urlscan.io logo urlscan.io
SecurityTrails logo

pay.ir Open in urlscan Pro
185.255.69.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://irservice.site/
Effective URL: https://pay.ir/
Submission: On October 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 29 HTTP transactions. The main IP is 185.255.69.3, located in Armenia and belongs to REGIKA, AM. The main domain is pay.ir.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on December 28th 2020. Valid for: a year.
This is the only time pay.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 185.255.69.3 203739 (REGIKA)
23 185.255.69.11 203739 (REGIKA)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 5
1    2606:4700:3037::ac43:de26 (United States)

ASN13335 (CLOUDFLARENET, US)
irservice.site
2    185.255.69.3 (Armenia)

ASN203739 (REGIKA, AM)
pay.ir
23    185.255.69.11 (Armenia)

ASN203739 (REGIKA, AM)
cdn.pay.ir
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
23 cdn.pay.ir pay.ir
cdn.pay.ir
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pay.ir pay.ir
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com pay.ir
1 irservice.site 1 redirects
29 6

This site contains links to these domains. Also see Links.

Domain
www.pay.ir
docs.pay.ir
github.com
blog.pay.ir
t.me
instagram.com
linkedin.com
Subject Issuer Validity Valid
*.pay.ir
Certum Domain Validation CA SHA2		 2020-12-28 -
2021-12-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://pay.ir/
Frame ID: 12B45DFE4F9F1808D8563817071F1018
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

شبکه پرداخت پی ، ارسال و دریافت آنلاین پول

Page URL History Show full URLs

  1. https://irservice.site/ HTTP 301
    https://pay.ir/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

888 kB
Transfer

967 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://irservice.site/ HTTP 301
    https://pay.ir/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.ir/
Redirect Chain
  • https://irservice.site/
  • https://pay.ir/
24 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.255.69.3 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
Apache/2.4.37 (centos) / PHP/7.4.18
Resource Hash
e81bebaf082331754db82cffcb2ef178cf9c0750c83aa0216e2ef119b629a5a8

Request headers

Host
pay.ir
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 10 Oct 2021 00:23:56 GMT
Server
Apache/2.4.37 (centos)
X-Powered-By
PHP/7.4.18
Cache-Control
no-cache, private
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

date
Sun, 10 Oct 2021 00:23:55 GMT
cache-control
max-age=3600
expires
Sun, 10 Oct 2021 01:23:55 GMT
location
https://pay.ir
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZcMLkbGrgSgA0%2FsqZWEvOlVez1GLlx5NHZZw23khIhpOtwCTrCwxV7rtvDmM3UnKuezPIdPGUAFPhKG%2BH5SESi95O6uKri9h91e0ffUCiMOwdDvQ5VCPrJYPRuuk5fTnBh2LP3oXJtqwlV4lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
69bbb3ed58c65c80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
home.css
cdn.pay.ir/css/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pay.ir/css/home.css
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
1fe8c0f2c8c8795b59e5d91e24433668acfd3b96e04df1d09c85f751978c57ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-9614"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38420
pay.png
pay.ir/images/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.ir/images/pay.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.255.69.3 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
Apache/2.4.37 (centos) /
Resource Hash
2023fbeace2ce745fbee29ece0a9827d838a33eb89ad6148e8abb3ce5f95ce90

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.ir
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://pay.ir/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:56 GMT
Last-Modified
Tue, 02 Jun 2020 20:22:13 GMT
Server
Apache/2.4.37 (centos)
ETag
"17e96-5a71faabcf9d9"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
97942
shahrzad.png
cdn.pay.ir/images/merchant/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/shahrzad.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
9f2d768ebaf0c9f5a3c180dd6c7d1bd86b2a8bd6eee13defd4b9048c2818873b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-20bc"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8380
respina.png
cdn.pay.ir/images/merchant/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/respina.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
bbb30fbfe803554535316db560cc4d54fe3664f5b0fe4978f543428324eed1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-1ddd"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7645
okcs.png
cdn.pay.ir/images/merchant/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/okcs.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
751cc771c065257165fd186f6be50f7a5f329ffeb40d777c0203835215cb9433

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-1bb4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7092
espard.png
cdn.pay.ir/images/merchant/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/espard.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
c510489bdea95049921deae9a6faa5d5463c1e75d3d16014e6e6dc4b6ac97893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-117a"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4474
saman.png
cdn.pay.ir/images/merchant/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/saman.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
eef259e7f55f321504a4909a6eee0f18c3584724d329706fe55be44e5fc4f94c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-368b"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13963
eghamat24.png
cdn.pay.ir/images/merchant/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/eghamat24.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
732cf1660478a1616b2f98050aa45c3133dad87498ae93200b2fa59d4b13a895

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-10b6"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4278
parseh.png
cdn.pay.ir/images/merchant/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/parseh.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
0019544e9402ae4131d71ad52fbc7ccf57b900aeb3ff20336bf3378bda9819b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-1411"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5137
ponisha.png
cdn.pay.ir/images/merchant/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/merchant/ponisha.png
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
2933fcbf947fb4a6916803d64a16b9e7b4c6489c61a59a0b1b6738b86411bf02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-11e4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4580
home.js
cdn.pay.ir/js/ 		463 KB
463 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pay.ir/js/home.js
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
0063f58fc044a9b3012c9c3493af2ebbfedd1ea06eca14d5d43aacc53b1f82f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 06 Jun 2019 11:57:58 GMT
Server
nginx/1.15.12
ETag
"5cf8ffc6-73bd4"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
474068
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-84410227-1
Requested by
Host: pay.ir
URL: https://pay.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59eae896cc3e2e516762c3f8401ecef55dc24f2b8493b8411c44778245ed1778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 00:23:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39157
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Oct 2021 00:23:56 GMT
caret-down.svg
cdn.pay.ir/images/ 		556 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/caret-down.svg?ea6e0bcd4c8349ff88a16ed066538047
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
2afb14cd55a37339619d5d4bd4abdfdca477228e16d7bb6ea53afb589981b75a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-22c"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
556
logo.png
cdn.pay.ir/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/logo.png?a295175987a6389de6200713b2967e40
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
3cc1bd900dd1793aed978251484606d3434e36023fa1ddeff30195970949f926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-56be"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22206
wizard-gateway.png
cdn.pay.ir/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/wizard-gateway.png?60f73dcf6faef8c1416ade6756f8773d
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
14dbb5fb7f0a0ef7615235c8a2845a858de09d694a8b986fed05ed44d906a5c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-332b"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13099
wizard-document.png
cdn.pay.ir/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/wizard-document.png?b3cced7114e2091d6fef2b061b7f75a5
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
a832b0efe93a285efb9271516fde70150452078110a179b4e3ccf3518a5ce2da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-2fa0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12192
wizard-register.png
cdn.pay.ir/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/wizard-register.png?fc88cb9e227ed384ff7a5d46bbbcfad7
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
10bfc0bddc0b328cac8ed8314e175c9ff3dc75cc74fbd573296f7abdf03a9147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-6f08"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28424
quote-right.svg
cdn.pay.ir/images/ 		677 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/quote-right.svg?2e8e31a27821c43abf98e2fec21a7d54
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
4d0a023791439ae86c4d9ae8ef828db2ee04ee412675d6b408e9599b1f56af03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-2a5"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
677
quote-left.svg
cdn.pay.ir/images/ 		676 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/quote-left.svg?377703d8e8305ef3878d5375107add99
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
34373e73793865dadf2be7f6d2fcfe31d88ba1430d55dd7ca9edfe4c6bab5568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-2a4"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
676
circle.svg
cdn.pay.ir/images/ 		504 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/circle.svg?a5dbbb47891ccb79b2039d2d8b3b076a
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
553fbbd2ea2b4687529bae8c8f531f9649f84e601901a7b9f04a1cc9719d4896

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-1f8"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
telegram.svg
cdn.pay.ir/images/ 		685 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/telegram.svg?ee1f1817a6a1ea007f98fda27ef7dadb
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
902e19c2a727634d31e449a1ed133a3691df3b9a8e68996353b624be63e6648a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-2ad"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
685
instagram.svg
cdn.pay.ir/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/instagram.svg?62d59f116a787fe42a52cd3e98ef58a9
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
bb4f57eaee7fbbce004ba3847730edf7d9813e08740b171665303774ef79bd74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-59d"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1437
linkedin-in.svg
cdn.pay.ir/images/ 		738 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pay.ir/images/linkedin-in.svg?a056d53399cb5c0186426f642ab568d2
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
305a695f964f64894e04e0eaecd241b18e2a48e136843870441b911b3879c09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pay.ir/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-2e2"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
738
iransans-fa.woff
cdn.pay.ir/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.pay.ir/fonts/iransans-fa.woff?d4bb655d07591559e417030519d6fa20
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
c49c3a7b3b6a6238cf5009c0f7f1646fd259e71c1f599537d76c0dcdab59d061

Request headers

Referer
https://cdn.pay.ir/css/home.css
Origin
https://pay.ir
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-8959"
Content-Type
font/woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35161
iransans-fa-bold.woff
cdn.pay.ir/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.pay.ir/fonts/iransans-fa-bold.woff?6ed6ddfe60d741b22e0e8ba1cb6797fb
Requested by
Host: cdn.pay.ir
URL: https://cdn.pay.ir/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.255.69.11 , Armenia, ASN203739 (REGIKA, AM),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
71891a73914123f5565598314dff5c6b387e406592af8aa90a8a4924ed7fa6ec

Request headers

Referer
https://cdn.pay.ir/css/home.css
Origin
https://pay.ir
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 00:23:57 GMT
Last-Modified
Thu, 16 May 2019 10:50:59 GMT
Server
nginx/1.15.12
ETag
"5cdd4093-8781"
Content-Type
font/woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34689
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84410227-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5821
date
Sat, 09 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 10 Oct 2021 00:46:57 GMT
collect
www.google-analytics.com/j/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1157908082&t=pageview&_s=1&dl=https%3A%2F%2Fpay.ir%2F&ul=en-us&de=UTF-8&dt=%D8%B4%D8%A8%DA%A9%D9%87%20%D9%BE%D8%B1%D8%AF%D8%A7%D8%AE%D8%AA%20%D9%BE%DB%8C%20%D8%8C%20%D8%A7%D8%B1%D8%B3%D8%A7%D9%84%20%D9%88%20%D8%AF%D8%B1%DB%8C%D8%A7%D9%81%D8%AA%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86%20%D9%BE%D9%88%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=155953593&gjid=750721986&cid=1652912451.1633825438&tid=UA-84410227-1&_gid=519442579.1633825438&_r=1&gtm=2oua60&z=1888369364
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.ir/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 00:23:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-84410227-1&cid=1652912451.1633825438&jid=155953593&gjid=750721986&_gid=519442579.1633825438&_u=YEBAAUAAAAAAAC~&z=1884329642
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.ir/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 10 Oct 2021 00:23:58 GMT
content-type
text/plain
access-control-allow-origin
https://pay.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| jQuery function| $ object| toastr function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.pay.ir/ Name: _ga
Value: GA1.2.1652912451.1633825438
.pay.ir/ Name: _gid
Value: GA1.2.519442579.1633825438
.pay.ir/ Name: _gat_gtag_UA_84410227_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pay.ir
irservice.site
pay.ir
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
185.255.69.11
185.255.69.3
2606:4700:3037::ac43:de26
2a00:1450:4001:811::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9b
0019544e9402ae4131d71ad52fbc7ccf57b900aeb3ff20336bf3378bda9819b1
0063f58fc044a9b3012c9c3493af2ebbfedd1ea06eca14d5d43aacc53b1f82f1
10bfc0bddc0b328cac8ed8314e175c9ff3dc75cc74fbd573296f7abdf03a9147
14dbb5fb7f0a0ef7615235c8a2845a858de09d694a8b986fed05ed44d906a5c0
1fe8c0f2c8c8795b59e5d91e24433668acfd3b96e04df1d09c85f751978c57ca
2023fbeace2ce745fbee29ece0a9827d838a33eb89ad6148e8abb3ce5f95ce90
2933fcbf947fb4a6916803d64a16b9e7b4c6489c61a59a0b1b6738b86411bf02
2afb14cd55a37339619d5d4bd4abdfdca477228e16d7bb6ea53afb589981b75a
305a695f964f64894e04e0eaecd241b18e2a48e136843870441b911b3879c09f
34373e73793865dadf2be7f6d2fcfe31d88ba1430d55dd7ca9edfe4c6bab5568
3cc1bd900dd1793aed978251484606d3434e36023fa1ddeff30195970949f926
4d0a023791439ae86c4d9ae8ef828db2ee04ee412675d6b408e9599b1f56af03
553fbbd2ea2b4687529bae8c8f531f9649f84e601901a7b9f04a1cc9719d4896
59eae896cc3e2e516762c3f8401ecef55dc24f2b8493b8411c44778245ed1778
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71891a73914123f5565598314dff5c6b387e406592af8aa90a8a4924ed7fa6ec
732cf1660478a1616b2f98050aa45c3133dad87498ae93200b2fa59d4b13a895
751cc771c065257165fd186f6be50f7a5f329ffeb40d777c0203835215cb9433
902e19c2a727634d31e449a1ed133a3691df3b9a8e68996353b624be63e6648a
9f2d768ebaf0c9f5a3c180dd6c7d1bd86b2a8bd6eee13defd4b9048c2818873b
a832b0efe93a285efb9271516fde70150452078110a179b4e3ccf3518a5ce2da
bb4f57eaee7fbbce004ba3847730edf7d9813e08740b171665303774ef79bd74
bbb30fbfe803554535316db560cc4d54fe3664f5b0fe4978f543428324eed1f3
c49c3a7b3b6a6238cf5009c0f7f1646fd259e71c1f599537d76c0dcdab59d061
c510489bdea95049921deae9a6faa5d5463c1e75d3d16014e6e6dc4b6ac97893
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e81bebaf082331754db82cffcb2ef178cf9c0750c83aa0216e2ef119b629a5a8
eef259e7f55f321504a4909a6eee0f18c3584724d329706fe55be44e5fc4f94c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62