, usb, xr-spatial-tracking, gamepad. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
javascript error URL: https://bauto.xomali.ir/
Message:
Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=868186526945879&correlator=1173694766041136&eid=31080258%2C31080493%2C31080526%2C95320408%2C44807746%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x2&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705761961251&lmt=1705761961&adxs=1093&adys=1185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbauto.xomali.ir%2F&vis=1&psz=357x0&msz=357x0&fws=4&ohw=1600&ga_vid=371643982.1705761961&ga_sid=1705761961&ga_hid=1854948400&ga_fc=false&dlt=1705761958653&idt=2100&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dhp-native-main-1%26threshold%3D400%26outstream_eligible%3Dfalse&cust_params=permutive%3D%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclrm50s28002pv8m8l7etrvrz%26page_type%3Dhomepage%26ab_var%3D8_0%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled&adks=878418835&frm=20' from origin 'https://bauto.xomali.ir' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=868186526945879&correlator=1173694766041136&eid=31080258%2C31080493%2C31080526%2C95320408%2C44807746%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x2&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705761961251&lmt=1705761961&adxs=1093&adys=1185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbauto.xomali.ir%2F&vis=1&psz=357x0&msz=357x0&fws=4&ohw=1600&ga_vid=371643982.1705761961&ga_sid=1705761961&ga_hid=1854948400&ga_fc=false&dlt=1705761958653&idt=2100&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dhp-native-main-1%26threshold%3D400%26outstream_eligible%3Dfalse&cust_params=permutive%3D%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclrm50s28002pv8m8l7etrvrz%26page_type%3Dhomepage%26ab_var%3D8_0%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled&adks=878418835&frm=20
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=lrm6mowpz6mlrccw&page_view_id=lrm6mowp9fmqpq2e&content_type=website&page_title=Slate+Magazine+-+Politics%2C+Business%2C+Technology%2C+and+the+Arts&callback=jsonp965&client_id=homyv5Uzpu&site=https%3A%2F%2Fbauto.xomali.ir
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://bauto.xomali.ir/
Message:
Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=868186526945879&correlator=1173694766041136&eid=31080258%2C31080493%2C31080526%2C95320408%2C44807746%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1x3&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705761962206&lmt=1705761962&adxs=315&adys=326&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbauto.xomali.ir%2F&vis=1&psz=970x250&msz=970x250&fws=4&ohw=1600&ga_vid=371643982.1705761961&ga_sid=1705761961&ga_hid=1854948400&ga_fc=false&dlt=1705761958653&idt=2100&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dleaderboard-1%26threshold%3D400%26outstream_eligible%3Dfalse&cust_params=permutive%3D%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclrm50s28002pv8m8l7etrvrz%26page_type%3Dhomepage%26ab_var%3D8_0%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled&adks=3262606562&frm=20' from origin 'https://bauto.xomali.ir' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=868186526945879&correlator=1173694766041136&eid=31080258%2C31080493%2C31080526%2C95320408%2C44807746%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1x3&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705761962206&lmt=1705761962&adxs=315&adys=326&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbauto.xomali.ir%2F&vis=1&psz=970x250&msz=970x250&fws=4&ohw=1600&ga_vid=371643982.1705761961&ga_sid=1705761961&ga_hid=1854948400&ga_fc=false&dlt=1705761958653&idt=2100&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dleaderboard-1%26threshold%3D400%26outstream_eligible%3Dfalse&cust_params=permutive%3D%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclrm50s28002pv8m8l7etrvrz%26page_type%3Dhomepage%26ab_var%3D8_0%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled&adks=3262606562&frm=20
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794295919/?random=1705761963337&cv=11&fst=1705761963337&bg=ffffff&guid=ON&async=1&gtm=45be41h0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbauto.xomali.ir%2F&hn=www.googleadservices.com&frm=0&tiba=Slate%20Magazine%20-%20Politics%2C%20Business%2C%20Technology%2C%20and%20the%20Arts&us_privacy=1---&auid=105633213.1705761963&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co
aa.agkn.com
ad.360yield.com
ads.stickyadstv.com
api.permutive.com
api2.amplitude.com
ats-wrapper.privacymanager.io
bauto.xomali.ir
c.amazon-adsystem.com
c.bing.com
cd.connatix.com
cdn.amplitude.com
cdn.cookielaw.org
cdn.cxense.com
cdn.permutive.com
cdn.taboola.com
cdn.tinypass.com
ceb7f8509f7387f3c86f4d191992fad6.safeframe.googlesyndication.com
cm.g.doubleclick.net
compote.slate.com
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
experience.tinypass.com
fpa-cdn.slate.com
fpa-events.slate.com
geo.privacymanager.io
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i.liadm.com
ib.adnxs.com
id.tinypass.com
jadserve.postrelease.com
live.rezync.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pippio.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sslwidget.criteo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
tags.bluekai.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
ws.rqtrk.eu
www.facebook.com
www.google.com
www.googletagmanager.com
www.npttech.com
x.bidswitch.net
securepubads.g.doubleclick.net
107.178.254.65
107.23.204.122
108.157.142.115
108.157.142.48
108.157.148.226
108.157.150.29
108.157.150.35
108.157.150.7
108.157.153.164
141.226.224.48
142.251.167.155
151.101.194.133
151.101.65.44
172.64.146.152
172.64.151.101
18.210.237.60
18.235.212.218
195.244.31.10
199.38.167.131
23.105.12.120
23.222.197.151
23.39.185.111
23.40.207.64
23.48.8.28
2600:1408:20:38d::268b
2600:9000:24f8:6200:1b:5138:8a40:93a1
2606:4700:3030::6815:25c7
2606:4700:4400::ac40:9b77
2606:4700::6811:7611
2606:4700::6812:83ec
2606:4700::6812:b07e
2606:4700:e6::ac40:ce09
2607:f8b0:4004:c09::84
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::93
2620:100:a001::c
2620:100:a001::f
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.209.115.69
3.225.218.10
34.107.254.252
34.194.161.83
34.195.165.211
35.211.178.172
35.241.9.51
35.71.131.137
35.71.139.29
35.84.127.182
44.218.163.194
50.19.136.150
50.19.176.119
51.222.241.106
52.54.107.248
52.86.33.22
54.198.189.169
63.251.28.234
68.67.179.155
70.42.32.127
74.119.119.139
74.119.119.150
8.28.7.83
8.43.72.97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07933861209e28131bb69e64f37c37afdd2999678f8a147f6a6bab05ae7148b8
0a2c9f09cfa16e699b286a0891533dcc1a6da1efd49b71931f12bbb48bb7187e
0a95f1152e40660937302f43f7d0ac1e45123b34cf7fba3d04587df3d3cb4bb7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f311d8aa7e370357ab10b71e399d73cddd2c90d6cc75f3168897ff386241888
127684a7a2984aa5f6deeafb2b1b6c27cec577c472bec44bbb9ea4ac67f502ff
1286526d3c57be0dac0408695d91a37bbeb6484e10943eed9b4e6bbf03a2a4ac
1405e38c8d4d815d56efc6eec6865289cd34ac551e0835c82289b7c3e81f31eb
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19be3494bf9d4471c2f48972046012666f28a0cb0912d56490467eb84d22b641
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
237a6570eb880a13aee42bf274b1c2469453755b518b12b7fedc768fd839318e
24529a9c4c48aec12b135d582649d84c12713c844f3c9b7eacb31d16694057f3
2856b9d8b0ccfbcb1a569882114ef8e889281a2d3034988a5c1a58b9efb5371a
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2d6532503517dc33a226156c4beecefadd88096a0af5d9d3ba3c082f2601f157
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3c6e24a24df7645c5eb0b948aeb760b53990175f8f980ea14045ed7007ac13d3
3c6e38e6ff85fd7d37b784fa3473bf7748bd699c5aa31c71a066ad7e0d52bd17
3eb59b80fac02f84de6115b5fbda6bdc0855835195edb7083a0773c208ccb5a2
43cecb942dedd0e30e6cf86a69f8d7fbcec2b02c909fc6cab118f23c84d5d5c0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
49f353bb42cb724a409d8e592ed28e9880b0053670c4f0684f262a61a592c058
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4c402089728feaaaac6c08af3bb57137bf207296804bc1370ec9fe6579498a0a
4c9430d5853d971c4137284387bd2d4ead073955f9607a88424024c14407d009
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc0877e9979bb1ad14dc062667ccab419a29746d240cd7cbb84a78beed45cfe
50832693980e5c77ec736487ce344a40bee1e0e241cf9a4b756b8673bc346854
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58ae70a7055fc061f4772494e0a3e6fe63729414ac6a1c6dd362101a124f7bd3
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5bd909b8bef25305eab3c01341369df8eeace213432077753bcfeaf5c922bb28
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60a4663e07b33114962ad76b42315bde1383f7f2724a11aa2e36228a5b7dd02a
61131d22c8ac0848a6aadba1005ccd81e17f9b6e86e215b494883f77a24fdd89
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c065e668729c733fc85bcd0a6503faf9b2931d2967b0552e9db845277e20cd
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
695c8f94fdc48e9404c1e5baf9e7006f24c541f9f5273f1400530828f9fa8f66
6affc43b2e71979bfbb1d0270c92f42165b313b045abdc90bf5f74b7fa7e84c2
6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
77f1049a76c92d1b45e0751002bf59f26635d00018946c64213a4c43a840bd1c
7b4cd976b8ecd9dc78e3042692b91de6173d8633c411e374f418dfaa5c889b91
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
804c82c1f71019d6f077585d76d632a0359fffe3ef1c5b3a3cbfc80319b4aff3
85959941ab12a5f6a9debebbf56c7b1471d829a390444ee7ca96116afc7b8ff2
86c144af7d301fb3ae0165ee310da09e4e3f26920d171f5b29a13475792d7f24
8796a798ce8f3e7d4dc29beee5f75f91bb98195a88264ea1b58532ea3787e931
87b713d0c79c32d241379b6896fe2feab1ec263157d983a3c704a5a016df3a99
88da1049e32a51998d094a3ae3b89c5152517f539879adebfce9fd24058637df
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ac621592b8f0b6e334f0663e675c2355021d9900c346bf8845f90815a314e1
a571c0d8f7c25bd282e8d038c5c2c8cb13b094f9e0a756989e3764bba404ee1f
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1af11c32d42ff7931eb8ca57c539ed1f6c7da50a729c24c40b98bcba83d181b
b24ba19d40537ee50e1e38e08a74b0c65ecc8e9ca5fc250c31a2a5c4005d1905
b3f3e1b209eebcd0ae7a1d19aa7d7bc6a7753995a2e412a5933c97dbe040112f
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beb37fd5b1fef2fb3cc21607104c5bd8e92923361468d6254c623927c3fb9c82
bf268c4daa88c0598eb50eb58581a11bd5656f1c285410afaebf1fc93cb91309
c0967face1b9400b00f5519e88c54ba0af06f30b733ad8dc786f669f4cfc820a
c2b4700d49a18bb29aa7bdfebcb6df3ddc2bb7f672a5e128f5d2979722693b9d
cae879df9e9203b60ca482e1723bc15ffda91285b95b30636ad3f468b1b8aae7
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
cdd0e648d34149cd95588065acc32cc5c5ae126b2143bc5f2a986f7b16fd297e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5111bcdbe5f5df8ad6ebee69309d70fbf8ba287f816d39ee3ff848b1110767
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d42bb800a50ddbf348ff64fa765ef182f93e2f8b64d65fc6ed2f5f97d602e64d
dc123e1fdfe40c519213aed6431da35e0b5aa556e35dce4a4146417f02a335c3
e351a4def3c5e76899bac16564adac935392a33d627a7e478b8f83a09f0d5045
e38ff44af0aba0b00802f0948b3ec52a0d15a9f4e3ef19a7f6173caa6a7fc72e
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e941afb84eb88968bdf93ee42a99941485f8a78b311577b0b3845e5ca78eba90
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f2f5996735ffed762a680d48858858502b52c2c32509a5c5f598c5d9f2fdcaea
f3bbdffc487e693a5f03f14ac6a5925b9647814c3095f68e13251fdcd66920cf
f4b41cde4aadd8b2f22b1c66a62c75df9187e428e5a16091f3a69b0cbdf233c3
fad1465ec2456fd39f0b19048529729e8de572fa8797f7381eb3ec7da6e3e1f1
fb6217c1529c91f36160647650aeac4d32c8fd2a44de21abfb85e5499feb93b5
ff6ebe7daa627065f1b1042c806811bbfe007c6f272ae93f3ff1fff99aa87aad