dr-user.com Open in urlscan Pro
158.58.187.182  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dr-user.com/	15 KB 4 KB	1216ms 463ms	Document text/html	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 509bdb601d8219799408fe93a60763b6af883a07b0b16ddb5e02fe0c561bf58c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=utf-8 date Fri, 23 Aug 2024 07:00:31 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache vary Accept-Encoding
GET H2	200	jquery-2.1.1.min.js Show response dr-user.com/catalog/view/javascript/jquery/	82 KB 28 KB	595ms 475ms	Script application/javascript	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 28763 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	bootstrap.min-rtl.css dr-user.com/catalog/view/javascript/bootstrap/css/	115 KB 18 KB	262ms 143ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/bootstrap/css/bootstrap.min-rtl.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash a9ab4ed328c86e0bf3743984cf5171815ae163e265eff5bbe1ea5cd9d9a69ba0 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Mon, 11 May 2020 21:05:28 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 17838 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	stylesheet-rtl.css dr-user.com/catalog/view/theme/default/stylesheet/	31 KB 5 KB	424ms 305ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/theme/default/stylesheet/stylesheet-rtl.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 8b4d3b884c61a20adfb088679d8f2a05e0a8b6c5b48d8ad06714cfef9d1f6a1f Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Thu, 27 Aug 2020 21:42:40 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 4970 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	news.css dr-user.com/catalog/view/theme/default/stylesheet/	236 B 146 B	418ms 299ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/theme/default/stylesheet/news.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash b2760199f0d3e457807f7a03433caf55b8a30e161ee8c82115ec69301920de84 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 92 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	bootstrap.min.js Show response dr-user.com/catalog/view/javascript/bootstrap/js/	35 KB 9 KB	597ms 479ms	Script application/javascript	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 9059 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	font-awesome.min-rtl.css dr-user.com/catalog/view/javascript/font-awesome/css/	20 KB 4 KB	424ms 306ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/font-awesome/css/font-awesome.min-rtl.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash b9c18fd0a945cbbd188f827e5a73589ce51573a656a855badf84d85edca6dba2 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 4397 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	slideshow.css dr-user.com/catalog/view/theme/default/stylesheet/	3 KB 874 B	394ms 298ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/theme/default/stylesheet/slideshow.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 9fd1b41dc28d84e28d726a443f2ac9d49458505204acc304827ee94c4361044a Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 842 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	jquery-1.7.1.min.js Show response dr-user.com/catalog/view/javascript/jquery/	92 KB 31 KB	902ms 807ms	Script application/javascript	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/jquery/jquery-1.7.1.min.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 32005 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	jquery-ui-1.8.16.custom.min.js Show response dr-user.com/catalog/view/javascript/jquery/ui/	228 KB 54 KB	919ms 824ms	Script application/javascript	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/jquery/ui/jquery-ui-1.8.16.custom.min.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 75f5fd699859ff777c2664890239e7dd2b0c7b392b963583353d0f33271cde14 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 55613 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	jquery-ui-1.8.16.custom.css dr-user.com/catalog/view/javascript/jquery/ui/themes/ui-lightness/	33 KB 6 KB	392ms 299ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/jquery/ui/themes/ui-lightness/jquery-ui-1.8.16.custom.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 3de887620a032406c344db9b4818c963ceb233bb12691386f729cbccd5022c19 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 5735 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	common.js Show response dr-user.com/catalog/view/javascript/	5 KB 1 KB	868ms 775ms	Script application/javascript	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/common.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 138bfb9000c0a06a08103c256c7f668d89dfb78599c60ec20f6cb9791af9004c Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 1266 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	jquery.nivo.slider.pack.js Show response dr-user.com/catalog/view/javascript/jquery/nivo-slider/	11 KB 3 KB	865ms 772ms	Script application/javascript	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/jquery/nivo-slider/jquery.nivo.slider.pack.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 69918699ac6458305658d6da27689866999986fc6b72f71d44d480328a1866db Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 2810 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	owl.carousel.css dr-user.com/catalog/view/javascript/jquery/owl-carousel/	3 KB 818 B	566ms 474ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/jquery/owl-carousel/owl.carousel.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 3011e23a0c5005bcc66c091dbf07490f16f05758ee08e73cea36ef10d1f85b71 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 786 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	owl.carousel.min.js Show response dr-user.com/catalog/view/javascript/jquery/owl-carousel/	22 KB 6 KB	906ms 814ms	Script application/javascript	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/jquery/owl-carousel/owl.carousel.min.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash bdfe1b9bed7fd0fe71122ff6ed06c74184342c50ce96e494bf3403ee609ab486 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Sun, 29 Mar 2020 09:16:55 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 6274 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	usb54irproject.css dr-user.com/catalog/view/theme/default/stylesheet/	10 KB 2 KB	566ms 475ms	Stylesheet text/css	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/theme/default/stylesheet/usb54irproject.css Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 037cb786fa9e4d3aecbe6268ec64242789417fdf251c61aef73290a7202164d1 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT content-encoding br last-modified Tue, 12 May 2020 08:05:36 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 2296 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H2	200	logo.png dr-user.com/image/data/	8 KB 9 KB	569ms 479ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/logo.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash d58d675e3c9b6aa3d09b6e780d535381d0c79325fabb798bfb234d050f45d7b3 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:32 GMT date Fri, 23 Aug 2024 07:00:32 GMT cache-control public, max-age=604800 last-modified Mon, 11 May 2020 20:17:53 GMT accept-ranges bytes content-length 8653 content-type image/png
GET		logo.aspx trustseal.enamad.ir/	0 0
GET H3	200	banner-appleid-7-980x250.png dr-user.com/image/cache/data/	33 KB 34 KB	425ms 418ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/cache/data/banner-appleid-7-980x250.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash b86eb0564cb5f3880a3d7375ff35350cd46c1c1e92b54d56e444e73983f719e0 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:32 GMT last-modified Fri, 16 Dec 2022 19:37:10 GMT content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 34227 expires Fri, 30 Aug 2024 07:00:32 GMT
GET H3	200	amade-53-229x104.png dr-user.com/image/cache/data/cards/appleid/	21 KB 21 KB	171ms 170ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/cache/data/cards/appleid/amade-53-229x104.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash bd935274a400e905919ded8274255d25b8b2e94edff4c3a7202ba662dec2f94b Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Wed, 20 Mar 2024 19:32:18 GMT accept-ranges bytes content-length 21854 content-type image/png
GET H3	200	delkhah-75-229x104.png dr-user.com/image/cache/data/cards/appleid/	7 KB 7 KB	196ms 194ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/cache/data/cards/appleid/delkhah-75-229x104.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 5b3cab23254e6fbd714b66ee14d9341bff8aca5023224196c4c3d0c8ae0c2425 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Wed, 20 Mar 2024 19:32:18 GMT accept-ranges bytes content-length 6708 content-type image/png
GET H3	200	10taie-530-229x104.png dr-user.com/image/cache/data/cards/appleid/	7 KB 7 KB	274ms 271ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/cache/data/cards/appleid/10taie-530-229x104.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash bddc7e78dc56ce3f7d02059b59213c4c9831f19fd0de6423abbe90219ebe719e Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Wed, 20 Mar 2024 19:31:59 GMT accept-ranges bytes content-length 6833 content-type image/png
GET H3	200	karti-990-229x104.png dr-user.com/image/cache/data/cards/appleid/	7 KB 7 KB	275ms 272ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/cache/data/cards/appleid/karti-990-229x104.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 9c71fb8656354f28d3ae6c09ea8b9f0cafff4d1df4bb1702573714c4cf0b28c0 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Wed, 20 Mar 2024 19:32:18 GMT accept-ranges bytes content-length 6920 content-type image/png
GET		logo.aspx trustseal.enamad.ir/	0 0
GET H3	200	appleid-learn1.png dr-user.com/image/data/Buttons/appleid/	2 KB 2 KB	228ms 225ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/Buttons/appleid/appleid-learn1.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 71ce1937ea7da5882f49834c3fc59720a4ee4ca18667b232f60401443f6e0841 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 19:10:49 GMT accept-ranges bytes content-length 1937 content-type image/png
GET H3	200	appleid-learn2.png dr-user.com/image/data/Buttons/appleid/	2 KB 2 KB	230ms 227ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/Buttons/appleid/appleid-learn2.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash bc7864e3e008e0e662472a8948e9620aa2eb10085e8a81e47f22f3cf409218d2 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 19:11:13 GMT accept-ranges bytes content-length 1922 content-type image/png
GET H3	200	appleid-learn3.png dr-user.com/image/data/Buttons/appleid/	2 KB 2 KB	238ms 235ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/Buttons/appleid/appleid-learn3.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 7085b95fe845a403ed58824e7d9775e2ea705f0bee96034acebbb230c7644018 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 19:11:34 GMT accept-ranges bytes content-length 1808 content-type image/png
GET H3	200	appleid-learn4.png dr-user.com/image/data/Buttons/appleid/	2 KB 2 KB	231ms 228ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/Buttons/appleid/appleid-learn4.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash b60f8da8309cc04c466533a2e701bfb22e4f3724d3be5dfe14b302a23d3a0f0f Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 19:11:59 GMT accept-ranges bytes content-length 1920 content-type image/png
GET H3	200	appleid-learn5.png dr-user.com/image/data/Buttons/appleid/	2 KB 2 KB	232ms 229ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/Buttons/appleid/appleid-learn5.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 051849cefca9410dfed4d5c2a08d9af5abf87c7772fde6473a5a24300e7cb7bd Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 19:12:16 GMT accept-ranges bytes content-length 1944 content-type image/png
GET H3	200	m15.gif dr-user.com/image/data/Buttons/appleid/	3 KB 4 KB	234ms 231ms	Image image/gif	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/Buttons/appleid/m15.gif Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash bb3870b8f2ee4173064e93b4f5e1bbdc2a37e7ff5522bd26afcfbd85321db687 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Sun, 12 Aug 2018 17:34:40 GMT accept-ranges bytes content-length 3575 content-type image/gif
GET H3	200	mobile-support.png dr-user.com/image/data/	2 KB 2 KB	235ms 232ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/mobile-support.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash cb110be5561cea48e05d5c06fe3ac4c9d0b1a0aca1ed16a2fcdb61324dbe14fa Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 15:32:22 GMT accept-ranges bytes content-length 2279 content-type image/png
GET H3	200	email-support.png dr-user.com/image/data/	2 KB 2 KB	236ms 233ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/email-support.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 7d1de7e50c5982860ac87881939077608809a1c2ed42ac96dd9efbe6d71c5054 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 15:54:01 GMT accept-ranges bytes content-length 2160 content-type image/png
GET H3	200	support-telegram.png dr-user.com/image/data/	2 KB 2 KB	215ms 212ms	Image image/png	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/image/data/support-telegram.png Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash a0a03715d79586c6efa17da30e3d9a15fd4aec2a933774d27aaa24eda4237054 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 30 Aug 2024 07:00:33 GMT date Fri, 23 Aug 2024 07:00:33 GMT cache-control public, max-age=604800 last-modified Thu, 27 Aug 2020 20:39:52 GMT accept-ranges bytes content-length 1646 content-type image/png
GET H2	200	js Show response www.googletagmanager.com/gtag/	210 KB 76 KB	195ms 80ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-108436592-1 Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8b2650cb91e8a37cb023271f705c2ddfca57a83e326ebf20a81f9f6b096b5852 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:33 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77146 x-xss-protection 0 last-modified Fri, 23 Aug 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 23 Aug 2024 07:00:33 GMT
GET H3	200	l.js Show response client.crisp.chat/	8 KB 3 KB	225ms 118ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/l.js Requested by Host: dr-user.com URL: https://dr-user.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 553cd8f952f4c52e0277ddc61ab56529bb91375db888a9d806b5b051406d94ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 73416 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 24 Aug 2023 11:12:52 GMT server cloudflare etag W/"64e73b34-21a6" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 access-control-allow-credentials false vary Accept-Encoding cf-ray 8b7939ed3e2962ef-HAM access-control-allow-headers Content-Type, Origin expires Sat, 24 Aug 2024 07:00:33 GMT
GET H3	200	fntnormal.woff dr-user.com/catalog/view/theme/default/fonts/	47 KB 47 KB	215ms 214ms	Font font/woff	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/theme/default/fonts/fntnormal.woff Requested by Host: dr-user.com URL: https://dr-user.com/catalog/view/theme/default/stylesheet/usb54irproject.css Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 1c81613b8001740ddf133d48e2ed3032977b3240c5df163dcaa00d1ab9883ed6 Request headers Referer https://dr-user.com/catalog/view/theme/default/stylesheet/usb54irproject.css Origin https://dr-user.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:33 GMT last-modified Sun, 03 May 2020 11:58:14 GMT content-type font/woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 47636 expires Fri, 30 Aug 2024 07:00:33 GMT
GET H3	200	fontawesome-webfont.woff dr-user.com/catalog/view/javascript/font-awesome/fonts/	82 KB 82 KB	217ms 215ms	Font font/woff	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Full URL https://dr-user.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff?v=4.1.0 Requested by Host: dr-user.com URL: https://dr-user.com/catalog/view/javascript/font-awesome/css/font-awesome.min-rtl.css Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31 Request headers Referer https://dr-user.com/catalog/view/javascript/font-awesome/css/font-awesome.min-rtl.css Origin https://dr-user.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:33 GMT last-modified Sun, 29 Mar 2020 09:16:55 GMT content-type font/woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 83760 expires Fri, 30 Aug 2024 07:00:33 GMT
GET H3	404	background.png dr-user.com/catalog/view/theme/default/image/	708 B 708 B	444ms 421ms	Image text/html	158.58.187.182 FARASOSAMANEHPASA...
General Check archive.org Show headers Download Go to Show image Full URL https://dr-user.com/catalog/view/theme/default/image/background.png Requested by Host: dr-user.com URL: https://dr-user.com/catalog/view/theme/default/stylesheet/stylesheet-rtl.css Protocol H3 Security QUIC, , AES_128_GCM Server 158.58.187.182 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR), Reverse DNS cms610.hostnegar.com Software / Resource Hash 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Request headers Referer https://dr-user.com/catalog/view/theme/default/stylesheet/stylesheet-rtl.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 23 Aug 2024 07:00:33 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 708 content-type text/html
GET H3	200	client.js Show response client.crisp.chat/static/javascripts/	369 KB 95 KB	200ms 156ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/client.js?8fb6de8 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ece4aa457fdf07f0cad70e859b49a3148b63faaf4c059883be8f4b9c4cd362b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 73411 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 24 Aug 2023 11:12:52 GMT server cloudflare etag W/"64e73b34-5c23c" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 8b7939eea81862ef-HAM access-control-allow-headers Content-Type, Origin expires Mon, 21 Aug 2034 07:00:33 GMT
GET H3	200	client_default.css client.crisp.chat/static/stylesheets/	113 KB 14 KB	165ms 121ms	Stylesheet text/css	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/stylesheets/client_default.css?8fb6de8 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8de7403862b9eafa92d758b745b35ca96b24db4c46ccdb73c2e77c937b7e906 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 73415 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Wed, 14 Aug 2024 10:35:20 GMT server cloudflare etag W/"66bc8868-1c503" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 8b7939eea81b62ef-HAM access-control-allow-headers Content-Type, Origin expires Mon, 21 Aug 2034 07:00:33 GMT
GET H3	200	/ Show response client.crisp.chat/settings/website/1c57c7a4-e681-4509-b94c-34e223c0ee72/prelude/	222 B 510 B	194ms 178ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/1c57c7a4-e681-4509-b94c-34e223c0ee72/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-7-23-9-0 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?8fb6de8 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 427915666113338996bf4fc6e3f0f6449722d4573ef8c25e386ddf235fea0414 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Fri, 23 Aug 2024 07:00:34 GMT server cloudflare access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 access-control-allow-credentials false vary Accept-Encoding cf-ray 8b7939f1fdab62ef-HAM access-control-allow-headers Content-Type, Origin expires Fri, 23 Aug 2024 11:00:34 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	251 KB 89 KB	139ms 137ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-N21N47D9FS&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-108436592-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash aee545c122b19814b8cd73098798a41c18b29e9e55220c19976fc68d1ea92f96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:34 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90792 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 23 Aug 2024 07:00:34 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	372ms 68ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-108436592-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 23 Aug 2024 06:40:40 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1194 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 23 Aug 2024 08:40:40 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	434ms 94ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-N21N47D9FS&gtm=45je48l0v9108579881za200&_p=1724396433491&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1595428035.1724396434&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1724396434&sct=1&seg=0&dl=https%3A%2F%2Fdr-user.com%2F&dt=%D8%A7%D9%BE%D9%84%20%D8%A2%DB%8C%D8%AF%DB%8C%20%7C%20Apple%20ID%20%7C%20%D8%AF%DA%A9%D8%AA%D8%B1%20%DB%8C%D9%88%D8%B2%D8%B1&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4083 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-N21N47D9FS&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 23 Aug 2024 07:00:34 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dr-user.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 203 B	104ms 58ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=687620853&t=pageview&_s=1&dl=https%3A%2F%2Fdr-user.com%2F&ul=de-de&de=UTF-8&dt=%D8%A7%D9%BE%D9%84%20%D8%A2%DB%8C%D8%AF%DB%8C%20%7C%20Apple%20ID%20%7C%20%D8%AF%DA%A9%D8%AA%D8%B1%20%DB%8C%D9%88%D8%B2%D8%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=601569804&gjid=1497132964&cid=1595428035.1724396434&tid=UA-108436592-1&_gid=231371556.1724396435&_r=1&gtm=457e48l0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=104090603 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 23 Aug 2024 07:00:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dr-user.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response client.crisp.chat/settings/website/1c57c7a4-e681-4509-b94c-34e223c0ee72/	1 KB 1 KB	106ms 105ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/1c57c7a4-e681-4509-b94c-34e223c0ee72/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1589292100472 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?8fb6de8 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4fdc471f73fb115ecab52fa08c23d1ef6bc0f1af6c38898207bb16b430bbf2a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Fri, 23 Aug 2024 06:08:33 GMT server cloudflare access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 access-control-allow-credentials false vary Accept-Encoding cf-ray 8b7939f9091162ef-HAM access-control-allow-headers Content-Type, Origin expires Fri, 23 Aug 2024 11:00:35 GMT
GET H3	200	fa.js Show response client.crisp.chat/static/javascripts/locales/	13 KB 4 KB	78ms 77ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/locales/fa.js?8fb6de8 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?8fb6de8 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cdb2b63dddba827f241a0d47124c2d90149cb988b85a6ab1070e1c9c154cf7c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dr-user.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 23 Aug 2024 07:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 73084 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Fri, 21 Jun 2024 15:02:29 GMT server cloudflare etag W/"66759605-325a" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 8b7939f9ba2962ef-HAM access-control-allow-headers Content-Type, Origin expires Mon, 21 Aug 2034 07:00:35 GMT
GET DATA	200 OK	truncated /	881 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

trustseal.enamad.ir

URL

https://trustseal.enamad.ir/logo.aspx?id=38685&p=vjymukaqkzoeukaqfujy

Domain

trustseal.enamad.ir

URL

https://trustseal.enamad.ir/logo.aspx?id=72959&p=lznbzpfvgthvpeukpeuk

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| mod function| leap_gregorian number| GREGORIAN_EPOCH function| gregorian_to_jd function| jd_to_gregorian function| leap_islamic number| ISLAMIC_EPOCH function| islamic_to_jd function| jd_to_islamic function| leap_persian number| PERSIAN_EPOCH function| persian_to_jd function| jd_to_persian function| JalaliDate function| DP_jQuery_1724396433283 function| getURLVar function| addToCart function| addToWishList function| addToCompare object| $crisp string| CRISP_WEBSITE_ID object| d object| s object| jQuery17106107364001398037 function| gtag object| dataLayer boolean| $__CRISP_INCLUDED object| $__CRISP_INSTANCE object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dr-user.com/	1970-01-20 23:01:22	Name: PHPSESSID Value: d1pe5bnnqum63lh1grv23cmvf2
			.dr-user.com/	1970-01-20 23:43:08	Name: language Value: fa
			.dr-user.com/	1970-01-20 23:43:08	Name: currency Value: TOM
			.dr-user.com/	1970-01-21 08:35:56	Name: _ga_N21N47D9FS Value: GS1.1.1724396434.1.0.1724396434.0.0.0
			.dr-user.com/	1970-01-21 08:35:56	Name: _ga Value: GA1.2.1595428035.1724396434
			.dr-user.com/	1970-01-20 23:01:22	Name: _gid Value: GA1.2.231371556.1724396435
			.dr-user.com/	1970-01-20 22:59:56	Name: _gat_gtag_UA_108436592_1 Value: 1
			.dr-user.com/	1970-01-21 03:22:44	Name: crisp-client%2Fsession%2F1c57c7a4-e681-4509-b94c-34e223c0ee72 Value: session_affd7288-efc5-4886-bd90-adaa59340647

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dr-user.com/catalog/view/theme/default/image/background.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
dr-user.com
region1.google-analytics.com
trustseal.enamad.ir
www.google-analytics.com
www.googletagmanager.com
trustseal.enamad.ir
104.18.29.104
158.58.187.182
2001:4860:4802:34::36
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
037cb786fa9e4d3aecbe6268ec64242789417fdf251c61aef73290a7202164d1
051849cefca9410dfed4d5c2a08d9af5abf87c7772fde6473a5a24300e7cb7bd
0ece4aa457fdf07f0cad70e859b49a3148b63faaf4c059883be8f4b9c4cd362b
138bfb9000c0a06a08103c256c7f668d89dfb78599c60ec20f6cb9791af9004c
1c81613b8001740ddf133d48e2ed3032977b3240c5df163dcaa00d1ab9883ed6
3011e23a0c5005bcc66c091dbf07490f16f05758ee08e73cea36ef10d1f85b71
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3de887620a032406c344db9b4818c963ceb233bb12691386f729cbccd5022c19
427915666113338996bf4fc6e3f0f6449722d4573ef8c25e386ddf235fea0414
509bdb601d8219799408fe93a60763b6af883a07b0b16ddb5e02fe0c561bf58c
553cd8f952f4c52e0277ddc61ab56529bb91375db888a9d806b5b051406d94ef
5b3cab23254e6fbd714b66ee14d9341bff8aca5023224196c4c3d0c8ae0c2425
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
69918699ac6458305658d6da27689866999986fc6b72f71d44d480328a1866db
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7085b95fe845a403ed58824e7d9775e2ea705f0bee96034acebbb230c7644018
71ce1937ea7da5882f49834c3fc59720a4ee4ca18667b232f60401443f6e0841
75f5fd699859ff777c2664890239e7dd2b0c7b392b963583353d0f33271cde14
7d1de7e50c5982860ac87881939077608809a1c2ed42ac96dd9efbe6d71c5054
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8b2650cb91e8a37cb023271f705c2ddfca57a83e326ebf20a81f9f6b096b5852
8b4d3b884c61a20adfb088679d8f2a05e0a8b6c5b48d8ad06714cfef9d1f6a1f
9c71fb8656354f28d3ae6c09ea8b9f0cafff4d1df4bb1702573714c4cf0b28c0
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9fd1b41dc28d84e28d726a443f2ac9d49458505204acc304827ee94c4361044a
a0a03715d79586c6efa17da30e3d9a15fd4aec2a933774d27aaa24eda4237054
a8de7403862b9eafa92d758b745b35ca96b24db4c46ccdb73c2e77c937b7e906
a9ab4ed328c86e0bf3743984cf5171815ae163e265eff5bbe1ea5cd9d9a69ba0
aee545c122b19814b8cd73098798a41c18b29e9e55220c19976fc68d1ea92f96
b2760199f0d3e457807f7a03433caf55b8a30e161ee8c82115ec69301920de84
b60f8da8309cc04c466533a2e701bfb22e4f3724d3be5dfe14b302a23d3a0f0f
b86eb0564cb5f3880a3d7375ff35350cd46c1c1e92b54d56e444e73983f719e0
b9c18fd0a945cbbd188f827e5a73589ce51573a656a855badf84d85edca6dba2
bb3870b8f2ee4173064e93b4f5e1bbdc2a37e7ff5522bd26afcfbd85321db687
bc7864e3e008e0e662472a8948e9620aa2eb10085e8a81e47f22f3cf409218d2
bd935274a400e905919ded8274255d25b8b2e94edff4c3a7202ba662dec2f94b
bddc7e78dc56ce3f7d02059b59213c4c9831f19fd0de6423abbe90219ebe719e
bdfe1b9bed7fd0fe71122ff6ed06c74184342c50ce96e494bf3403ee609ab486
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cb110be5561cea48e05d5c06fe3ac4c9d0b1a0aca1ed16a2fcdb61324dbe14fa
cdb2b63dddba827f241a0d47124c2d90149cb988b85a6ab1070e1c9c154cf7c4
d4fdc471f73fb115ecab52fa08c23d1ef6bc0f1af6c38898207bb16b430bbf2a
d58d675e3c9b6aa3d09b6e780d535381d0c79325fabb798bfb234d050f45d7b3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd