tabdeal.org Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tbdl.io/8NLkQ/
Effective URL:
https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Submission: On February 21 via manual (February 21st 2022, 5:12:47 pm UTC) from IR — Scanned from DE

Summary HTTP 83 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 19 domains to perform 83 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is tabdeal.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 2nd 2021. Valid for: a year.

This is the only time tabdeal.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:29f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:1c5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1 7	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:27::... 2620:1ec:27::cafe:1377	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	109.206.255.46 109.206.255.46	25264 (AADP) (AADP)
7	185.147.178.24 185.147.178.24	44932 (SABAIDEA) (SABAIDEA)
1	178.216.251.178 178.216.251.178	43754 (ASIATECH) (ASIATECH)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	185.147.162.21 185.147.162.21	43754 (ASIATECH) (ASIATECH)
2	185.105.185.162 185.105.185.162	25264 (AADP) (AADP)
1 4	185.166.104.4 185.166.104.4	202319 (CAFEBAZAAR) (CAFEBAZAAR)
1	217.182.142.36 217.182.142.36	16276 (OVH) (OVH)
83	26

1 2606:4700:3033::6815:29f0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tbdl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

tabdeal.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1c5b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 188.114.97.7 (Medellín, Colombia) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audience.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ua.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1377 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.255.46 (Iran, Islamic Republic Of)

ASN25264 (AADP, IR)
PTR: maknanet.com

cdn.sanjagh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.147.178.24 (Iran, Islamic Republic Of)

ASN44932 (SABAIDEA, IR)

plus.sabavision.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.216.251.178 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: irmx53.parsnafe.com

cdn.tavoos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o489718.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.162.21 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)

sniper.tavoos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.105.185.162 (Iran, Islamic Republic Of)

ASN25264 (AADP, IR)
PTR: maknanet.com

api.sanjagh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.166.104.4 (Iran, Islamic Republic Of) 1 redirects

ASN202319 (CAFEBAZAAR, IR)

app.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
van.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.142.36 (France)

ASN16276 (OVH, FR)

cookie.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	tabdeal.org tabdeal.org	831 KB
7	sabavision.com plus.sabavision.com — Cisco Umbrella Rank: 59743	7 KB
7	yektanet.com 1 redirects cdn.yektanet.com — Cisco Umbrella Rank: 40483 audience.yektanet.com — Cisco Umbrella Rank: 43999 ua.yektanet.com — Cisco Umbrella Rank: 43173	28 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1248 h.clarity.ms — Cisco Umbrella Rank: 2011 c.clarity.ms — Cisco Umbrella Rank: 693	24 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 19362	138 KB
5	najva.com 1 redirects app.najva.com — Cisco Umbrella Rank: 56865 van.najva.com — Cisco Umbrella Rank: 63240 cookie.najva.com — Cisco Umbrella Rank: 292084	47 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 574 script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809	68 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	226 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6342	628 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	2 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 861 www.google.com — Cisco Umbrella Rank: 2	909 B
3	sanjagh.com cdn.sanjagh.com — Cisco Umbrella Rank: 107352 api.sanjagh.com — Cisco Umbrella Rank: 111156	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	tavoos.net cdn.tavoos.net — Cisco Umbrella Rank: 563745 sniper.tavoos.net	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 212	554 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	sentry.io o489718.ingest.sentry.io	242 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1184	5 KB
1	tbdl.io 1 redirects tbdl.io	869 B
83	19

	Domain	Requested by
27	tabdeal.org	tabdeal.org
7	plus.sabavision.com	www.googletagmanager.com plus.sabavision.com tabdeal.org
6	client.crisp.chat	tabdeal.org client.crisp.chat
4	ua.yektanet.com	1 redirects cdn.yektanet.com ua.yektanet.com
4	www.googletagmanager.com	tabdeal.org www.googletagmanager.com
3	h.clarity.ms	www.clarity.ms tabdeal.org
3	www.google.de	tabdeal.org
3	www.google-analytics.com	www.googletagmanager.com tabdeal.org
2	van.najva.com	tabdeal.org
2	app.najva.com	1 redirects tabdeal.org
2	api.sanjagh.com	tabdeal.org
2	c.clarity.ms	1 redirects tabdeal.org
2	www.google.com	tabdeal.org
2	stats.g.doubleclick.net	www.googletagmanager.com tabdeal.org
2	cdn.yektanet.com	tabdeal.org app.najva.com
2	static.hotjar.com	www.googletagmanager.com tabdeal.org
1	cookie.najva.com
1	sniper.tavoos.net	tabdeal.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	c.bing.com	1 redirects
1	audience.yektanet.com	tabdeal.org
1	www.googleadservices.com	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	o489718.ingest.sentry.io	tabdeal.org
1	cdn.tavoos.net	tabdeal.org
1	cdn.sanjagh.com	tabdeal.org
1	www.clarity.ms	tabdeal.org
1	static.cloudflareinsights.com	tabdeal.org
1	tbdl.io	1 redirects
83	31

This site contains links to these domains. Also see Links.

Domain
help.tabdeal.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-02` - `2022-10-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
sanjagh.com R3	`2021-12-11` - `2022-03-11`	3 months	crt.sh
*.sabavision.com Certum Domain Validation CA SHA2	`2020-03-02` - `2022-03-02`	2 years	crt.sh
*.tavoos.net Certum Domain Validation CA SHA2	`2021-06-23` - `2022-06-23`	a year	crt.sh
*.ingest.sentry.io R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
app.najva.com R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
van.najva.com R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Frame ID: 856BB774D7E53FC7396DCD94584C94EE
Requests: 75 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: F15742B2582FA7495CF893CF069DCF38
Requests: 1 HTTP requests in this frame

Frame: https://plus.sabavision.com/dmp/dox/iframe.html
Frame ID: 5ECF6066F15D4838E9BA8AC06EA45723
Requests: 2 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: A0DFCA78ECBDB0FD7BD3FEFEE4C36C4E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

صرافی تبدیل | صرافی ارز دیجیتال - خرید و فروش ارزهای دیجیتال

Page URL History Show full URLs

https://tbdl.io/8NLkQ/ HTTP 302
https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

83
Requests

96 %
HTTPS

46 %
IPv6

19
Domains

31
Subdomains

26
IPs

7
Countries

1434 kB
Transfer

5239 kB
Size

42
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://help.tabdeal.org/
Title: راهنمای گام به گام

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tbdl.io/8NLkQ/ HTTP 302
https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&RedC=c.clarity.ms&MXFR=34241CAA587168F23E900DF85C716686 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&MUID=3177E95D6E986FB301D1F80F6FF36E0F

Request Chain 78

https://app.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017 HTTP 301
https://van.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017

Request Chain 81

https://ua.yektanet.com/pixel?id=njv-email HTTP 302
https://cookie.najva.com/matching/?yektanet_user_id=3c226fc1-196b1-12f60-090c5-5ecc48e795341&njc=

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request winter-festival Show response
tabdeal.org/
Redirect Chain

https://tbdl.io/8NLkQ/
https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

602 KB
62 KB

180ms
110ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debb7401a8c66e83a04940640a4210f2cd6c70b82bf3dfbd2c9695421c64e9cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-type: text/html; charset=utf-8
link: </_nuxt/d40c233.js>; rel=preload; as=script, </_nuxt/1e99a69.js>; rel=preload; as=script, </_nuxt/c139a00.js>; rel=preload; as=script, </_nuxt/96031ce.js>; rel=preload; as=script, </_nuxt/d5feb44.js>; rel=preload; as=script, </_nuxt/3b096e4.js>; rel=preload; as=script
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cBSHt2yISe%2BCfILCrzBQXfgDOQ7d8datJ1AZaTbGz4unxGtUgt4XR8IM82CUnFOby6rFjZJjIf0RhW%2FlSagbqZX6suahurC%2BItxnMWF9lSmNXewgf%2BwTMcDqAuVepgygOvE7SJNgF6sLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e1199db8812911f-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </_nuxt/d40c233.js>,</_nuxt/1e99a69.js>,</_nuxt/c139a00.js>,</_nuxt/96031ce.js>,</_nuxt/d5feb44.js>,</_nuxt/3b096e4.js>

Redirect headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-type: text/html; charset=utf-8
location: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
vary: Accept, Cookie
allow: GET, HEAD, OPTIONS
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34IGhSMR2PGZAHpWo4nT%2B3RmAx9N2e6qS1pdKUMulMSRtibI54KtWSGT5wqEv0M3Mi7bAdg2V7Gc4t5n4Nw338HI8Yly%2BZjPJD8unocWelu0dj%2BNosX36WOK3WDD9%2BczjqIdP2%2BF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e1199d91aa297a0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 d40c233.js Show response
tabdeal.org/_nuxt/ 6 KB
4 KB 21ms
0ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d1e13f6b391b4195fd8cdd61c4ef94865f0821681225d655b0f0a5bfaacee18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123558
etag: W/"18f4-17f15e6b8dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aO8AeGmOTTalrwLBiI3EO87ueeT0pYXpfDQCDED07NFcx9hJ5MMByZeawND3zF8fPOfLGtyG2cFQJeXfHIJu6j7rNAuZs9xVNnH%2BpZ0rGkZ014bx1LXxdw7T%2Fq9KkXVLRfILjQQHvPxSnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dc19ae911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1e99a69.js Show response
tabdeal.org/_nuxt/ 309 KB
97 KB 51ms
0ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/1e99a69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9b253707ca27aa8bc2eb51ceeb7bd78adca7fcdcf54ab2fe3ae86173e7d63fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123558
etag: W/"4d247-17f15e6b8bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWgZ%2FJU0k%2FEmCL%2BocXPlsb3GCoZib473xV6Hg0L9aQ4%2FrDUXuycYHma36a0sepGRmLQnww%2BGTCGlcbI%2B%2BSjRrkbm5BsaLbtWP0toz%2FHz9Fap0OCUtEh%2BpU%2B6m9l28l4qNthcFZPx8Vd7tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dc19af911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 c139a00.js Show response
tabdeal.org/_nuxt/ 1 MB
204 KB 60ms
0ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/c139a00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b6204effd2d0d3abfff8bc94d24c0f759af51bc1bf10689970d3d4b9d64d53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123558
etag: W/"110f02-17f15e6b8dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe9HGvk8LaGoNL4j1FoNanz8vDC8ipJfhlio6HVHT9NM3lfcKpPryl%2BeXJrkSbKb6SP2KJl8OERLSrVUWy44kSkQotxGVvtCUuv33Zb7rykROV9mlcOXLQVtSA8J0m37sJK1%2BbrTMbyZHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dc19b1911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 96031ce.js Show response
tabdeal.org/_nuxt/ 304 KB
60 KB 29ms
0ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/96031ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baea914dc241fed474e3b6fcf9191ad39538ceee0b05f698a41d414fffadd8ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123558
etag: W/"4bf4b-17f15e6b8bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E9082et01IZ8hgIuccn8m488mbsl9ryo4mfIKjcUtZIqoeL9mS%2BYZjf%2FxAdc8T0pjhKIOxcncPMx5NR5%2BO0vgqWAGiYhwNVAZA6XrcPkulMnmOP%2BWydasEvdiXBvP2z0s2aoC5gd1wWvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dc19b5911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 d5feb44.js Show response
tabdeal.org/_nuxt/ 13 KB
4 KB 18ms
0ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/d5feb44.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9021fba3573af072e9bc4cf93b63b2f6b26023fa2a2a97d427e09c9cbfc0f6b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123556
etag: W/"3394-17f15e6b8dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG3eFzlnnh5bTL8Q4Jphz6IfJ%2BKcLmZrPbbCFVmQpKTS5ynkisGoYnoLlzvblx3KWoDTEkzI9C0eNxsu9K3QB4Y2ie5zqOlGtOPVTE2zj5Mrc2zR%2Bj4lfFka%2FHMfM3zQ1YWPS5G2QOu7HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dc19b6911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3b096e4.js Show response
tabdeal.org/_nuxt/ 22 KB
7 KB 19ms
0ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/3b096e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c828ef740a9e5a1a35b013fe85a3030a746dda24b09f872494130d8a278a32a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123556
etag: W/"577d-17f15e6b8bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eH7PbTt5hDnfcpNt67vlYR8w1aXr11eSWkis6r0dlZWasAqbMciNDQLFBsKAgiZVU1unagqTNm01IjKkcX6jo21bIwgmWYCimbgygMsiWkmWgexRluJkaMDAx0l3agxFj73TyK9Qh5Odw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dc19b9911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 IRANSansWeb_Bold.woff2
tabdeal.org/fonts/IRANSans/woff2/ 29 KB
30 KB 60ms
56ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/fonts/IRANSans/woff2/IRANSansWeb_Bold.woff2
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8ec49de9c004f18b228d28027b6f25dd854da6aa5f9b901777e593c59371ea7

Request headers

Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Origin: https://tabdeal.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544923
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29692
last-modified: Wed, 28 Jul 2021 07:43:49 GMT
server: cloudflare
etag: W/"73fc-17aec11d57f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdrAb1Dbh1D97BR9a8QTOxJMbSv1aNzoNhR%2BITQaMwOvKeEYldmHk4CWJLx82%2BfPNJnRHJsYD%2BumjrTIcW6o%2FHGazN%2BtgEqiQlBNG5%2B1THnSOhvNl%2B7r7ShoxP2xzzRgMYyiHz4HDfFn8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e1199dc5a5e911f-FRA

GET
H2 200 IRANSansWeb_Black.woff2
tabdeal.org/fonts/IRANSans/woff2/ 28 KB
28 KB 63ms
57ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/fonts/IRANSans/woff2/IRANSansWeb_Black.woff2
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51499dee81f4c877020cf7826779c181dcf936e1604b471e99d13ac0889435cc

Request headers

Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Origin: https://tabdeal.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544923
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28424
last-modified: Wed, 28 Jul 2021 07:43:49 GMT
server: cloudflare
etag: W/"6f08-17aec11d57f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAP9M9sXyKARkvKamxiXGF1FIGPKs5VfAv2GNbbc8F%2FKAVhp9ue0yq4G8Mfi6XdskG8TwNpvIbCx7Y1AcRgVVgQppHx09lkoKe1IdLnnslldrjEm0pWdXaTOJnQHVoON1UDlBAuJ2Uj86w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e1199dc5a71911f-FRA

GET
H2 200 IRANSansWeb_Medium.woff2
tabdeal.org/fonts/IRANSans/woff2/ 26 KB
27 KB 92ms
87ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/fonts/IRANSans/woff2/IRANSansWeb_Medium.woff2
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e8559023c88d8bd7c7c91c55f05d89620c836c37cf7a49f33212b966efed2ff

Request headers

Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Origin: https://tabdeal.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 598201
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27008
last-modified: Wed, 28 Jul 2021 07:43:49 GMT
server: cloudflare
etag: W/"6980-17aec11d57f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkXNa91MR6ZCIsFOjM04UaEIgcbOeJi2HHvRRuSrd0wa%2B1P3c07Cha%2BCgDxVoUQiNwHaPezJ0aR%2Br08exJGDD2oGEqXpDf%2FdZk7MQ2zIhQvswR2Pz6uJhoqa4ueS7mf9t6WP31mweBeL6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e1199dc5a76911f-FRA

GET
H2 200 IRANSansWeb_Light.woff2
tabdeal.org/fonts/IRANSans/woff2/ 29 KB
29 KB 62ms
57ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/fonts/IRANSans/woff2/IRANSansWeb_Light.woff2
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0788bc490dca49b1eb2d8d9d048e365432486b4bdcebca9343e20adccee41e39

Request headers

Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Origin: https://tabdeal.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 292800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29556
last-modified: Thu, 10 Feb 2022 13:39:52 GMT
server: cloudflare
etag: W/"7374-17ee3dc99b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8GE5u%2FqwlPh1P7ckK4L0FOMLZ4jcjlVNRIOiKK1a25r7RZXNJt%2FGsrMWVedNIjrhSuzol3sl5Wr%2FTfEBQij5sb5XezWJqMQTPAfEfB%2FKSOwxvu03dl1ka7o7Fe9hdkr2cvEiPBAf3oh3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e1199dc5a7a911f-FRA

GET
H2 200 IRANSansWeb_UltraLight.woff2
tabdeal.org/fonts/IRANSans/woff2/ 31 KB
31 KB 61ms
55ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/fonts/IRANSans/woff2/IRANSansWeb_UltraLight.woff2
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eacf84a52b5b66739a5366c451a4472413e4eb6304d063ba83a1ae1902497870

Request headers

Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Origin: https://tabdeal.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544923
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31292
last-modified: Tue, 27 Jul 2021 08:20:24 GMT
server: cloudflare
etag: W/"7a3c-17ae70cf67f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUu%2Bh355tYTkMJ%2BUL2tUMxiCdgWYeeBxmfnsY3PjQSMgUo3RWDsTJQaq0NLAnTYe7R4%2B0ipX42CzOxd8yLAJNOYls0IGerTD1FE3ur44TRhEOIZgWojVvgnnnL4O7tDgb3l90ENH8o2YDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e1199dc6a82911f-FRA

GET
H2 200 IRANSansWeb.woff2
tabdeal.org/fonts/IRANSans/woff2/ 31 KB
31 KB 60ms
54ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/fonts/IRANSans/woff2/IRANSansWeb.woff2
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d61fa1ee0a23f68a0322d69d7c67263f9e0b3786015752b4daf5fb4f21bf9d

Request headers

Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Origin: https://tabdeal.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544923
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31564
last-modified: Wed, 28 Jul 2021 07:43:49 GMT
server: cloudflare
etag: W/"7b4c-17aec11d57f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPFTyTjtQ9tCogbIPJFVgr29ZONkgQZ7KWDM%2B%2By5yDPX8sCwWU4RCQbHWciNK5UV28nKNeVCHi7Feiwe1W6deIeZOGDfXBo1QG%2F%2FZS9ypBRtvMcGw7j%2B%2BDbxt%2BMgvS4vSNyvIwbX3%2F5%2BRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e1199dc6a85911f-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 158ms
56ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XG21X11D9E

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d858d95fe8f5404e5d93f0116f465dfac6f7e56db08255b4957bc8adcb57bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65189
x-xss-protection: 0
expires: Mon, 21 Feb 2022 17:12:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
58 KB 199ms
97ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8DV4VW

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9411ba68f63d20eb78a8f533be084e3bda7bfc4937a91b1527ff075d12b6f80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59288
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 17:12:41 GMT

GET
H3 200 snow-bg.svg
tabdeal.org/images/festivals/winter/ 24 KB
7 KB 108ms
107ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tabdeal.org/images/festivals/winter/snow-bg.svg
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e6dbf4b3e7bd3961d7f4890ae4737196de5a66b39c6edbbfee65bf07dbad3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 13:39:52 GMT
server: cloudflare
age: 469027
etag: W/"5e5b-17ee3dc99bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8SV6FVbnK%2FA0hRp4RFUwjh1%2FlSFIZGPTdjcbk86e7HNUdT421WrFGf2Lm%2FEHU8ktjxdiiQLGi6ZMpMWUDboXT75m0vO80kq0DhC%2FIZQMgZipAzN0e8dOCd1iX%2BWhkm9VCqy%2FvcG7yCkPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dcc9d4904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 winter-festival-info-hero-mobile.svg
tabdeal.org/images/festivals/winter/ 54 KB
17 KB 109ms
108ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tabdeal.org/images/festivals/winter/winter-festival-info-hero-mobile.svg
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4afb4979549d71973eba802ed23e3b243f073e94854b05a36391672cbc9931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Feb 2022 21:28:16 GMT
server: cloudflare
age: 469027
etag: W/"d7d2-17edb3cb611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lk3AgaxOpl9kuKi8WGLggInHQpdpEZ5fQU%2Fq8Kz%2F9YCl6QI1DVFxdtyj97isd8Xw%2FsD2k5iYglXJjdYrdS46FIZp5RMLz3nlb1f%2FRC3mUcCNOpwQthHHdmfitTnMiZrWWqk9j3NWMACg2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dcc9d7904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tabdeal-typo-logo-black.svg
tabdeal.org/images/homepage/ 2 KB
1 KB 133ms
132ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tabdeal.org/images/homepage/tabdeal-typo-logo-black.svg
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b25c7173faa60129b7581c3737d7b100d964d6f294b05c5d554bf7990bd61ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 13:39:52 GMT
server: cloudflare
age: 460648
etag: W/"855-17ee3dc99c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwcCCuDq5nK%2BKR6rNBKiqfqOaKskS8KAPwfU54cH7L%2FD5ZY0lQo32%2FcFJ5ZjY%2FpKXHuAoQxpxnaqugYHUcoyWWTaxENFW2pAJIt8eRLWrD200nsinjUUcFo3sHGN9bz4RSpV7rizr98JAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199dcc9f9904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 winter-festival-info-hero-desktop.png
tabdeal.org/images/festivals/winter/ 59 KB
60 KB 133ms
132ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tabdeal.org/images/festivals/winter/winter-festival-info-hero-desktop.png
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64753d2c2fbc6ae6f1adbf3a984d1b44583de5ccd58574bb921c1d45f365d3d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60619
last-modified: Wed, 09 Feb 2022 11:47:37 GMT
server: cloudflare
etag: W/"eccb-17ede4f7a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtzNxqOh8r21yYFdYzSN6UeWrbsoVcP98%2BMdUNHauXXyAxeJcoI6H%2BSESdFks2NLM%2FEALBAhulPto%2FbKz7GwI3nK6LROEHch8%2FgerLCWzGM53qt4OJWccWJAgrUGj6sbYhPh13phRFhTIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e1199dcca43904f-FRA

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 219ms
118ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://tabdeal.org/
Origin: https://tabdeal.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6e1199dd3d009013-FRA

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 115ms
47ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/96031ce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27056
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-1ebe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 6e1199de9d209150-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 22 Feb 2022 17:12:42 GMT

GET
H3 200 0fc0741.js Show response
tabdeal.org/_nuxt/ 146 KB
42 KB 34ms
34ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/0fc0741.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a269cb8a92b9aeadb869c45ba267e8ed1561dc1b274ff2ecb07dd578acabcb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123555
etag: W/"2476c-17f15e6b8e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yghlxrkKjr8r7ZFwizMUN2YTiVDBgNQIN6xMMjLRoS7PRxG8CSKlrncXRaYi32wfbQjwJ%2ByAhyTVu3eQl2x6CJz1yQ1nCqKSrZKi8qLIChQGXHQkCSoQGYnv%2FSFLkmlWNm7EnkNAfzGyBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199df3fb3904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tabdeal-logo-dark-text.svg
tabdeal.org/ 3 KB
1 KB 27ms
27ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tabdeal.org/tabdeal-logo-dark-text.svg
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f043b149412a58d7703923ee611976a9fa48bca2bf3ccb5f8869999e278df700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 13:39:52 GMT
server: cloudflare
age: 468987
etag: W/"c16-17ee3dc99d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KobjzI9Cxt8w8oorZ5c1oD9hK3HS9noAkbQR7IVxghhsH8DMky%2BWTCEJkjIWXEk2LbCQuG4jR9EfF3oDjl03fKTOsBZXE%2Fyd9f7oiqvqCjdJzYZVE1YCde1z55NioSzr3n5%2F1LEHAR19Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199df7855904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 381 KB
89 KB 80ms
55ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27602
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-5f54e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e1199dfc994692e-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 19 Feb 2032 17:12:42 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 328 KB
40 KB 123ms
99ms Stylesheet
text/css 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27582
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-521ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e1199dfc991692e-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 19 Feb 2032 17:12:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 77ms
47ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7PM8D8Q912&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8DV4VW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50a2b35361768a440b40b723b75c32ff89f79009d288532bb5e6c8cd27953d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65069
x-xss-protection: 0
expires: Mon, 21 Feb 2022 17:12:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
24ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8DV4VW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4070
date: Mon, 21 Feb 2022 16:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Feb 2022 18:04:52 GMT

GET
H2 200 hotjar-2694472.js Show response
static.hotjar.com/c/ 4 KB
2 KB 63ms
23ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2694472.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8DV4VW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

9f80e4b984e0e4f743bce20837bc945ef558583f12c671617c329f89af1e854e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1894
access-control-allow-origin: *
cache-control: max-age=60
etag: W/b2e6292706743b0f3b61e6f971d2eb02
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: qipepVX6vqkf4ty8yKAyBOkT4S9MvGbkzjwI-YtJtBXgYqTGRXXlag==

GET
H2 200 rg.complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v3/OMKRPNMz/ 35 KB
12 KB 131ms
58ms Script
application/javascript 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/OMKRPNMz/rg.complete.js?v=202201021017
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0fc523f6e3e1072bb95e326a4f2c0b835e4de36fdbb59b8b77e3a965a50e6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13432
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 10:54:24 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"f6eef19837a3dad1dfcdc1f3f122e77c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zg5WUQt5QAcy5dfNXeJL%2Fu7Bt3LYSdIc0YChpoF4t4zlExR39MsLUfogHoegQaA2L77bN8us98P4iPh2Sy8LAranayu5bFja9lrQNFUr4%2BESiYoXyAs2%2F4BsFpHk7Q5hTrh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
cf-ray: 6e1199e069168fe3-FRA

GET
H2 200 hotjar-2694472.js Show response
static.hotjar.com/c/ 4 KB
2 KB 62ms
23ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2694472.js?sv=6

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

9f80e4b984e0e4f743bce20837bc945ef558583f12c671617c329f89af1e854e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1894
access-control-allow-origin: *
cache-control: max-age=60
etag: W/b2e6292706743b0f3b61e6f971d2eb02
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: s6Bd9Mj5tuIAqXuCCmTCzeZUyQj_wV4Rq2_YpbCuw4HDPi0wS3vPTw==

GET
H2 200 9ibqjwxkc5 Show response
www.clarity.ms/tag/ 572 B
952 B 283ms
159ms Script
application/x-javascript 2620:1ec:27::cafe:1377
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9ibqjwxkc5
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1377 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: d263125b7f56d2fbc0573e75a93af8014032a03bbbee3ba0a81c2ecf5c0a3c89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:41 GMT
x-powered-by: ASP.NET
x-azure-ref: 0CsgTYgAAAABUtmLaiSbcT7pB+2bxnB74SEVMMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
content-length: 572
expires: -1

GET
H2 200 client.js Show response
cdn.sanjagh.com/assets/sdk/tabdeal.org/ 58 KB
20 KB 393ms
117ms Script
application/javascript 109.206.255.46
AADP

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sanjagh.com/assets/sdk/tabdeal.org/client.js?t=202212117
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.206.255.46 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS: maknanet.com
Software: nginx /
Resource Hash: 3dd4c8d908872c745e745385a7421a0ec36e2a74dafd4a8016c638fcc9167b77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 16:16:08 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 10:23:45 GMT
server: nginx
age: 3393
etag: W/"61f7b8b1-e6d0"
vary: Accept-Encoding
x-cache: hit cached
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-max-age=3600
accept-ranges: bytes
content-length: 19760

GET
H2 200 events.min.js Show response
plus.sabavision.com/dmp/dox/ 11 KB
4 KB 119ms
43ms Script
application/javascript 185.147.178.24
SABAIDEA

General

Check archive.org

Show headers Download Go to

Full URL: https://plus.sabavision.com/dmp/dox/events.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8DV4VW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software: nginx /
Resource Hash: a632dc684383a269349fee1d320cba350a64be6616f1863c615158072d073fe2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 10:20:06 GMT
server: nginx
etag: W/"62136756-2aa9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-upstream: 0
cache-control: max-age=2592000
expires: Wed, 23 Mar 2022 17:12:42 GMT

GET
H2 200 sniper.js Show response
cdn.tavoos.net/services/retargeting/1884/ 2 KB
1 KB 344ms
98ms Script
application/javascript 178.216.251.178
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tavoos.net/services/retargeting/1884/sniper.js?v=202201021017
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.216.251.178 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS: irmx53.parsnafe.com
Software: nginx /
Resource Hash: de17569e01fa18f28176ab5b2e973a146bb50b01d2031fec25a494ee0d8586f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 13:14:01 GMT
server: nginx
x-tavoos-cdn: HIT
etag: W/"620a5599-80c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-tavoos-server: FASTCLICK-MILAD-TOWER
x-tavoos-region: TEHRAN
expires: Tue, 22 Feb 2022 17:12:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 57ms
42ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-438346452&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8DV4VW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6a9b0bc3d1611d74cae4ae1fd57ed165593403fe787e00d68e572a9fc695404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40728
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 17:12:42 GMT

POST
H2 200 / Show response
o489718.ingest.sentry.io/api/5695492/envelope/ 2 B
242 B 140ms
24ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o489718.ingest.sentry.io/api/5695492/envelope/?sentry_key=b1b5de6058f741e0890c9e4fb3851661&sentry_version=7

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tabdeal.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://tabdeal.org
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H3 200 84a9b23.js Show response
tabdeal.org/_nuxt/ 51 KB
11 KB 34ms
33ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/84a9b23.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 091d71dbcd9e7a71782b3d8aef33460d90163a25d2f769082ea6f49187584e8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123558
etag: W/"ca24-17f15e6b8b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkMFg485JNTT%2Fwa6H5pKxXQc7D46Ee3RBqycobHZ3t662hyBUivg3svWYNmDPrDy3NOc%2B1c1iXsQd2r8lKF71SXr57OGGmtheycl7rN6Yly5BoCyT1RkfATYb1jMoFo%2BvLNyqmsju3K8%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199e03a64904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 94d45d0.js Show response
tabdeal.org/_nuxt/ 55 KB
12 KB 64ms
63ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/94d45d0.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991b112bd0495cc6f0f820dbd40a108b3d5f8166e5c34c4a7af35aff25791d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123558
etag: W/"dbb9-17f15e6b8b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STFro1VFiPlNII2Rhj037kXCYbZoV5FqRbm89O3zljWmlJYgdM3MxhcZdFDPgrZ2cDzXaD%2Fr6RRz3nRspjHKXnAyj0rhxMk5GqL1XtsPjTR5Z7vcqGA5aOTFAUEwREfwU4uiWYfUedE%2FQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199e03a6a904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 5de73f5.js Show response
tabdeal.org/_nuxt/ 100 KB
35 KB 52ms
51ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/5de73f5.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b1b098005b653092b8b3d6e3bd02e5b30625362d5fe8352daf5ca87a3c4748d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123541
etag: W/"19071-17f15e6b8bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10zOukJQCdk6Yk%2FjjoTHRO49DNpZtD3bzcLBPvYtDG6B%2Biz%2FKBcSajIsTW6i6quN%2BuQWgEeGR8BMQseaZ0XjM6mNG3zoOfv0XNRJdAwYpePH8TbArRybCNVWAqCAWHZNBjDWr8ak0IiNBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199e03a6c904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 f06da4e.js Show response
tabdeal.org/_nuxt/ 17 KB
5 KB 71ms
70ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/f06da4e.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f5dd75c25836b1622863c5270a4567ac18ba53c9d95f763d1067a9cd2a1cc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123540
etag: W/"42f5-17f15e6b8e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNCK6hq2G%2FHFREz1MHakFD8bhqBEtfyhmGgEHISn6gmxn8iBYbCj%2BR0KqCHPzJR2QfBMnLTUaO6x6hV6%2Fs6qiBdPnwtItt2rgpOTbhovdGt%2FURLFmwXrcJWistpB8MUuD%2Bdsvzkmwfr%2FMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199e03a70904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 7c1cb43.js Show response
tabdeal.org/_nuxt/ 55 KB
12 KB 65ms
64ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/7c1cb43.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b5a69ef0d31bd00970a0c27c81b8f1a1081de54cc62caa0d8535d315eda2bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123541
etag: W/"dc70-17f15e6b8d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGM7afyG5ENgVl2Pt1mXs6YtHFZplTZbm2nAJa7Utz%2FBZw2PwtAJJaSz85roIcjQx%2BdzSyN7UtA%2FmdIKkSC9r7LEtZKUnQyEQYKyd2vQLkAjAW69DyXVa00joT4soNPrvVU%2FCPoI4Ln77Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199e03a71904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 04dff6d.js Show response
tabdeal.org/_nuxt/ 25 KB
4 KB 37ms
37ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/04dff6d.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe65f879590f8a096a37f94c751f1237a9e263ec0a43940c2c43fe57738c35fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123513
etag: W/"6298-17f15e6b8e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ew2kQX7CqVK3ejz9z1Vcxh%2FsSk45hl%2FIzkoGt1jivVa0%2FWB64E8E5y42BoTLODdmp52XbKuXuckdEJ%2BfxKlXxJo4z8YcpW%2F0SY33U5%2FOro%2Bl%2FgUoL7uk%2Fgb9EjwCknJdsPyWgBWv%2BYMAbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199e03a74904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 6f962af.js Show response
tabdeal.org/_nuxt/ 39 KB
10 KB 38ms
37ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabdeal.org/_nuxt/6f962af.js
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/d40c233.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a3b30d3bca509c980fddbfd28ef11ca18106f605cdc44e8a82de387fbce1f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 06:51:56 GMT
server: cloudflare
age: 123513
etag: W/"9a4d-17f15e6b8dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqELAua6blPlSSV9etaiu2%2F2xHcCso65DdvUg0lomu803E7vWQa5hInSO2FoswstCJqTrjR9YGqXKEbHZ3Cjxmat7U%2BtmNt7VvzOLmEhfNG72HOzjfPX%2FRxt1optvnk%2BoWRgZDajmORhsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e1199e03a76904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 modules.7d6d0311dc6eb2c0bc38.js Show response
script.hotjar.com/ 235 KB
62 KB 93ms
28ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d6d0311dc6eb2c0bc38.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2694472.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

01dfdc130cd3e3b7ed01572613ea6552ab9819ca803c688076f850d06aa627a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 14:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356436
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62769
access-control-allow-origin: *
last-modified: Thu, 17 Feb 2022 14:12:00 GMT
etag: "fb6a0182102480f4b418874ee97e7e39"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Tc5YpnIhoBK9NzlGfsAcfdkdEHOTTIPNoJepFOHaiKstRHrGYew3Vw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 54ms
26ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1066033779&t=pageview&_s=1&dl=https%3A%2F%2Ftabdeal.org%2Fwinter-festival%3Futm_source%3Dsms%26utm_medium%3Dpaid%26utm_campaign%3Dtehran-men&ul=en-us&de=UTF-8&dt=%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%AA%D8%A8%D8%AF%DB%8C%D9%84%20%7C%20%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%A7%D8%B1%D8%B2%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D9%88%20%D9%81%D8%B1%D9%88%D8%B4%20%D8%A7%D8%B1%D8%B2%D9%87%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2021817388&gjid=863849193&cid=1500156969.1645463562&tid=UA-182342470-4&_gid=1598372671.1645463562&_r=1&gtm=2wg2g0N8DV4VW&z=2017984497

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tabdeal.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame F157 2 KB
1 KB 61ms
18ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2694472.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-40.fra60.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: gdCfd8erIZlH4QWuU4pSup9_wjhZ6IKdJUAbzOHjsXn9Sx77E8u5zA==
age: 1498836

POST
H2 204 collect
analytics.google.com/g/ 0
344 B 75ms
26ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7PM8D8Q912&gtm=2oe2g0&_p=1066033779&sr=1600x1200&_gaz=1&ul=en-us&cid=1500156969.1645463562&_s=1&dl=https%3A%2F%2Ftabdeal.org%2Fwinter-festival%3Futm_source%3Dsms%26utm_medium%3Dpaid%26utm_campaign%3Dtehran-men&dt=%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%AA%D8%A8%D8%AF%DB%8C%D9%84%20%7C%20%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%A7%D8%B1%D8%B2%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D9%88%20%D9%81%D8%B1%D9%88%D8%B4%20%D8%A7%D8%B1%D8%B2%D9%87%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84&sid=1645463562&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PM8D8Q912&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
335 B 85ms
27ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7PM8D8Q912&cid=1500156969.1645463562&gtm=2oe2g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PM8D8Q912&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 26ms
26ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XG21X11D9E&gtm=2oe2g0&_p=1066033779&sr=1600x1200&ul=en-us&cid=1500156969.1645463562&_s=1&dl=https%3A%2F%2Ftabdeal.org%2Fwinter-festival%3Futm_source%3Dsms%26utm_medium%3Dpaid%26utm_campaign%3Dtehran-men&dt=%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%AA%D8%A8%D8%AF%DB%8C%D9%84%20%7C%20%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%A7%D8%B1%D8%B2%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D9%88%20%D9%81%D8%B1%D9%88%D8%B4%20%D8%A7%D8%B1%D8%B2%D9%87%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84&sid=1645463562&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XG21X11D9E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 89ms
37ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-438346452&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 17:12:42 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 107ms
59ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7PM8D8Q912&cid=1500156969.1645463562&gtm=2oe2g0&aip=1&z=1430767433

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe.html Show response
plus.sabavision.com/dmp/dox/ Frame 5ECF 2 KB
1 KB 322ms
321ms Document
text/html 185.147.178.24
SABAIDEA

General

Check archive.org

Show headers Download Go to

Full URL: https://plus.sabavision.com/dmp/dox/iframe.html
Requested by: Host: plus.sabavision.com
URL: https://plus.sabavision.com/dmp/dox/events.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software: nginx /
Resource Hash: 2897540a30a42c67a5a288f0dd0724a4bb03ecb53873c5146e19b3ba04599785

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-type: text/html
vary: Accept-Encoding Accept-Encoding
last-modified: Mon, 21 Feb 2022 10:20:06 GMT
etag: W/"62136756-7bc"
expires: Mon, 21 Feb 2022 20:12:42 GMT
cache-control: max-age=10800
content-encoding: gzip
server: nginx
x-upstream-ct: 0.000
x-upstream-ht: 0.288
x-upstream: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 28ms
27ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-182342470-4&cid=1500156969.1645463562&jid=2021817388&gjid=863849193&_gid=1598372671.1645463562&_u=YEBAAEAAAAAAAC~&z=1447774011

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tabdeal.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Feb 2022 17:12:42 GMT
content-type: text/plain
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
396 B 55ms
44ms XHR
application/json 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=K2ffEHaH
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Authorization
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://tabdeal.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHBiRZCfz2bqBsDn2joQAeHZmLrNywQKmziWF9ohTn1iykd4jbx7TGcQr0WKYHzeGwnLO9BZbt8MlW49QDAf90ZzdUOZX2RoLlpowzbPLOOy7CGVltZTJFhOI%2FJMrj3UmjIe%2BT9%2F53I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6e1199e29dd28fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5

GET
H2 200 / Show response
ua.yektanet.com/cookie/iframe/ Frame A0DF 3 KB
1 KB 60ms
52ms Document
text/html 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.yektanet.com/cookie/iframe/
Requested by: Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/OMKRPNMz/rg.complete.js?v=202201021017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47dcd0765922a10bb0d997d4b853fb66c369a76bb0f091dd4167db2c84f62d2e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-type: text/html
last-modified: Monday, 21-Feb-2022 17:12:42 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxpFTel8gct1F4pCSQyV0xMQrPe4vW5zYmMOeR6IxEIzqAvi%2BhsRSv%2FMq8PQ4WpigAC%2FaSlAOnpi5Kq%2FEMY%2BRwEhQ1FWRgvCEkucI2Wn39UijV0kiahpcmj3PnLAkxcd1BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e1199e2adfa8fe3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
603 B 65ms
58ms Ping
image/gif 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=9831bfe0-ceef-475e-922f-9ec0f03aa5c8&abj=1&aed=adv&abh=31489&ac=https%3A%2F%2Ftabdeal.org%2Fwinter-festival%3Futm_source%3Dsms%26utm_medium%3Dpaid%26utm_campaign%3Dtehran-men&ae=%7B%22utm_source%22%3A%22sms%22%2C%22utm_medium%22%3A%22paid%22%2C%22utm_campaign%22%3A%22tehran-men%22%7D&ad=tabdeal.org&as=%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%AA%D8%A8%D8%AF%DB%8C%D9%84%20%7C%20%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%A7%D8%B1%D8%B2%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D9%88%20%D9%81%D8%B1%D9%88%D8%B4%20%D8%A7%D8%B1%D8%B2%D9%87%D8%A7%DB%8C%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84&aef=K2ffEHaH&aec=48615&aaa=sms&aab=paid&aad=tehran-men&ai=539af0c3-0d17-5eaa-9ebf-d756e86ca3ae&abw=1600&abb=1230&aby=1600&abz=1200&al=1600&am=1200&abk=%D8%AC%D8%B4%D9%86%D9%88%D8%A7%D8%B1%D9%87%20%D8%B2%D9%85%D8%B3%D8%AA%D8%A7%D9%86%DB%8C
Requested by: Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/OMKRPNMz/rg.complete.js?v=202201021017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
cf-cache-status: DYNAMIC
last-modified: Monday, 21-Feb-2022 17:12:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EaStr0y5aGZBJ%2FJrMhnZ6EpGZ1NdZ1w%2BMRF4MnxWS%2Bdu2grk3QzB0y%2FeZqnryTUZwY1oHz4KaQ4Ituxc2wh6WHhNn4sDSUHJ8VdWJl0VZZHVCJ%2FJWZyNhm0IYzazLN%2BgV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 6e1199e2adfd8fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
expires: 0

GET
H3 200 / Show response
client.crisp.chat/settings/website/7c73fe4c-92f8-4457-9b9a-49a42a2015c2/prelude/ 78 B
516 B 34ms
34ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/7c73fe4c-92f8-4457-9b9a-49a42a2015c2/prelude/?callback=window.%24crisp.__spool.website_handler&2022-1-21-17-12

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16e9a5f57bb1c1b083f14948e9e16ca2f8aa41e4ce7fcebd0c47703c9d0c803e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12637
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Feb 2022 13:42:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 6e1199e29819692e-FRA
access-control-allow-headers: Content-Type, Origin
expires: Mon, 21 Feb 2022 21:12:42 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 94ms
47ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-182342470-4&cid=1500156969.1645463562&jid=2021817388&_u=YEBAAEAAAAAAAC~&z=155567065

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 76ms
44ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-182342470-4&cid=1500156969.1645463562&jid=2021817388&_u=YEBAAEAAAAAAAC~&z=155567065

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
h.clarity.ms/s/0.6.32/ 53 KB
23 KB 316ms
107ms Script
application/javascript 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9ibqjwxkc5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&RedC=c.clarity.ms&MXFR=34241CAA587168F23E900DF85C716686
https://c.clarity.ms/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&MUID=3177E95D6E986FB301D1F80F6FF36E0F

42 B
368 B

38ms
38ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&MUID=3177E95D6E986FB301D1F80F6FF36E0F
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
last-modified: Fri, 18 Feb 2022 21:27:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7f9eac45e25d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07A838C1F0894930B108752925A35E67 Ref B: FRAEDGE1513 Ref C: 2022-02-21T17:12:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&MUID=3177E95D6E986FB301D1F80F6FF36E0F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/438346452/ 3 KB
2 KB 80ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/438346452/?random=1645463562683&cv=9&fst=1645463562683&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftabdeal.org%2Fwinter-festival%3Futm_source%3Dsms%26utm_medium%3Dpaid%26utm_campaign%3Dtehran-men&tiba=%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%AA%D8%A8%D8%AF%DB%8C%D9%84%20%7C%20%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%A7%D8%B1%D8%B2%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D9%88%20%D9%81%D8%B1%D9%88%D8%B4%20%D8%A7%D8%B1%D8%B2&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d84534f7a3584eef30c98a26f9c3bd4a381715aa22c78191b1bfe69fbffd16b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1149
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tags Show response
sniper.tavoos.net/v1/retargeting/ 15 B
531 B 480ms
133ms XHR
application/json 185.147.162.21
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL: https://sniper.tavoos.net/v1/retargeting/tags?id=Ct2ZYlBFYQ
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.147.162.21 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software: FastClick-Edge /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:43 GMT
content-encoding: gzip
server: FastClick-Edge
x-app-server: sniper-01
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 set Show response
ua.yektanet.com/cookie/ Frame A0DF 78 B
1006 B 88ms
64ms XHR
application/json 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.yektanet.com/cookie/set
Requested by: Host: ua.yektanet.com
URL: https://ua.yektanet.com/cookie/iframe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95f2e27c0d29ddf395d39259949a2fb0943900c2834fd2ef90147caced84d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ua.yektanet.com/cookie/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Monday, 21-Feb-2022 17:12:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6YtKmDwcAGQmfN%2BtXxk8xmmp%2BKp5V0TJFb02DVfckj1OgpIiBFt7nuC2nn%2Fjarfjc%2BuzK7hTWRHZ9xdbwzBgkVPZvBevbtK3%2BhcqtmuPV2RHPeTl5fF%2FU2VBw6nI%2BSLSyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6e1199e32d609125-FRA
expires: 0

POST
H2 200 61e287ee9c35581ab9732f84 Show response
api.sanjagh.com/web/rc/ 2 B
582 B 282ms
95ms XHR
text/plain 185.105.185.162
AADP

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sanjagh.com/web/rc/61e287ee9c35581ab9732f84?t=s
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.105.185.162 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS: maknanet.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: application/json, text/plain, */*
Referer: https://tabdeal.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:43 GMT
server: nginx
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache
access-control-allow-credentials: true
content-length: 2

OPTIONS
H2 200 61e287ee9c35581ab9732f84
api.sanjagh.com/web/rc/ Frame 0
0 325ms
101ms Preflight 185.105.185.162
AADP

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sanjagh.com/web/rc/61e287ee9c35581ab9732f84?t=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.105.185.162 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS: maknanet.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://tabdeal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Pragma
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://tabdeal.org
access-control-max-age: 2592000
cache-control: max-age=2592000,public
pragma: no-cache
server: nginx
date: Mon, 21 Feb 2022 17:12:43 GMT
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/438346452/ 42 B
64 B 60ms
33ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/438346452/?random=1645463562683&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftabdeal.org%2Fwinter-festival%3Futm_source%3Dsms%26utm_medium%3Dpaid%26utm_campaign%3Dtehran-men&tiba=%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%AA%D8%A8%D8%AF%DB%8C%D9%84%20%7C%20%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%A7%D8%B1%D8%B2%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D9%88%20%D9%81%D8%B1%D9%88%D8%B4%20%D8%A7%D8%B1%D8%B2&async=1&fmt=3&is_vtc=1&random=2914020143&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/438346452/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/438346452/?random=1645463562683&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftabdeal.org%2Fwinter-festival%3Futm_source%3Dsms%26utm_medium%3Dpaid%26utm_campaign%3Dtehran-men&tiba=%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%AA%D8%A8%D8%AF%DB%8C%D9%84%20%7C%20%D8%B5%D8%B1%D8%A7%D9%81%DB%8C%20%D8%A7%D8%B1%D8%B2%20%D8%AF%DB%8C%D8%AC%DB%8C%D8%AA%D8%A7%D9%84%20-%20%D8%AE%D8%B1%DB%8C%D8%AF%20%D9%88%20%D9%81%D8%B1%D9%88%D8%B4%20%D8%A7%D8%B1%D8%B2&async=1&fmt=3&is_vtc=1&random=2914020143&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie Show response
plus.sabavision.com/api/dmp/v1/ Frame 5ECF 46 B
333 B 284ms
284ms XHR
application/json 185.147.178.24
SABAIDEA

General

Check archive.org

Show headers Download Go to

Full URL: https://plus.sabavision.com/api/dmp/v1/cookie
Requested by: Host: plus.sabavision.com
URL: https://plus.sabavision.com/dmp/dox/iframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software: nginx /
Resource Hash: 92aa8d005161f8c9533dc8d5492f5d52a67eeb4a41086a39d26f66dda49fb800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plus.sabavision.com/dmp/dox/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-upstream-ct: 0.000
date: Mon, 21 Feb 2022 17:12:43 GMT
x-upstream-ht: 0.254
x-upstream: 0
content-length: 46
server: nginx
content-type: application/json; charset=utf-8

GET
H3 200 / Show response
client.crisp.chat/settings/website/7c73fe4c-92f8-4457-9b9a-49a42a2015c2/ 4 KB
2 KB 34ms
33ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/7c73fe4c-92f8-4457-9b9a-49a42a2015c2/?callback=window.%24crisp.__spool.website_handler&1645034431844

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd49ac1b30321b6c9975b1a3d390fb67efe5f6ded74aa077226a1c8973c8055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4969
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Feb 2022 15:49:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 6e1199e46bee692e-FRA
access-control-allow-headers: Content-Type, Origin
expires: Mon, 21 Feb 2022 21:12:42 GMT

GET
H3 200 fa.js Show response
client.crisp.chat/static/javascripts/locales/ 8 KB
3 KB 159ms
159ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/fa.js?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71c1e4e33b7c1f1c194135421f0343fe851e219db8315e6600f8f492e089279f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27054
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-21e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e1199e49c85692e-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 19 Feb 2032 17:12:43 GMT

GET
H2 200 / Show response
plus.sabavision.com/api/tagmanager/ 349 B
466 B 308ms
308ms XHR
application/json 185.147.178.24
SABAIDEA

General

Check archive.org

Show headers Download Go to

Full URL: https://plus.sabavision.com/api/tagmanager/
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software: nginx /
Resource Hash: e41cf678c0f31f236be7d64046b68a0754cafd4a1502e6545361cd81db3576a1

Request headers

Referer: https://tabdeal.org/
X-Advertiser: 9ed10bf0-843a-488e-8691-1521d0767a49
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-upstream-ct: 0.000
date: Mon, 21 Feb 2022 17:12:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
x-upstream-ht: 0.277
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tabdeal.org
access-control-allow-credentials: true
x-upstream: 0

OPTIONS
H2 204 /
plus.sabavision.com/api/tagmanager/ Frame 0
0 373ms
312ms Preflight
application/octet-stream 185.147.178.24
SABAIDEA

General

Check archive.org

Show headers Download Go to

Full URL: https://plus.sabavision.com/api/tagmanager/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-advertiser
Origin: https://tabdeal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Feb 2022 17:12:43 GMT
content-type: application/octet-stream
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type,X-Advertiser,Authorization
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://tabdeal.org
access-control-max-age: 43200
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
server: nginx
x-upstream-ct: 0.000
x-upstream-ht: 0.280
x-upstream: 0

POST
H3 200 rum Show response
tabdeal.org/cdn-cgi/ 0
163 B 43ms
43ms XHR
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tabdeal.org/cdn-cgi/rum?

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/json

Response headers

date: Mon, 21 Feb 2022 17:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://tabdeal.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6e1199e5bf89904f-FRA
vary: Origin

POST
H2 204 collect Show response
h.clarity.ms/ 0
67 B 355ms
355ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://tabdeal.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://tabdeal.org
date: Mon, 21 Feb 2022 17:12:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 a8e958d7-ecd3-4e8e-8272-bc99162f48f0 Show response
plus.sabavision.com/api/dmp/v1/event/ 597 B
887 B 304ms
303ms XHR
image/jpeg 185.147.178.24
SABAIDEA

General

Check archive.org

Show headers Download Go to

Full URL: https://plus.sabavision.com/api/dmp/v1/event/a8e958d7-ecd3-4e8e-8272-bc99162f48f0
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software: nginx /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Authorization: 7b291ad8-9339-11ec-a531-00505697a10e
Referer: https://tabdeal.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-upstream-ct: 0.000
pragma: no-cache
date: Mon, 21 Feb 2022 17:12:44 GMT
server: nginx
cache-directive: no-cache
vary: Origin
x-upstream-ht: 0.274
content-type: image/jpeg
access-control-allow-origin: https://tabdeal.org
cache-control: no-cache
access-control-allow-credentials: true
pragma-directive: no-cache
x-upstream: 0
content-length: 597
expires: 0

OPTIONS
H2 204 a8e958d7-ecd3-4e8e-8272-bc99162f48f0
plus.sabavision.com/api/dmp/v1/event/ Frame 0
0 307ms
307ms Preflight
application/octet-stream 185.147.178.24
SABAIDEA

General

Check archive.org

Show headers Download Go to

Full URL: https://plus.sabavision.com/api/dmp/v1/event/a8e958d7-ecd3-4e8e-8272-bc99162f48f0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://tabdeal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Feb 2022 17:12:44 GMT
content-type: application/octet-stream
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type,X-Advertiser,Authorization
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://tabdeal.org
access-control-max-age: 43200
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
server: nginx
x-upstream-ct: 0.000
x-upstream-ht: 0.276
x-upstream: 0

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 120ms
120ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://tabdeal.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://tabdeal.org
date: Mon, 21 Feb 2022 17:12:44 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 local-messaging.css
app.najva.com/static/css/ 0
427 B 137ms
24ms Stylesheet
text/css 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://app.najva.com/static/css/local-messaging.css?v=202201021017

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Sotoon /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:46 GMT
x-zrk-cs: HIT
x-zrk-us: 200
x-zrk-sn: frankfurt1
content-length: 0
last-modified: Sun, 13 Jun 2021 15:40:37 GMT
server: Sotoon
etag: "60c626f5-0"
strict-transport-security: max-age=0
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=300
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js Show response
van.najva.com/static/js/scripts/
Redirect Chain

https://app.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017
https://van.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017

180 KB
45 KB

194ms
123ms

Script
application/javascript

185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017

Protocol

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Sotoon /

Resource Hash

5fe2ac550fe9d3c9f073380b1c0ed67651cb7600fb55c8aa59e55c1f028788c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:46 GMT
content-encoding: br
x-zrk-cs: REVALIDATED
x-amz-request-id: tx0000000000000059addee-0062138d28-157070a-default
x-zrk-us: 206
strict-transport-security: max-age=0
x-zrk-sn: frankfurt1
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Thu, 06 Jan 2022 09:43:27 GMT
server: Sotoon
cache-control: public, max-age=300
etag: W/"00e1af730f35d627b4c41440659414b7"
access-control-max-age: 60
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-allow-headers: *

Redirect headers

date: Mon, 21 Feb 2022 17:12:46 GMT
x-zrk-cs: HIT
server: Sotoon
strict-transport-security: max-age=0
content-type: text/html
location: https://van.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017
cache-control: public, max-age=300
x-zrk-us: 301
accept-ranges: bytes
x-zrk-sn: frankfurt1
content-length: 194

GET
H2 200 tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.json Show response
van.najva.com/static/js/scripts/ 3 KB
2 KB 70ms
19ms Fetch
application/json 185.166.104.4
CAFEBAZAAR

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.json?v=2022-02-21T17

Requested by

Host: tabdeal.org
URL: https://tabdeal.org/_nuxt/0fc0741.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.166.104.4 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),

Reverse DNS

Software

Sotoon /

Resource Hash

6b6be29ca3140a8b25b6a14ec1b08bc74204492f4cf1379a68f367cdf350a22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:46 GMT
content-encoding: br
x-zrk-cs: HIT
x-amz-request-id: tx000000000000005a7e1b4-006213c513-14860db-default
x-zrk-us: 206
strict-transport-security: max-age=0
x-zrk-sn: frankfurt1
vary: Accept-Encoding, Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Thu, 06 Jan 2022 09:43:28 GMT
server: Sotoon
cache-control: public, max-age=300
etag: W/"a1ac96adb38c51a5bac2d95872f05f3a"
access-control-max-age: 60
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://tabdeal.org
access-control-expose-headers: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H3 200 complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v4/K2ffEHaH/ 36 KB
12 KB 45ms
45ms Script
application/javascript 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/K2ffEHaH/complete.js?v=2022-02-21T17
Requested by: Host: app.najva.com
URL: https://app.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca553e066eb8da9b51216765f124e2096e4894cb9256f97c41f2715bf0eca43b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:12:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 767
x-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 10:54:24 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"fa40f957fab7b377bec73591d754a5bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKSGRRJplDRtjmWa0gcIP9ed%2FXS3Tmo%2B4c2ZjdFxrKZn%2BD6doqPJI9%2FY%2FEIATtXJW9yrXe5ym6QboghRgmxScvqWg7XCFKbsqUHX0WpNjY4OqoLqeF6b3qLqZHuXJnCFWCXX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
cf-ray: 6e1199fbce9f9125-FRA

GET
H2

200

/
cookie.najva.com/matching/
Redirect Chain

https://ua.yektanet.com/pixel?id=njv-email
https://cookie.najva.com/matching/?yektanet_user_id=3c226fc1-196b1-12f60-090c5-5ecc48e795341&njc=

0
498 B

154ms
46ms

Image
text/plain

217.182.142.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie.najva.com/matching/?yektanet_user_id=3c226fc1-196b1-12f60-090c5-5ecc48e795341&njc=

Protocol

Server

217.182.142.36 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tabdeal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:46 GMT
referrer-policy: same-origin
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
allow: GET, HEAD, OPTIONS
content-length: 0
x-content-type-options: nosniff
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 17:12:46 GMT
cf-cache-status: DYNAMIC
last-modified: Monday, 21-Feb-2022 17:12:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cMbWzSE15ez89q7EqvR9L0xzlPiGwcS%2BNgayilEp2tyvltA5QbD9eR5w1NIKx6%2BNhy7NduB6gqOCHFhmOc6m%2FJTtzx%2BSF226R0KhSzfmlNtEi25EQ5av4BHz7dcQBNIXHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://cookie.najva.com/matching/?yektanet_user_id=3c226fc1-196b1-12f60-090c5-5ecc48e795341&njc=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 6e1199fbdec69125-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tbdl.io/	1969-12-31 23:59:59	Name: BIGipServerlink.tabdealbot.com.app~link.tabdealbot.com_pool Value: 18750124.47873.0000
.tbdl.io/	1969-12-31 23:59:59	Name: TS01eb5eaa Value: 0171a97b61dec77550fde77271a65eee02fc78460e0a1fd23bde9bc1a2b98f1bbbabd7022e1e25d95f0884dd5848bc1f2996406ec4485a5e537e1712d79b666271ec4a6d7b
tabdeal.org/	1969-12-31 23:59:59	Name: auth.strategy Value: local
.yektanet.com/	1970-01-20 01:04:25	Name: __cf_bm Value: i2cv3lCymAULEUa2hUk.CamGAOCvEBmS77Zw20HVfBI-1645463562-0-ASAxMRfvgnUkppNfnBpHWp0qSfMa+F74eJaCRR396j2QUQ+by0PzviAmodGEfEXeRf0DUCcCxsGeXZzH0Ey21GE=
.tabdeal.org/	1970-01-20 01:05:49	Name: _gid Value: GA1.2.1598372671.1645463562
.tabdeal.org/	1970-01-20 01:04:23	Name: _gat_UA-182342470-4 Value: 1
.tabdeal.org/	1970-01-20 18:35:35	Name: _ga Value: GA1.1.1500156969.1645463562
.tabdeal.org/	1970-01-20 03:13:59	Name: _gcl_au Value: 1.1.655656355.1645463562
www.clarity.ms/	1970-01-20 09:49:59	Name: CLID Value: 23fabbf1ea7548d0b4e5cc8a38a7edb3.20220221.20230221
.tabdeal.org/	1970-01-20 09:49:59	Name: analytics_campaign Value: {%22source%22:%22sms%22%2C%22medium%22:%22paid%22%2C%22campaign%22:%22tehran-men%22}
tabdeal.org/	1970-01-20 09:49:59	Name: analytics_token Value: 05126fc4-4cd2-33e5-d53f-661f899972a9
tabdeal.org/	1970-01-20 01:04:25	Name: analytics_session_token Value: 539af0c3-0d17-5eaa-9ebf-d756e86ca3ae
tabdeal.org/	1970-01-20 01:05:49	Name: yektanet_session_last_activity Value: 2/21/2022
tabdeal.org/	1969-12-31 23:59:59	Name: _yngt_iframe Value: 1
.tabdeal.org/	1970-01-20 09:49:59	Name: _hjSessionUser_2694472 Value: eyJpZCI6IjkzMWQ0MDFlLTlhMzMtNWY4OS04ZWY2LWU5ODgyMWQ4YmI0OCIsImNyZWF0ZWQiOjE2NDU0NjM1NjI2NTUsImV4aXN0aW5nIjpmYWxzZX0=
.tabdeal.org/	1970-01-20 01:04:25	Name: _hjFirstSeen Value: 1
tabdeal.org/	1970-01-20 01:04:23	Name: _hjIncludedInSessionSample Value: 0
.tabdeal.org/	1970-01-20 01:04:25	Name: _hjSession_2694472 Value: eyJpZCI6ImRlMDE5MGMxLWJjMTItNGQ2My1iODUxLTQyNWJmOWE2ODAxZiIsImNyZWF0ZWQiOjE2NDU0NjM1NjI2OTcsImluU2FtcGxlIjpmYWxzZX0=
.tabdeal.org/	1970-01-20 01:04:25	Name: _hjAbsoluteSessionInProgress Value: 0
.yektanet.com/	1970-01-23 16:40:23	Name: gearbox_ad_token Value: 3c226fc1-196b1-12f60-090c5-5ecc48e795341
.yektanet.com/	1970-01-23 16:40:23	Name: analytics_global_token Value: 3c226fc1-196b1-12f60-090c5-5ecc48e795341
.doubleclick.net/	1970-01-20 01:04:24	Name: test_cookie Value: CheckForPermission
tabdeal.org/	1970-01-20 01:47:35	Name: _yngt Value: 3c226fc1-196b1-12f60-090c5-5ecc48e795341
.tabdeal.org/	1970-01-20 05:27:11	Name: crisp-client%2Fsession%2F7c73fe4c-92f8-4457-9b9a-49a42a2015c2 Value: session_47a0851a-c174-4b3e-8abc-3f2fa432a8d0
.c.bing.com/	1970-01-20 10:25:59	Name: SRM_B Value: 3177E95D6E986FB301D1F80F6FF36E0F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:25:59	Name: MUID Value: 3177E95D6E986FB301D1F80F6FF36E0F
.c.clarity.ms/	1970-01-20 01:04:24	Name: ANONCHK Value: 0
.plus.sabavision.com/	1970-01-20 02:27:43	Name: sid Value: 7b291ad8-9339-11ec-a531-00505697a10e
.sabavision.com/	1970-01-20 01:47:35	Name: sid Value: 7b291ad8-9339-11ec-a531-00505697a10e
.tabdeal.org/	1970-01-20 09:49:59	Name: _clck Value: 143dztd\|1\|ez6\|0
.tabdeal.org/	1970-01-20 18:35:35	Name: _ga_XG21X11D9E Value: GS1.1.1645463562.1.0.1645463563.0
.tabdeal.org/	1970-01-20 18:35:35	Name: _ga_7PM8D8Q912 Value: GS1.1.1645463562.1.0.1645463563.59
.tavoos.net/	1970-01-20 09:49:59	Name: tavoosuid Value: 6213c80b1a0d0
.tavoos.net/	1970-01-20 09:49:59	Name: _rt Value: 1
.sanjagh.com/	1970-01-20 01:47:35	Name: _r Value: 200
.sanjagh.com/	1970-01-20 01:47:35	Name: _u Value: wFjOrYSmS3y3VjyorjV3pSwF
.sanjagh.com/	1970-01-20 01:47:35	Name: _n Value: 200
tabdeal.org/	1970-01-20 01:04:25	Name: _61e287ee9c35581ab9732f84 Value: true
.tabdeal.org/	1970-01-20 01:05:49	Name: _clsk Value: hhb090\|1645463563587\|1\|1\|h.clarity.ms/collect
cookie.najva.com/	1970-01-20 09:49:59	Name: najva_token Value: 2ce9f55035f24c97b118a4e8e0384343
cookie.najva.com/	1970-01-20 09:49:59	Name: email_cookie_set Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.sanjagh.com
app.najva.com
audience.yektanet.com
c.bing.com
c.clarity.ms
cdn.sanjagh.com
cdn.tavoos.net
cdn.yektanet.com
client.crisp.chat
cookie.najva.com
googleads.g.doubleclick.net
h.clarity.ms
o489718.ingest.sentry.io
plus.sabavision.com
script.hotjar.com
sniper.tavoos.net
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
tabdeal.org
tbdl.io
ua.yektanet.com
van.najva.com
vars.hotjar.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
109.206.255.46
178.216.251.178
18.66.139.40
18.66.97.10
185.105.185.162
185.147.162.21
185.147.178.24
185.166.104.4
188.114.97.7
216.58.212.162
217.182.142.36
2606:4700:3033::6815:29f0
2606:4700::6810:5f41
2606:4700::6812:1c5b
2620:1ec:27::cafe:1377
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9a
2a06:98c1:3120::7
34.120.195.249
52.142.114.2
52.222.236.74
52.224.31.34
01dfdc130cd3e3b7ed01572613ea6552ab9819ca803c688076f850d06aa627a0
0788bc490dca49b1eb2d8d9d048e365432486b4bdcebca9343e20adccee41e39
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
091d71dbcd9e7a71782b3d8aef33460d90163a25d2f769082ea6f49187584e8d
0b6204effd2d0d3abfff8bc94d24c0f759af51bc1bf10689970d3d4b9d64d53a
13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f
16e9a5f57bb1c1b083f14948e9e16ca2f8aa41e4ce7fcebd0c47703c9d0c803e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2897540a30a42c67a5a288f0dd0724a4bb03ecb53873c5146e19b3ba04599785
34a3b30d3bca509c980fddbfd28ef11ca18106f605cdc44e8a82de387fbce1f4
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
3dd4c8d908872c745e745385a7421a0ec36e2a74dafd4a8016c638fcc9167b77
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47dcd0765922a10bb0d997d4b853fb66c369a76bb0f091dd4167db2c84f62d2e
48b5a69ef0d31bd00970a0c27c81b8f1a1081de54cc62caa0d8535d315eda2bd
4c828ef740a9e5a1a35b013fe85a3030a746dda24b09f872494130d8a278a32a
50a2b35361768a440b40b723b75c32ff89f79009d288532bb5e6c8cd27953d76
51499dee81f4c877020cf7826779c181dcf936e1604b471e99d13ac0889435cc
5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82
5e8559023c88d8bd7c7c91c55f05d89620c836c37cf7a49f33212b966efed2ff
5fe2ac550fe9d3c9f073380b1c0ed67651cb7600fb55c8aa59e55c1f028788c4
64753d2c2fbc6ae6f1adbf3a984d1b44583de5ccd58574bb921c1d45f365d3d0
6b6be29ca3140a8b25b6a14ec1b08bc74204492f4cf1379a68f367cdf350a22a
6dd49ac1b30321b6c9975b1a3d390fb67efe5f6ded74aa077226a1c8973c8055
71c1e4e33b7c1f1c194135421f0343fe851e219db8315e6600f8f492e089279f
7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1
7f4afb4979549d71973eba802ed23e3b243f073e94854b05a36391672cbc9931
83f5dd75c25836b1622863c5270a4567ac18ba53c9d95f763d1067a9cd2a1cc6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a269cb8a92b9aeadb869c45ba267e8ed1561dc1b274ff2ecb07dd578acabcb7
8b1b098005b653092b8b3d6e3bd02e5b30625362d5fe8352daf5ca87a3c4748d
8d1e13f6b391b4195fd8cdd61c4ef94865f0821681225d655b0f0a5bfaacee18
8d858d95fe8f5404e5d93f0116f465dfac6f7e56db08255b4957bc8adcb57bb5
9021fba3573af072e9bc4cf93b63b2f6b26023fa2a2a97d427e09c9cbfc0f6b2
92aa8d005161f8c9533dc8d5492f5d52a67eeb4a41086a39d26f66dda49fb800
9411ba68f63d20eb78a8f533be084e3bda7bfc4937a91b1527ff075d12b6f80e
991b112bd0495cc6f0f820dbd40a108b3d5f8166e5c34c4a7af35aff25791d4c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b25c7173faa60129b7581c3737d7b100d964d6f294b05c5d554bf7990bd61ba
9f80e4b984e0e4f743bce20837bc945ef558583f12c671617c329f89af1e854e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a632dc684383a269349fee1d320cba350a64be6616f1863c615158072d073fe2
aa0fc523f6e3e1072bb95e326a4f2c0b835e4de36fdbb59b8b77e3a965a50e6d
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
baea914dc241fed474e3b6fcf9191ad39538ceee0b05f698a41d414fffadd8ee
c95f2e27c0d29ddf395d39259949a2fb0943900c2834fd2ef90147caced84d5c
ca553e066eb8da9b51216765f124e2096e4894cb9256f97c41f2715bf0eca43b
d263125b7f56d2fbc0573e75a93af8014032a03bbbee3ba0a81c2ecf5c0a3c89
d84534f7a3584eef30c98a26f9c3bd4a381715aa22c78191b1bfe69fbffd16b5
d8ec49de9c004f18b228d28027b6f25dd854da6aa5f9b901777e593c59371ea7
d9b253707ca27aa8bc2eb51ceeb7bd78adca7fcdcf54ab2fe3ae86173e7d63fa
de17569e01fa18f28176ab5b2e973a146bb50b01d2031fec25a494ee0d8586f3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debb7401a8c66e83a04940640a4210f2cd6c70b82bf3dfbd2c9695421c64e9cf
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41cf678c0f31f236be7d64046b68a0754cafd4a1502e6545361cd81db3576a1
e8e6dbf4b3e7bd3961d7f4890ae4737196de5a66b39c6edbbfee65bf07dbad3c
eacf84a52b5b66739a5366c451a4472413e4eb6304d063ba83a1ae1902497870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f043b149412a58d7703923ee611976a9fa48bca2bf3ccb5f8869999e278df700
f6a9b0bc3d1611d74cae4ae1fd57ed165593403fe787e00d68e572a9fc695404
f8d61fa1ee0a23f68a0322d69d7c67263f9e0b3786015752b4daf5fb4f21bf9d
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe65f879590f8a096a37f94c751f1237a9e263ec0a43940c2c43fe57738c35fe

tabdeal.org Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

96 %HTTPS

46 %IPv6

19 Domains

31 Subdomains

26 IPs

7 Countries

1434 kBTransfer

5239 kBSize

42 Cookies

1 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tabdeal.org Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

96 %
HTTPS

46 %
IPv6

19
Domains

31
Subdomains

26
IPs

7
Countries

1434 kB
Transfer

5239 kB
Size

42
Cookies

83 HTTP transactions
0 data transactions