urlscan.io logo urlscan.io
SecurityTrails logo

q.nozhir.com Open in urlscan Pro
5.187.4.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gitlab.git.git.kirzhach.nordside-shop.ru/
Effective URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Submission: On February 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 48 HTTP transactions. The main IP is 5.187.4.118, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is q.nozhir.com.
TLS certificate: Issued by R3 on December 30th 2022. Valid for: 3 months.
This is the only time q.nozhir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 62.173.138.180 34300 (SPACENET-...)
1 1 91.228.154.172 44066 (DE-FIRSTC...)
37 5.187.4.118 44066 (DE-FIRSTC...)
1 2 178.248.237.144 197068 (QRATOR)
1 1 109.235.165.9 43247 (YOOMONEY-AS)
1 109.235.165.77 43247 (YOOMONEY-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a02:6b8::1:119 ()
48 9
1    62.173.138.180 (Moscow, Russian Federation)

ASN34300 (SPACENET-AS Internet Service Provider, RU)
PTR: qwerty.ru
gitlab.git.git.kirzhach.nordside-shop.ru
1    91.228.154.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde657-54.fornex.org
clicktvf.com
37    5.187.4.118 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde657-74.fornex.org
q.nozhir.com
sentry.nozhir.com
2    178.248.237.144 (Russian Federation)

ASN197068 (QRATOR, RU)
widget.cloudpayments.ru
1    109.235.165.9 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: kassa.yandex.ru
yookassa.ru
1    109.235.165.77 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: 109-235-165-77.yamoney.ru
static.yoomoney.ru
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
6    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2607:f8b0:4006:80c::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:6b8::1:119 (None, )

ASN- ()
mc.yandex.ru
Apex Domain
Subdomains		 Transfer
37 nozhir.com
q.nozhir.com
sentry.nozhir.com
849 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 777
83 KB
2 cloudpayments.ru
widget.cloudpayments.ru — Cisco Umbrella Rank: 245628
41 KB
1 yandex.ru
mc.yandex.ru
73 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 673
75 KB
1 yoomoney.ru
static.yoomoney.ru — Cisco Umbrella Rank: 282140
44 KB
1 yookassa.ru
yookassa.ru — Cisco Umbrella Rank: 703303
307 B
1 clicktvf.com
clicktvf.com
451 B
1 nordside-shop.ru
gitlab.git.git.kirzhach.nordside-shop.ru
349 B
0 yandex.com Failed
mc.yandex.com Failed
48 11
Domain Requested by
36 q.nozhir.com q.nozhir.com
6 unpkg.com 3 redirects q.nozhir.com
2 widget.cloudpayments.ru 1 redirects q.nozhir.com
1 mc.yandex.ru q.nozhir.com
1 sentry.nozhir.com q.nozhir.com
1 fonts.googleapis.com q.nozhir.com
1 code.jquery.com q.nozhir.com
1 static.yoomoney.ru q.nozhir.com
1 yookassa.ru 1 redirects
1 clicktvf.com 1 redirects
1 gitlab.git.git.kirzhach.nordside-shop.ru
0 mc.yandex.com Failed
48 12

This site contains links to these domains. Also see Links.

Domain
client.nozhir.com
Subject Issuer Validity Valid
nozhir.com
R3		 2022-12-30 -
2023-03-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Frame ID: B8860B8089B90D2511BA4FB8F7FAF0B7
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zhir Stop

Page URL History Show full URLs

  1. http://gitlab.git.git.kirzhach.nordside-shop.ru/ Page URL
  2. https://clicktvf.com/E2xC HTTP 302
    https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_24... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

83 %
HTTPS

40 %
IPv6

11
Domains

12
Subdomains

9
IPs

4
Countries

1165 kB
Transfer

2241 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gitlab.git.git.kirzhach.nordside-shop.ru/ Page URL
  2. https://clicktvf.com/E2xC HTTP 302
    https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://widget.cloudpayments.ru/bundles/cloudpayments HTTP 301
  • https://widget.cloudpayments.ru/bundles/cloudpayments/
Request Chain 3
  • https://yookassa.ru/checkout-widget/v1/checkout-widget.js HTTP 301
  • https://static.yoomoney.ru/checkout-client/checkout-widget.js
Request Chain 5
  • https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css
Request Chain 6
  • https://unpkg.com/swiper@8/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js
Request Chain 34
  • https://unpkg.com/swiper@7/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gitlab.git.git.kirzhach.nordside-shop.ru/ 		67 B
349 B 		Document
General
Check archive.org
Download Go to
Full URL
http://gitlab.git.git.kirzhach.nordside-shop.ru/
Protocol
HTTP/1.1
Server
62.173.138.180 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS
qwerty.ru
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
67
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Feb 2023 23:09:00 GMT
ETag
"43-5f3b9ff489740"
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 02 Feb 2023 16:24:21 GMT
Server
Apache
Primary Request /
q.nozhir.com/
Redirect Chain
  • https://clicktvf.com/E2xC
  • https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
37 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
c376f99f20b4ce1b3828ca0565439f3697bd67064bd560735b438f0a4161deef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://gitlab.git.git.kirzhach.nordside-shop.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 23:09:01 GMT
etag
W/"63ac2534-95fc"
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Feb 2023 23:09:01 GMT
Location
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Server
nginx
Transfer-Encoding
chunked
style.css
q.nozhir.com/css/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/css/style.css
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
308e443d4591b016f010bc99dad98d2d6bc9a97178d95c4c99cee4a7713ad5a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:16:24 GMT
server
nginx
content-encoding
gzip
etag
W/"63ac2588-b87f"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
/
widget.cloudpayments.ru/bundles/cloudpayments/
Redirect Chain
  • https://widget.cloudpayments.ru/bundles/cloudpayments
  • https://widget.cloudpayments.ru/bundles/cloudpayments/
122 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.cloudpayments.ru/bundles/cloudpayments/
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
HTTP/1.1
Server
178.248.237.144 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
nginx /
Resource Hash
9629215325481912fe8162c35962b64502d5e63e2de05ace7e97da7af0c16fc1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 23:09:02 GMT
Content-Encoding
br
Last-Modified
Tue, 27 Dec 2022 11:33:45 GMT
Server
nginx
ETag
"63aad819-9eff"
Vary
Accept-Encoding
Content-Security-Policy-Report-Only
default-src https://widget.cloudpayments.ru; connect-src https://widget.cloudpayments.ru https://api.cloudpayments.ru https://static.cloudpayments.ru https://pay.google.com https://pay.yandex.ru; font-src https://widget.cloudpayments.ru data:; frame-src https://widget.cloudpayments.ru https://pay.google.com https://sandbox.pay.yandex.ru https://pay.yandex.ru; frame-ancestors https:; img-src https://widget.cloudpayments.ru https://pay.yandex.ru data:; media-src https://widget.cloudpayments.ru https://static.cloudpayments.ru; object-src https://widget.cloudpayments.ru; script-src https://widget.cloudpayments.ru https://forma.tinkoff.ru https://pay.google.com https://pay.yandex.ru 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline' https:; report-to csp-endpoint; report-uri https://widget.cloudpayments.ru/csp-collector
Content-Type
application/javascript
Report-To
{"group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://widget.cloudpayments.ru/csp-collector" }] }
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
40703

Redirect headers

Location
https://widget.cloudpayments.ru/bundles/cloudpayments/
Date
Tue, 07 Feb 2023 23:09:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
checkout-widget.js
static.yoomoney.ru/checkout-client/
Redirect Chain
  • https://yookassa.ru/checkout-widget/v1/checkout-widget.js
  • https://static.yoomoney.ru/checkout-client/checkout-widget.js
136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/checkout-client/checkout-widget.js
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Server
109.235.165.77 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
109-235-165-77.yamoney.ru
Software
nginx /
Resource Hash
86b389163fbe7fedc4c8e1a9bb749cc2c057ff1d9cb09de3e9282adbbc10cbd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:03 GMT
content-encoding
br
last-modified
Tue, 07 Feb 2023 14:23:33 GMT
server
nginx
etag
W/"71cedf4d730dcceadf08087e6aa40aa0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age = 315360000
expires
Tue, 25 Aug 2025 14:20:35

Redirect headers

Date
Tue, 07 Feb 2023 23:09:03 GMT
Strict-Transport-Security
max-age=16070400
Vary
Accept-Encoding
Content-Type
text/html
Location
https://static.yoomoney.ru/checkout-client/checkout-widget.js
Connection
keep-alive
Keep-Alive
timeout=120
Content-Length
162
jquery-2.2.4.js
code.jquery.com/ 		252 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Referer
https://q.nozhir.com/
Origin
https://q.nozhir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJ7Qi58GEo4BCiRkNGMzOWFlMS0zMzNjLTRiZTEtOTM2Mi00YzEwZTYxNGY1YmUQqKenrJKE/QIaBgiOtIufBiITMjAwMTo1NTA6MWQwNToxOjoxMiiexQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGUxYmY1YTM3LTJmNTgtNDNlOS05M2JhLWQyMTMzZTY4YjQwMBjV0wQiGAgCEhRjZHMwMzUubWkxLmh3Y2RuLm5ldA==.dotUMIlpE68Z1lHPoRcgoNaCGubycqjwJuNYFQrfZpo=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-3ee0f"
vary
Accept-Encoding
x-hw
1675811342.dop206.mi1.t,1675811342.cds253.mi1.hn,1675811342.cds035.mi1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
76245
swiper-bundle.min.css
unpkg.com/swiper@8.4.7/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
735465
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR14TYX3GHKF41GTJZ6NZ3AD-mia
server
cloudflare
etag
W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
795fca790efcdad5-MIA

Redirect headers

date
Tue, 07 Feb 2023 23:09:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GRQ1RYCABAJ7QCJMWNBRXR32-mia
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
479
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.7/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
795fca78ae78dad5-MIA
swiper-bundle.min.js
unpkg.com/swiper@8.4.7/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js
140 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
735531
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR14RXAD6P3G179NT5RR3BHG-mia
server
cloudflare
etag
W/"2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
795fca790f01dad5-MIA

Redirect headers

date
Tue, 07 Feb 2023 23:09:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GRQ1VK1VR6JVJ9TAQQ1WN50R-mia
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
392
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.7/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
795fca78be79dad5-MIA
logo.svg
q.nozhir.com/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/logo.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
9c67ac6f29f86a4a27c4edc67fb9b073c56bff0d0290e8633c6c01f87ea9a3cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-2666"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
9830
1.webp
q.nozhir.com/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/1.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
3da519df3aa0095f846a3b941354432ff8d6914c728f7ae86e36d541eaa35c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-3f5e"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
16222
2.webp
q.nozhir.com/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/2.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
2cbb7542bc3f42db00689ef69d7bd2deb85276fff0cc46d5a4508ef462027bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-73a6"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
29606
arrow-l.svg
q.nozhir.com/img/ 		533 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/arrow-l.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
c0ce35277e1671c8206c0f07b7ae4f06c3bfb5d76c239c03178e8068f29879c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-215"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
533
arrow-r.svg
q.nozhir.com/img/ 		521 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/arrow-r.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
8df2ecf3e8ba1cdcdf5cdcfbf92b7174836fd6c9dfabc77182df788cf0404a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-209"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
521
3.webp
q.nozhir.com/img/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/3.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
fa14438d6f9b901723d2a542d7665dbf7fb2f8baea1f42fb39f5f5a7ba29322d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-a9e4"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
43492
4.webp
q.nozhir.com/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/4.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
6e0426bc78b6e3c3019c98e4c5268d82ab25168cd4253dc99f394977586dd74b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-9cf4"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
40180
5.webp
q.nozhir.com/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/5.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
10f86799b0a2ff81f8c800e90eb75ea342a9417078d9f8e0ae9593c9263d1d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-7352"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
29522
6.webp
q.nozhir.com/img/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/6.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
91e00b43193434e35fb2f1a2d131bcfd72c50d7a7e91700aede1db9082a9125a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-cfc8"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
53192
7.webp
q.nozhir.com/img/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/7.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
946e629f3550e6b58c91b54b9f9f0b11b593867866254e8a6b76034f4638090a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-d428"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
54312
8.webp
q.nozhir.com/img/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/8.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
321c86fe6dd6d8c94624b59809a93c73f4e7f533f63d30e568b811676d65318b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-b02e"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
45102
load.svg
q.nozhir.com/img/ 		1017 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/load.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
fdca80a3af2f640169820870d5388860068e3f8b5a68d26bb228cd3632440ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-3f9"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
1017
big-1x.webp
q.nozhir.com/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/big-1x.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
429f7b10033a73828c3fde9ae25c12b68eb415451c5b5e962990bd156710d986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-4a24"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
18980
adva1.svg
q.nozhir.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/adva1.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
69e590e701130bed664fdfd6c7536b87ee1cb4566f95aabddc8fb1107378bec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-ebf"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
3775
adva2.svg
q.nozhir.com/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/adva2.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
8df6cb3178d62b48113d827fe6d65fb3661dabb836f1dfd678e469feb2117df2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-2a84"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
10884
adva3.svg
q.nozhir.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/adva3.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
f3223d62f1a62bf4962ac62c480da283c1147d0417202ec8027d28f958ca0ae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-15a7"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
5543
9.webp
q.nozhir.com/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/9.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
f7ba20017c80ec02d4a92231a0cbdb2fc4ad217c37d89ff7abc44fe148e9a23c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-3d0a"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
15626
s1.webp
q.nozhir.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/s1.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
09e59f6ffbcdc680eaaa2b5922ba7ad149572f3a0ba6b1cc0f6b9083ce955a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-1c44"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
7236
s2.webp
q.nozhir.com/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/s2.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a67cd7b85a9126938e391798058f589a0ca36b19da560e75acb083d7f7d63438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-1f5c"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
8028
s3.webp
q.nozhir.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/s3.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
05546779fb3f16f7ec9257eab06e8e4846ff54271002052cf278fc60bdc8a794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-fcc"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
4044
s4.webp
q.nozhir.com/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/s4.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
0ed730a1b42b7d70dd3a0992ec7df7c21cbd2c7db83f66e3db349ac1ea549bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-1e68"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
7784
g1.webp
q.nozhir.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/g1.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
ccf7e5a1b08087e9fb0fc7cb9b26d411b913bb4674ff92367a2c0ba28bdd2bc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-18c6"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
6342
rew-ic.svg
q.nozhir.com/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/rew-ic.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
4eb0326201320f4cd3739330e179dee8116a8cd50d772a620908c90010c1661d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-dfa"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
3578
r1.webp
q.nozhir.com/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/r1.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
1c818896e5449f96f6d845dfaea1b51c7a434470d4c8b26875882e4aaa6e9ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-5bb0"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
23472
r2.webp
q.nozhir.com/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/r2.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
b4f798273e62f27073a8104fc3f137a165486d9406cac059f522b25abd8a68cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-2c54"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
11348
r3.webp
q.nozhir.com/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/r3.webp
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
700d3f73158655984efca21b25ba8ebf79086926ff82d5615e0ad24bb3455d3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-19de"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
6622
bundle.js
q.nozhir.com/_sys/js/ 		386 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/_sys/js/bundle.js
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
b6830db8aefda5f42b66055591b0a54bbd19b94fe4dfe8d1235cde1572be35a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 11 Jan 2023 07:36:37 GMT
server
nginx
content-encoding
gzip
etag
W/"63be6705-607c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
swiper-bundle.min.js
unpkg.com/swiper@7.4.1/
Redirect Chain
  • https://unpkg.com/swiper@7/swiper-bundle.min.js
  • https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js
133 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
29739328
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FX0RK9MVXMJGHWAJ6APWQ3VD-mia
server
cloudflare
etag
W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
795fca7b9b74dad5-MIA

Redirect headers

date
Tue, 07 Feb 2023 23:09:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GRQ24D83D60QTM8C696P0ZRD-mia
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
103
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@7.4.1/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
795fca7b3abddad5-MIA
scripts.js
q.nozhir.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/js/scripts.js
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
83f3e30844ace8c00296758351eea3d0c626fdbb54b6bb8afacac241cf5909b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Origin
https://q.nozhir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
content-encoding
gzip
etag
W/"63ac2534-1b38"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 23:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 23:03:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 23:09:02 GMT
bg1.svg
q.nozhir.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/bg1.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
562b9ea3e909ffccea0642f9307fafab11dfbeada9b4d9ffabeb8ae9c3829efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-f86"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
3974
SFProDisplay-Semibold.woff2
q.nozhir.com/fonts/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/fonts/SFProDisplay-Semibold.woff2
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
20f2242b77c5070909fc534fe5fd933b29f5b7180dbfaef9d188499c1ef43a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://q.nozhir.com/css/style.css
Origin
https://q.nozhir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-18734"
content-type
font/woff2
cache-control
no-cache
accept-ranges
bytes
content-length
100148
SFProDisplay-Regular.woff2
q.nozhir.com/fonts/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/fonts/SFProDisplay-Regular.woff2
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
e68edac9b7a60fbfaf4860d7d3045e396c3b5f01b33c7d61876f0caa9d61ad76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://q.nozhir.com/css/style.css
Origin
https://q.nozhir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-15d78"
content-type
font/woff2
cache-control
no-cache
accept-ranges
bytes
content-length
89464
domain
q.nozhir.com/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/domain?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx / PHP/7.4.30
Resource Hash
82e2b0cb2a2f1164b4d5e5e74e2307fb436ac656292ac73f8a1782db3dfccd28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, private
lc.svg
q.nozhir.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.nozhir.com/img/lc.svg
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
e8a2030809b36b5fb4bd619f1073626ac9ed23030d5dd93084af73b0555e7d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/?utm_source=cpa&utm_medium=1012_932959&utm_campaign=2734813&utm_term=1012_2494500035
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-a13"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
2579
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
178f86d5b510e200c46c7f528bbe148d207d545130ba99157bef327ffbab7828

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf64af538275379131ee54530f1d6fa546de3708f877aeff2ec57c30a131ece3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		983 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7144cbe7a69d67a0e3590f76ce781884bdfaee992c650eff0639a21313cd2f9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f835a2e5ec4550bfc72954d84d811ab7bd54eb9f4bf56b2a2d395db34c163f0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		709 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e805811761c928ec88ee9acf9b7e82976495c738f6e4aa038b8ab80b31d22242

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3100bd49cd2b1f62591ce786a107ce232fb11786e149cea6f084552620f37a57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		608 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
094e22cc6b61a5959d32a44f1f9bab7b1be6e589b47b9cf246c7628bdefb603b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
SFProDisplay-Medium.woff2
q.nozhir.com/fonts/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://q.nozhir.com/fonts/SFProDisplay-Medium.woff2
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
4e956bb78c3106d730665c8893f654756d7f7156152f25cc59f58ee6af7d0e96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://q.nozhir.com/css/style.css
Origin
https://q.nozhir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Dec 2022 11:15:00 GMT
server
nginx
etag
"63ac2534-185c0"
content-type
font/woff2
cache-control
no-cache
accept-ranges
bytes
content-length
99776
/
sentry.nozhir.com/api/24/envelope/ 		41 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.nozhir.com/api/24/envelope/?sentry_key=128516fea75d4561afae838d8440581f&sentry_version=7
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
0d16916ab5b97cbdac7413e2fa061aa3f58edc8c9bf46e64a1cbe88c07cfebab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://q.nozhir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Feb 2023 23:09:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
content-type
application/json
access-control-allow-origin
https://q.nozhir.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
content-length
41
tag.js
mc.yandex.ru/metrika/ 		211 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: q.nozhir.com
URL: https://q.nozhir.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://q.nozhir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:09:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-11ffd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73725
expires
Wed, 08 Feb 2023 00:09:05 GMT
sync_cookie_image_check
mc.yandex.com/ 		0
0
advert.gif
mc.yandex.com/metrika/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.com
URL
https://mc.yandex.com/sync_cookie_image_check
Domain
mc.yandex.com
URL
https://mc.yandex.com/metrika/advert.gif

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| Swiper object| _excluded function| _objectWithoutProperties function| _objectWithoutPropertiesLoose function| _get function| _superPropBase function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| ownKeys function| _objectSpread function| _defineProperty function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _classCallCheck function| _inherits function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _wrapNativeSuper function| _construct function| _isNativeReflectConstruct function| _isNativeFunction function| _setPrototypeOf function| _getPrototypeOf function| _typeof function| SentryDomain function| debounce object| app object| Sentry function| Vue object| __SENTRY__ object| cp function| YooMoneyCheckoutWidget object| MicroModal function| iFrameResize object| regeneratorRuntime function| YandexCheckout boolean| ref boolean| isResponse function| ym

3 Cookies

Domain/Path Name / Value
.clicktvf.com/ Name: ad1Zng0dGxrM0hoVnlIYVRpck42NzZlQT09
Value: 1
q.nozhir.com/ Name: _utmc
Value: %7B%22utm_campaign%22%3A%222734813%22%2C%22utm_medium%22%3A%221012_932959%22%2C%22utm_source%22%3A%22cpa%22%2C%22utm_term%22%3A%221012_2494500035%22%2C%22utm_content%22%3Anull%7D
.q.nozhir.com/ Name: lgl
Value: 8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicktvf.com
code.jquery.com
fonts.googleapis.com
gitlab.git.git.kirzhach.nordside-shop.ru
mc.yandex.com
mc.yandex.ru
q.nozhir.com
sentry.nozhir.com
static.yoomoney.ru
unpkg.com
widget.cloudpayments.ru
yookassa.ru
mc.yandex.com
109.235.165.77
109.235.165.9
178.248.237.144
2001:4de0:ac18::1:a:1b
2606:4700::6810:7daf
2607:f8b0:4006:80c::200a
2a02:6b8::1:119
5.187.4.118
62.173.138.180
91.228.154.172
05546779fb3f16f7ec9257eab06e8e4846ff54271002052cf278fc60bdc8a794
094e22cc6b61a5959d32a44f1f9bab7b1be6e589b47b9cf246c7628bdefb603b
09e59f6ffbcdc680eaaa2b5922ba7ad149572f3a0ba6b1cc0f6b9083ce955a3f
0d16916ab5b97cbdac7413e2fa061aa3f58edc8c9bf46e64a1cbe88c07cfebab
0ed730a1b42b7d70dd3a0992ec7df7c21cbd2c7db83f66e3db349ac1ea549bb9
10f86799b0a2ff81f8c800e90eb75ea342a9417078d9f8e0ae9593c9263d1d8f
178f86d5b510e200c46c7f528bbe148d207d545130ba99157bef327ffbab7828
1c818896e5449f96f6d845dfaea1b51c7a434470d4c8b26875882e4aaa6e9ac4
20f2242b77c5070909fc534fe5fd933b29f5b7180dbfaef9d188499c1ef43a74
2cbb7542bc3f42db00689ef69d7bd2deb85276fff0cc46d5a4508ef462027bef
308e443d4591b016f010bc99dad98d2d6bc9a97178d95c4c99cee4a7713ad5a1
3100bd49cd2b1f62591ce786a107ce232fb11786e149cea6f084552620f37a57
321c86fe6dd6d8c94624b59809a93c73f4e7f533f63d30e568b811676d65318b
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
3da519df3aa0095f846a3b941354432ff8d6914c728f7ae86e36d541eaa35c50
3f835a2e5ec4550bfc72954d84d811ab7bd54eb9f4bf56b2a2d395db34c163f0
429f7b10033a73828c3fde9ae25c12b68eb415451c5b5e962990bd156710d986
4e956bb78c3106d730665c8893f654756d7f7156152f25cc59f58ee6af7d0e96
4eb0326201320f4cd3739330e179dee8116a8cd50d772a620908c90010c1661d
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
562b9ea3e909ffccea0642f9307fafab11dfbeada9b4d9ffabeb8ae9c3829efd
69e590e701130bed664fdfd6c7536b87ee1cb4566f95aabddc8fb1107378bec6
6e0426bc78b6e3c3019c98e4c5268d82ab25168cd4253dc99f394977586dd74b
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
700d3f73158655984efca21b25ba8ebf79086926ff82d5615e0ad24bb3455d3a
7144cbe7a69d67a0e3590f76ce781884bdfaee992c650eff0639a21313cd2f9d
82e2b0cb2a2f1164b4d5e5e74e2307fb436ac656292ac73f8a1782db3dfccd28
83f3e30844ace8c00296758351eea3d0c626fdbb54b6bb8afacac241cf5909b0
86b389163fbe7fedc4c8e1a9bb749cc2c057ff1d9cb09de3e9282adbbc10cbd2
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6
8df2ecf3e8ba1cdcdf5cdcfbf92b7174836fd6c9dfabc77182df788cf0404a0d
8df6cb3178d62b48113d827fe6d65fb3661dabb836f1dfd678e469feb2117df2
91e00b43193434e35fb2f1a2d131bcfd72c50d7a7e91700aede1db9082a9125a
946e629f3550e6b58c91b54b9f9f0b11b593867866254e8a6b76034f4638090a
9629215325481912fe8162c35962b64502d5e63e2de05ace7e97da7af0c16fc1
9c67ac6f29f86a4a27c4edc67fb9b073c56bff0d0290e8633c6c01f87ea9a3cb
a67cd7b85a9126938e391798058f589a0ca36b19da560e75acb083d7f7d63438
b4f798273e62f27073a8104fc3f137a165486d9406cac059f522b25abd8a68cd
b6830db8aefda5f42b66055591b0a54bbd19b94fe4dfe8d1235cde1572be35a0
c0ce35277e1671c8206c0f07b7ae4f06c3bfb5d76c239c03178e8068f29879c5
c376f99f20b4ce1b3828ca0565439f3697bd67064bd560735b438f0a4161deef
ccf7e5a1b08087e9fb0fc7cb9b26d411b913bb4674ff92367a2c0ba28bdd2bc9
cf64af538275379131ee54530f1d6fa546de3708f877aeff2ec57c30a131ece3
e68edac9b7a60fbfaf4860d7d3045e396c3b5f01b33c7d61876f0caa9d61ad76
e805811761c928ec88ee9acf9b7e82976495c738f6e4aa038b8ab80b31d22242
e8a2030809b36b5fb4bd619f1073626ac9ed23030d5dd93084af73b0555e7d87
f3223d62f1a62bf4962ac62c480da283c1147d0417202ec8027d28f958ca0ae4
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f7ba20017c80ec02d4a92231a0cbdb2fc4ad217c37d89ff7abc44fe148e9a23c
fa14438d6f9b901723d2a542d7665dbf7fb2f8baea1f42fb39f5f5a7ba29322d
fdca80a3af2f640169820870d5388860068e3f8b5a68d26bb228cd3632440ae6