landing.getz.ir Open in urlscan Pro
185.173.105.126  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request tEoRx Show response landing.getz.ir/	4 KB 2 KB	512ms 298ms	Document text/html	185.173.105.126 HOSTIRAN-NETWORK
General Check archive.org Show headers Download Go to Full URL https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.173.105.126 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR), Reverse DNS 185-173-105-126.static.hostiran.name Software / Resource Hash ec57785b4211874ff7b7693fb8fded44c51701b400604618edcbffa727d50b25 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers cache-control alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-cache, private content-encoding br content-length 1446 content-type text/html; charset=UTF-8 date Mon, 14 Aug 2023 08:34:36 GMT vary Accept-Encoding,User-Agent
GET H2	200	retargeting.js Show response s1.mediaad.org/serve/1182/	11 KB 4 KB	293ms 92ms	Script application/javascript	45.94.254.25 SINDAD
General Check archive.org Show headers Download Go to Full URL https://s1.mediaad.org/serve/1182/retargeting.js Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.94.254.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software / Resource Hash 9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-expose-headers x-requested-with cache-control max-age=300, max-age=300 access-control-allow-credentials false access-control-allow-headers x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
GET H2	200	gtm.js Show response www.googletagmanager.com/	108 KB 42 KB	210ms 29ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MRPGQHJ Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 54409e8f34abfac6abf176d3c9f3312bebb0bd7d169223ad26e37f880b498712 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43048 x-xss-protection 0 last-modified Mon, 14 Aug 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 14 Aug 2023 08:34:36 GMT
GET H2	200	rg.complete.js Show response cdn.yektanet.com/rg_woebegone/scripts_v3/AFbNlZ4p/	30 KB 12 KB	240ms 62ms	Script application/javascript	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://cdn.yektanet.com/rg_woebegone/scripts_v3/AFbNlZ4p/rg.complete.js?v=202307014010 Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash c273adbc8856a31cec992751de2c6ee32c0f4c29e4bedf36b73eda56ae2bcff1 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding gzip x-cache HIT server-timing total;dur=0 x-xss-protection 1; mode=block x-request-id 0d6a51c14bdadbc3bc18584f134f43c3 x-sid 4103 last-modified Sun, 14 May 2023 13:25:20 GMT server ArvanCloud etag W/"6fe4aed5260d122d9e5c3ac31cce4e92" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-rgw-object-type Normal access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Mon, 14 Aug 2023 09:34:36 GMT
GET H2	200	rg.complete.js Show response cdn.yektanet.com/rg_woebegone/scripts_v3/0CY69Z2d/	29 KB 12 KB	267ms 89ms	Script application/javascript	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://cdn.yektanet.com/rg_woebegone/scripts_v3/0CY69Z2d/rg.complete.js?v=202307014010 Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash f23f0003c15339958f3fae19e2302eccd9fad6e6e0ba19a53a6ce2c29d0e394e Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding gzip x-cache HIT server-timing total;dur=0 x-xss-protection 1; mode=block x-request-id 6bba14d4b75a011dce1bc787d03f1701 x-sid 4103 last-modified Sun, 14 May 2023 15:32:42 GMT server ArvanCloud etag W/"0bb116cf7a6652f52b61e040839b9f30" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-rgw-object-type Normal access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Mon, 14 Aug 2023 09:34:36 GMT
GET H2	200	rg.complete.js Show response cdn.yektanet.com/rg_woebegone/scripts_v3/bSvQomVT/	29 KB 12 KB	282ms 104ms	Script application/javascript	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://cdn.yektanet.com/rg_woebegone/scripts_v3/bSvQomVT/rg.complete.js?v=202307014010 Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash 50c2218733433bddb18d9c4482c1966c0e77d69f6ff1a2d1e36dae702f108d87 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding gzip x-cache HIT server-timing total;dur=0 x-xss-protection 1; mode=block x-request-id 0f5064f09881953d2efd82f391836fc5 x-sid 4103 last-modified Sun, 14 May 2023 12:30:58 GMT server ArvanCloud etag W/"93d580a34049ced03a64e231c7ddd53b" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-rgw-object-type Normal access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Mon, 14 Aug 2023 09:34:36 GMT
GET H2	200	rg.complete.js Show response cdn.yektanet.com/rg_woebegone/scripts_v3/N5Hoalpj/	29 KB 12 KB	300ms 122ms	Script application/javascript	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://cdn.yektanet.com/rg_woebegone/scripts_v3/N5Hoalpj/rg.complete.js?v=202307014010 Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash 12b87ee50b4e929a6f0d3c0398d9295b4e8f894e739632e57b85dfbb137abd66 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding gzip x-cache HIT server-timing total;dur=0 x-xss-protection 1; mode=block x-request-id c9f1fa13345a3c7c8c6091a4b4de5909 x-sid 4103 last-modified Sun, 14 May 2023 14:06:22 GMT server ArvanCloud etag W/"3d84f537ad18a4920feda14e8ed5b125" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-rgw-object-type Normal access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization expires Mon, 14 Aug 2023 09:34:36 GMT
GET H2	200	tEoRx Show response landing.getz.ir/api/public/landing/get-template-path/	69 B 148 B	317ms 315ms	Fetch application/json	185.173.105.126 HOSTIRAN-NETWORK
General Check archive.org Show headers Download Go to Full URL https://landing.getz.ir/api/public/landing/get-template-path/tEoRx Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.173.105.126 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR), Reverse DNS 185-173-105-126.static.hostiran.name Software / Resource Hash dd7b5a55755a0edd1b3021193106a945ce5abd4972ae2f784d1b6a9b4b793a28 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/tEoRx?utm_source=yektanet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding br x-ratelimit-remaining 59 vary Accept-Encoding,User-Agent content-type application/json access-control-allow-origin * cache-control no-cache, private x-ratelimit-limit 60 access-control-allow-headers cache-control content-length 58
GET H2	200	js Show response www.googletagmanager.com/gtag/	266 KB 88 KB	34ms 33ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q5SMPMSQ6Y&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRPGQHJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 89ca384026cac1aa23f75f9de8ce8cdc687c4b691e5770c89aade0786aae938e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90349 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 14 Aug 2023 08:34:36 GMT
GET H2	200	/ Show response audience.yektanet.com/api/v1/scripts/preview/validate/	5 B 443 B	139ms 131ms	XHR application/json	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=46R4nvVN Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/AFbNlZ4p/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT x-cache BYPASS server-timing total;dur=88 content-length 5 x-xss-protection 1; mode=block x-request-id 8265201166f882c62f313780d109c66e x-sid 4103 pragma no-cache server ArvanCloud allow GET, OPTIONS access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin https://landing.getz.ir cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization expires 0
GET H2	200	/ Show response ua.yektanet.com/cookie/iframe/ Frame 926F	3 KB 1 KB	221ms 220ms	Document text/html	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://ua.yektanet.com/cookie/iframe/ Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/AFbNlZ4p/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://landing.getz.ir/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 content-encoding br content-type text/html date Mon, 14 Aug 2023 08:34:37 GMT expires 0 last-modified Monday, 14-Aug-2023 08:34:37 GMT pragma no-cache server ArvanCloud server-timing total;dur=84 vary Accept-Encoding x-cache BYPASS x-request-id 1ffebd3ef02cef5a6b519ddddea54e3c x-sid 4103 x-xss-protection 1; mode=block
POST H2	200	__fake.gif ua.yektanet.com/	42 B 693 B	164ms 157ms	Ping image/gif	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=3f1ef625-3d2b-4ed7-840b-300a2e77c01a&abj=1&aed=adv&abh=18762&sv=3&st=rg.complete.js&psc=250&psi=538&ac=https%3A%2F%2Flanding.getz.ir%2FtEoRx%3Futm_source%3Dyektanet&ae=%7B%22utm_source%22%3A%22yektanet%22%7D&ad=landing.getz.ir&as=Site&aef=46R4nvVN&aec=56969&aaa=yektanet&ai=f9c42f66-e90a-c032-0344-0bc421c99b24&abw=1584&abb=0&aby=1600&abz=1200&al=1600&am=1200&abk= Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/AFbNlZ4p/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers expires 0 pragma no-cache date Mon, 14 Aug 2023 08:34:36 GMT last-modified Monday, 14-Aug-2023 08:34:36 GMT server ArvanCloud content-type image/gif cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 server-timing total;dur=94 accept-ranges bytes content-length 42 x-xss-protection 1; mode=block x-request-id dbab6663c02a1f3908285189cb2498cb x-sid 4103
GET H2	200	/ Show response audience.yektanet.com/api/v1/scripts/preview/validate/	5 B 444 B	159ms 158ms	XHR application/json	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=Nz8dnYIB Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/0CY69Z2d/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT x-cache BYPASS server-timing total;dur=116 content-length 5 x-xss-protection 1; mode=block x-request-id 82576820c083e6f165af54ebaf3d4568 x-sid 4103 pragma no-cache server ArvanCloud allow GET, OPTIONS access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin https://landing.getz.ir cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization expires 0
POST H2	200	__fake.gif ua.yektanet.com/	42 B 693 B	135ms 135ms	Ping image/gif	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=4b141ccf-1f90-4c07-9902-8f78e44d0b28&abj=1&aed=adv&abh=53019&sv=3&st=rg.complete.js&psc=276&psi=538&ac=https%3A%2F%2Flanding.getz.ir%2FtEoRx%3Futm_source%3Dyektanet&ae=%7B%22utm_source%22%3A%22yektanet%22%7D&ad=landing.getz.ir&as=Site&aef=Nz8dnYIB&aec=153045&aaa=yektanet&ai=f9c42f66-e90a-c032-0344-0bc421c99b24&abw=1584&abb=0&aby=1600&abz=1200&al=1600&am=1200&abk= Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/0CY69Z2d/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers expires 0 pragma no-cache date Mon, 14 Aug 2023 08:34:36 GMT last-modified Monday, 14-Aug-2023 08:34:36 GMT server ArvanCloud content-type image/gif cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 server-timing total;dur=89 accept-ranges bytes content-length 42 x-xss-protection 1; mode=block x-request-id 7b98c7721b8af44252accf7df81131f5 x-sid 4103
GET H2	200	advertiser.json Show response ma-cdn.pegah.tech/v1/retargeting/1182/	344 B 708 B	635ms 211ms	XHR application/json	45.94.254.24 SINDAD
General Check archive.org Show headers Download Go to Full URL https://ma-cdn.pegah.tech/v1/retargeting/1182/advertiser.json Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/1182/retargeting.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software / Resource Hash 21bb822f2b040d85cf8a23ee555ea2c221f87b84cc4b914d60900827a9b85863 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:37 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip vary Accept-Encoding access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE content-type application/json;charset=UTF-8 access-control-allow-origin * access-control-expose-headers x-requested-with cache-control max-age=300 access-control-allow-credentials false access-control-allow-headers x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
GET H2	200	/ Show response audience.yektanet.com/api/v1/scripts/preview/validate/	5 B 443 B	148ms 148ms	XHR application/json	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=DEIWBdn2 Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/bSvQomVT/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT x-cache BYPASS server-timing total;dur=99 content-length 5 x-xss-protection 1; mode=block x-request-id 990e0047512eecb57542aa2b1e6d4df3 x-sid 4103 pragma no-cache server ArvanCloud allow GET, OPTIONS access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin https://landing.getz.ir cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization expires 0
POST H2	200	__fake.gif ua.yektanet.com/	42 B 693 B	145ms 145ms	Ping image/gif	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=c913cf5d-8522-4b59-aae8-6f75b0255f09&abj=1&aed=adv&abh=18797&sv=3&st=rg.complete.js&psc=292&psi=538&ac=https%3A%2F%2Flanding.getz.ir%2FtEoRx%3Futm_source%3Dyektanet&ae=%7B%22utm_source%22%3A%22yektanet%22%7D&ad=landing.getz.ir&as=Site&aef=DEIWBdn2&aec=56967&aaa=yektanet&ai=f9c42f66-e90a-c032-0344-0bc421c99b24&abw=1584&abb=0&aby=1600&abz=1200&al=1600&am=1200&abk= Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/bSvQomVT/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers expires 0 pragma no-cache date Mon, 14 Aug 2023 08:34:36 GMT last-modified Monday, 14-Aug-2023 08:34:36 GMT server ArvanCloud content-type image/gif cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 server-timing total;dur=91 accept-ranges bytes content-length 42 x-xss-protection 1; mode=block x-request-id b36775008bf04c1b26663296853ddbbc x-sid 4103
POST H2	204	collect region1.google-analytics.com/g/	0 245 B	399ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q5SMPMSQ6Y&gtm=45je3890&_p=1965874779&cid=1157809142.1692002077&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692002076&sct=1&seg=0&dl=https%3A%2F%2Flanding.getz.ir%2FtEoRx%3Futm_source%3Dyektanet&dt=Site&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q5SMPMSQ6Y&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 14 Aug 2023 08:34:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://landing.getz.ir cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	main.60491dc5.js Show response landing.getz.ir/templates/sormee/static/js/	385 KB 110 KB	90ms 89ms	Script application/javascript	185.173.105.126 HOSTIRAN-NETWORK
General Check archive.org Show headers Download Go to Full URL https://landing.getz.ir/templates/sormee/static/js/main.60491dc5.js Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H3 Security QUIC, , AES_128_GCM Server 185.173.105.126 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR), Reverse DNS 185-173-105-126.static.hostiran.name Software / Resource Hash e6944b2ec0791af3be7e39d02275c2bab02f2cfe015fe7ccdbc1399ba2f5672d Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/tEoRx?utm_source=yektanet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding br last-modified Tue, 01 Aug 2023 08:59:52 GMT etag "605cc-64c8c988-4647f2ba06b611b8;br" vary Accept-Encoding,User-Agent content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes access-control-allow-headers cache-control content-length 112714 alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" expires Mon, 21 Aug 2023 08:34:36 GMT
GET H3	200	main.7e38c6f4.css landing.getz.ir/templates/sormee/static/css/	266 KB 33 KB	178ms 178ms	Stylesheet text/css	185.173.105.126 HOSTIRAN-NETWORK
General Check archive.org Show headers Download Go to Full URL https://landing.getz.ir/templates/sormee/static/css/main.7e38c6f4.css Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H3 Security QUIC, , AES_128_GCM Server 185.173.105.126 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR), Reverse DNS 185-173-105-126.static.hostiran.name Software / Resource Hash 221d718114b0a90a3d98e98cbec57767f49248706d0706e8cc68bd15dce686a5 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/tEoRx?utm_source=yektanet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT content-encoding br last-modified Tue, 01 Aug 2023 08:59:52 GMT etag "42603-64c8c988-41a403b3db62c762;br" vary Accept-Encoding,User-Agent content-type text/css access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes access-control-allow-headers cache-control content-length 33583 expires Mon, 21 Aug 2023 08:34:36 GMT
GET H2	200	/ Show response audience.yektanet.com/api/v1/scripts/preview/validate/	5 B 444 B	153ms 153ms	XHR application/json	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=g0wPzXVD Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/N5Hoalpj/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:36 GMT x-cache BYPASS server-timing total;dur=112 content-length 5 x-xss-protection 1; mode=block x-request-id 819ca84f66f21115f2950c023779eb0a x-sid 4103 pragma no-cache server ArvanCloud allow GET, OPTIONS access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin https://landing.getz.ir cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization expires 0
POST H2	200	__fake.gif ua.yektanet.com/	42 B 694 B	143ms 143ms	Ping image/gif	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=7f15d9b8-8124-42db-a225-d117fa43649f&abj=1&aed=adv&abh=18789&sv=3&st=rg.complete.js&psc=334&psi=538&ac=https%3A%2F%2Flanding.getz.ir%2FtEoRx%3Futm_source%3Dyektanet&ae=%7B%22utm_source%22%3A%22yektanet%22%7D&ad=landing.getz.ir&as=Site&aef=g0wPzXVD&aec=56966&aaa=yektanet&ai=f9c42f66-e90a-c032-0344-0bc421c99b24&abw=1584&abb=0&aby=1600&abz=1200&al=1600&am=1200&abk= Requested by Host: cdn.yektanet.com URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/N5Hoalpj/rg.complete.js?v=202307014010 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers expires 0 pragma no-cache date Mon, 14 Aug 2023 08:34:36 GMT last-modified Monday, 14-Aug-2023 08:34:36 GMT server ArvanCloud content-type image/gif cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 server-timing total;dur=100 accept-ranges bytes content-length 42 x-xss-protection 1; mode=block x-request-id a2a629b8e3bb3e76230b23dc4522191d x-sid 4103
GET H3	200	tEoRx.json Show response landing.getz.ir/templates/json/	3 KB 932 B	179ms 179ms	Fetch application/json	185.173.105.126 HOSTIRAN-NETWORK
General Check archive.org Show headers Download Go to Full URL https://landing.getz.ir/templates/json/tEoRx.json Requested by Host: landing.getz.ir URL: https://landing.getz.ir/templates/sormee/static/js/main.60491dc5.js Protocol H3 Security QUIC, , AES_128_GCM Server 185.173.105.126 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR), Reverse DNS 185-173-105-126.static.hostiran.name Software / Resource Hash ede8de5e8b6f7697cfe8f7bb650e459ce47acc10d84cd5512f6c258bf0347f62 Request headers Cache-Control no-cache Referer https://landing.getz.ir/tEoRx?utm_source=yektanet accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:37 GMT content-encoding br last-modified Mon, 24 Jul 2023 07:25:37 GMT etag "b37-64be2771-ec0dd9b4fbec522c;br" vary Accept-Encoding,User-Agent content-type application/json access-control-allow-origin * accept-ranges bytes access-control-allow-headers cache-control content-length 836
GET H2	200	fingerprint.html Show response mediacdn.mediaad.org/static/ Frame DA5C	4 KB 2 KB	339ms 103ms	Document text/html	46.245.80.243 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://mediacdn.mediaad.org/static/fingerprint.html Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/1182/retargeting.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.245.80.243 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS Software / Resource Hash 0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://landing.getz.ir/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials false access-control-allow-headers x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin * access-control-expose-headers x-requested-with cache-control max-age=86400 public content-encoding gzip content-type text/html;charset=UTF-8 date Mon, 14 Aug 2023 08:34:37 GMT expires Mon, 14 Aug 2023 12:38:00 GMT strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-cache-status HIT x-cache-status-asiatech HIT
GET H2	200	set Show response ua.yektanet.com/cookie/ Frame 926F	78 B 806 B	140ms 140ms	XHR application/json	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://ua.yektanet.com/cookie/set Requested by Host: ua.yektanet.com URL: https://ua.yektanet.com/cookie/iframe/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash e4621c2b1d6175b831c5092f11ab9ca5220c091bc781a29346d74042729c200b Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ua.yektanet.com/cookie/iframe/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:37 GMT content-encoding br x-cache BYPASS server-timing total;dur=98 x-xss-protection 1; mode=block x-request-id d90dad4bc3d4bfdf711107f9c3883419 x-sid 4103 pragma no-cache last-modified Monday, 14-Aug-2023 08:34:37 GMT server ArvanCloud vary Accept-Encoding access-control-allow-methods GET content-type application/json cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true expires 0
GET H2	206	1687936516.mp4 cdn.hamkadeh.com/up-files/	3 MB 0	257ms 64ms	Media video/mp4	185.143.234.120 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL https://cdn.hamkadeh.com/up-files/1687936516.mp4 Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / Resource Hash Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://landing.getz.ir/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Range bytes=0- Response headers date Mon, 14 Aug 2023 08:34:37 GMT last-modified Tue, 27 Jun 2023 07:42:40 GMT server ArvanCloud etag "649a92f0-4ce485" x-cache HIT content-type video/mp4 Content-Range bytes 0-5039236/5039237 server-timing total;dur=0 Content-Length 5039237 x-xss-protection 1; mode=block x-request-id 8189757609bd589a7e16b1a957eb2bd9 x-sid 4101
GET DATA	200 OK	truncated /	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	IRANSansWeb(FaNum).woff landing.getz.ir/templates/sormee/fonts/	34 KB 34 KB	90ms 89ms	Font application/x-font-woff	185.173.105.126 HOSTIRAN-NETWORK
General Check archive.org Show headers Download Go to Full URL https://landing.getz.ir/templates/sormee/fonts/IRANSansWeb(FaNum).woff Requested by Host: landing.getz.ir URL: https://landing.getz.ir/tEoRx?utm_source=yektanet Protocol H3 Security QUIC, , AES_128_GCM Server 185.173.105.126 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR), Reverse DNS 185-173-105-126.static.hostiran.name Software / Resource Hash c49c3a7b3b6a6238cf5009c0f7f1646fd259e71c1f599537d76c0dcdab59d061 Request headers Referer https://landing.getz.ir/tEoRx?utm_source=yektanet Origin https://landing.getz.ir accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 08:34:37 GMT last-modified Sun, 16 Jul 2023 11:40:58 GMT etag "8959-64b3d74a-26c26700301ef151;;;" vary User-Agent content-type application/x-font-woff access-control-allow-origin * accept-ranges bytes access-control-allow-headers cache-control content-length 35161
GET DATA	200 OK	truncated /	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
OPTIONS H2	200	tag api.mediaad.org/v1/events/ Frame	0 0	289ms 88ms	Preflight	45.94.255.25 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/tag?fid=164cd007-b613-49eb-9a44-23fcae6b62b4&c=false Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.cloud Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://landing.getz.ir Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://landing.getz.ir access-control-expose-headers x-requested-with content-length 0 date Mon, 14 Aug 2023 08:34:37 GMT strict-transport-security max-age=15724800; includeSubDomains
OPTIONS H2	200	loaded api.mediaad.org/v2/events/page/ Frame	0 0	289ms 88ms	Preflight	45.94.255.25 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v2/events/page/loaded Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.cloud Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://landing.getz.ir Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://landing.getz.ir access-control-expose-headers x-requested-with content-length 0 date Mon, 14 Aug 2023 08:34:37 GMT strict-transport-security max-age=15724800; includeSubDomains
POST H2	200	tag Show response api.mediaad.org/v1/events/	0 479 B	277ms 91ms	XHR text/plain	45.94.255.25 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/tag?fid=164cd007-b613-49eb-9a44-23fcae6b62b4&c=false Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/1182/retargeting.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.cloud Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://landing.getz.ir/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Mon, 14 Aug 2023 08:34:38 GMT strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://landing.getz.ir access-control-expose-headers x-requested-with access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token content-length 0
POST H2	200	loaded Show response api.mediaad.org/v2/events/page/	0 498 B	279ms 94ms	XHR text/plain	45.94.255.25 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v2/events/page/loaded Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/1182/retargeting.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.cloud Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://landing.getz.ir/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Mon, 14 Aug 2023 08:34:38 GMT strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE content-type text/plain;charset=UTF-8 access-control-allow-origin https://landing.getz.ir access-control-expose-headers x-requested-with access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token content-length 0
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	18ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q5SMPMSQ6Y&gtm=45je3890&_p=1965874779&cid=1157809142.1692002077&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692002076&sct=1&seg=0&dl=https%3A%2F%2Flanding.getz.ir%2FtEoRx%3Futm_source%3Dyektanet&dt=Site&en=scroll&epn.percent_scrolled=90&_et=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q5SMPMSQ6Y&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.getz.ir/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 14 Aug 2023 08:34:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://landing.getz.ir cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer string| yektanetAnalyticsObject function| yektanet object| google_tag_manager object| google_tag_data object| ynWebpackJsonp boolean| yektanet_ua-script-46R4nvVN_is_loaded boolean| mediaadRetargetingScriptLoaded boolean| yektanet_ua-script-Nz8dnYIB_is_loaded boolean| yektanet_ua-script-DEIWBdn2_is_loaded function| onYouTubeIframeAPIReady object| gaGlobal boolean| yektanet_ua-script-g0wPzXVD_is_loaded number| uidEvent

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			landing.getz.ir/	1970-01-20 14:00:09	Name: XSRF-TOKEN Value: eyJpdiI6IlRoTXJjNVBQeHZjY0NYV1ROOUw2bEE9PSIsInZhbHVlIjoicUdXYnlXdDcycHltMVNnK3d3M2FvUHJudDZZdlFTT0dJYkNZbzR5eFZkMStkZWlmNnY2ODgxSHdIQWw2QS9Td0lsVDZRejFROEdsaUk3bVM5TEgyT2RWZTMyWFN3dkh6R2YxOS9WUWk5cTJNK2Q3ZitsZEhPWUVtdkQzUU53WkkiLCJtYWMiOiIyZDA1MTlmMTY5NTlmNDNjNDg4MWUzNWFjMWZlMDIxOGZmZGI0M2ZmMGM0YzEyN2M0NGFjY2RmMTdmN2MxOWI0IiwidGFnIjoiIn0%3D
			landing.getz.ir/	1970-01-20 14:00:09	Name: laravel_session Value: eyJpdiI6IlF6dUtUMTUrQTVsSTZEaDBObm1DaXc9PSIsInZhbHVlIjoicS9pcGtTTmMvU3o2bnZwQmFGcVM1S0pQN295VEhHVllEVkNqaFF5QjlFRktCTHBvM2RxL2NzVk1LTWhJUExubk9GZTZ2QUo4T3dON3hwK1UrcWhrMnRhODdTaTJ6SGxFTTc2bW85c0o2Vm1UUWtYVitTNXA1cUlkcVJNZEpMZHkiLCJtYWMiOiI4ZDI1MjIzYTc0YmEzNTk5M2M3Yzg5NGZjZGY2MDRkODA5ODI1NmJjMjExZTkzNjMxZmIxZGIwYTVjOGQzMmZiIiwidGFnIjoiIn0%3D
			.getz.ir/	1970-01-20 22:45:38	Name: analytics_campaign Value: {%22source%22:%22yektanet%22}
			landing.getz.ir/	1970-01-20 22:45:38	Name: analytics_token Value: 6ddd7c46-3796-20c7-40cc-fc62ad20e4cd
			landing.getz.ir/	1970-01-20 14:00:03	Name: analytics_session_token Value: f9c42f66-e90a-c032-0344-0bc421c99b24
			landing.getz.ir/	1970-01-20 14:01:28	Name: yektanet_session_last_activity Value: 8/14/2023
			landing.getz.ir/	1969-12-31 23:59:59	Name: _yngt_iframe Value: 1
			.getz.ir/	1970-01-20 23:36:02	Name: _ga Value: GA1.1.1157809142.1692002077
			.getz.ir/	1970-01-20 23:36:02	Name: _ga_Q5SMPMSQ6Y Value: GS1.1.1692002076.1.0.1692002076.0.0.0
			.yektanet.com/	1970-01-20 23:36:02	Name: gearbox_ad_token Value: 4f2fafb6-60372-24a29-9632c-c58456f50dde4
			.yektanet.com/	1970-01-20 23:36:02	Name: analytics_global_token Value: 4f2fafb6-60372-24a29-9632c-c58456f50dde4
			landing.getz.ir/	1970-01-20 14:43:14	Name: _yngt Value: 4f2fafb6-60372-24a29-9632c-c58456f50dde4
			.mediaad.org/	1970-01-20 23:36:02	Name: USER_ID Value: 164cd007-b613-49eb-9a44-23fcae6b62b4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mediaad.org
audience.yektanet.com
cdn.hamkadeh.com
cdn.yektanet.com
landing.getz.ir
ma-cdn.pegah.tech
mediacdn.mediaad.org
region1.google-analytics.com
s1.mediaad.org
ua.yektanet.com
www.googletagmanager.com
185.143.234.120
185.173.105.126
2001:4860:4802:34::36
2a00:1450:4001:811::2008
45.94.254.24
45.94.254.25
45.94.255.25
46.245.80.243
0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd
12b87ee50b4e929a6f0d3c0398d9295b4e8f894e739632e57b85dfbb137abd66
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21bb822f2b040d85cf8a23ee555ea2c221f87b84cc4b914d60900827a9b85863
221d718114b0a90a3d98e98cbec57767f49248706d0706e8cc68bd15dce686a5
50c2218733433bddb18d9c4482c1966c0e77d69f6ff1a2d1e36dae702f108d87
54409e8f34abfac6abf176d3c9f3312bebb0bd7d169223ad26e37f880b498712
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
89ca384026cac1aa23f75f9de8ce8cdc687c4b691e5770c89aade0786aae938e
9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09
c273adbc8856a31cec992751de2c6ee32c0f4c29e4bedf36b73eda56ae2bcff1
c49c3a7b3b6a6238cf5009c0f7f1646fd259e71c1f599537d76c0dcdab59d061
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dd7b5a55755a0edd1b3021193106a945ce5abd4972ae2f784d1b6a9b4b793a28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4621c2b1d6175b831c5092f11ab9ca5220c091bc781a29346d74042729c200b
e6944b2ec0791af3be7e39d02275c2bab02f2cfe015fe7ccdbc1399ba2f5672d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
ec57785b4211874ff7b7693fb8fded44c51701b400604618edcbffa727d50b25
ede8de5e8b6f7697cfe8f7bb650e459ce47acc10d84cd5512f6c258bf0347f62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23f0003c15339958f3fae19e2302eccd9fad6e6e0ba19a53a6ce2c29d0e394e
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa