urlscan.io logo urlscan.io
SecurityTrails logo

2ad.ir Open in urlscan Pro
185.49.85.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Submission: On October 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 38 HTTP transactions. The main IP is 185.49.85.38, located in Iran, Islamic Republic Of and belongs to ASIATECH, IR. The main domain is 2ad.ir.
TLS certificate: Issued by R3 on October 4th 2021. Valid for: 3 months.
This is the only time 2ad.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    185.49.85.38 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
2ad.ir
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
4hfchest5kdnfnut.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700::6810:e633 (United States)

ASN13335 (CLOUDFLARENET, US)
mellowads.com
1    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map3.hwcdn.net
cdn.popcash.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:1f18:510:802:a097:1bb0:c193:4b01 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dcba.popcash.net
3    185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net
mellowads.b-cdn.net
Domain Requested by
24 2ad.ir 2ad.ir
3 mellowads.b-cdn.net mellowads.com
2 www.google-analytics.com 2ad.ir
www.google-analytics.com
2 mellowads.com 2ad.ir
mellowads.com
2 4hfchest5kdnfnut.com 2ad.ir
4hfchest5kdnfnut.com
1 dcba.popcash.net cdn.popcash.net
1 www.gstatic.com www.google.com
1 cdn.popcash.net 2ad.ir
1 www.google.com 2ad.ir
1 fonts.googleapis.com 2ad.ir
38 10

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
www.2ad.ir
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
4hfchest5kdnfnut.com
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-14 -
2022-07-13		 a year crt.sh
cdn.popcash.net
R3		 2021-09-16 -
2021-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.popcash.net
AlphaSSL CA - SHA256 - G2		 2021-04-22 -
2022-05-24		 a year crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Frame ID: 4D04E89A1B457ADC443F60C95E0BB9ED
Requests: 33 HTTP requests in this frame

Frame: https://mellowads.com/view/0A76E789C065/?ref=Y8HMP4AU5ubAjKtAIfnHwqdyB8FcjtazbhyDYBccFrp8MmgEquTF8UfQx4CAmwnCktO7DzbEyW43jniGi2aLSNLkEbaeyvRjRI740az22H1J&w=670&h=150
Frame ID: 07618F7E195412113FC02AE3320D857E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

38
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

427 kB
Transfer

1159 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request L1yriiX
2ad.ir/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
730d0c06653d2515782bfcd5e82a9936beb55dcbb2cbab6148444aabf5da7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
2ad.ir
:scheme
https
:path
/L1yriiX?id=N9Zz7KvYZr&amp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Sat, 23 Oct 2021 16:01:42 GMT
server
LiteSpeed
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
icon
fonts.googleapis.com/ 		569 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c10ece478ed31db19cc7d2623f28ab86ded7df9d89c49c6964d9ce8da605ece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 16:01:43 GMT
server
ESF
date
Sat, 23 Oct 2021 16:01:43 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 16:01:43 GMT
icon-font.min.css
2ad.ir/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/css/icon-font.min.css
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
f90d0b6a571e8d4b9ec683cf79a6d0f7c0775de35ec289edf3a6a794c9b56ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/icon-font.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 May 2020 09:16:17 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
1499
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
wow.min.js
2ad.ir/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/wow.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/wow.min.js?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
2524
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
owl.carousel.min.css
2ad.ir/vendor/owl/ 		3 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/owl/owl.carousel.min.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/owl/owl.carousel.min.css?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
915
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
owl.theme.default.css
2ad.ir/vendor/owl/ 		1 KB
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/owl/owl.theme.default.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/owl/owl.theme.default.css?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
464
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
bootstrap.min.css
2ad.ir/ojen_theme/css/ 		141 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/bootstrap.min.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
2e1c6438ef38441c988bbfe871db2796fce5d2347461d4a014739578793f4363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/css/bootstrap.min.css?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sat, 03 Nov 2018 12:03:42 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
18618
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
animate.css
2ad.ir/ojen_theme/css/ 		57 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/animate.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/css/animate.css?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sun, 28 Oct 2018 12:57:30 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
3838
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
style.css
2ad.ir/ojen_theme/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
1e6f205f077fbc37d28acaa78f301ef8e2a799fe54a8cb36e3849c4f1485c813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/css/style.css?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 15:06:29 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
5275
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
anime.css
2ad.ir/ojen_theme/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/anime.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
c75f80593f1f326e56f74c059c0854f653da882ad076e1db2259947bb7ff3dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/css/anime.css?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sun, 28 Oct 2018 12:57:42 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
1573
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
responsive.css
2ad.ir/ojen_theme/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/responsive.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
97778b4ffa451edae2d54d345883b6cc937280ca8ee8db6de5085d6a46ad34ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/css/responsive.css?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 12 Jul 2019 20:30:26 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
1301
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
jquery.min.js
2ad.ir/vendor/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/jquery.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/jquery.min.js?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
29166
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:42 GMT
brt.js
4hfchest5kdnfnut.com/t/9/fret/meow4/1754337/ 		68 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4hfchest5kdnfnut.com/t/9/fret/meow4/1754337/brt.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6fe9561f915b249c83f12b28063bdac7f200aec926f1ee9a18c802edaf6f17de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 11:40:30 GMT
server
nginx
etag
W/"616eaeae-111e6"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
tether.png
2ad.ir/assets/methods/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/assets/methods/tether.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
c3c702120dabe28458194b4bcd5f14003b67f03f4d6308bb182fb8bea912edfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/methods/tether.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Fri, 01 Jan 2021 12:50:49 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
8695
x-xss-protection
1; mode=block
expires
Sun, 23 Oct 2022 16:01:43 GMT
webmoney2.png
2ad.ir/assets/methods/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/assets/methods/webmoney2.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
b088053f143de8fbcfc34a2a1c97a8902baabc09bcebeabaeb5bc559e41e779f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/methods/webmoney2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Fri, 01 Jan 2021 12:50:50 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
17058
x-xss-protection
1; mode=block
expires
Sun, 23 Oct 2022 16:01:43 GMT
shetab.png
2ad.ir/ojen_theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/shetab.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
e72153e433cb79df96dac0de4721b3654d530be58ba5758da4d464c8dca93bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/img/shetab.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Nov 2018 14:11:54 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
4108
x-xss-protection
1; mode=block
expires
Sun, 23 Oct 2022 16:01:43 GMT
zarinpal.png
2ad.ir/ojen_theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/zarinpal.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
f770a1bc3d67a50543fbf55333a835aab065346c3460f92145c9aa2ff1a34984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/img/zarinpal.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Nov 2018 21:25:24 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
3985
x-xss-protection
1; mode=block
expires
Sun, 23 Oct 2022 16:01:43 GMT
ads.js
2ad.ir/ojen_theme/js/ 		106 B
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/ads.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/js/ads.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 11 Feb 2018 06:31:22 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
User-Agent
content-length
106
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:43 GMT
popper.min.js
2ad.ir/ojen_theme/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/popper.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/js/popper.min.js?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 29 Oct 2018 09:55:52 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
6644
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:43 GMT
bootstrap.min.js
2ad.ir/ojen_theme/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/bootstrap.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/js/bootstrap.min.js?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 29 Oct 2018 09:55:42 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
12542
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:43 GMT
clipboard.min.js
2ad.ir/vendor/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/clipboard.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/clipboard.min.js?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
3194
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:43 GMT
main.js
2ad.ir/ojen_theme/js/ 		2 KB
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/main.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
79b18af33d3a5ef74b124a832b71ab46d563957b5ab979e98e540167d2e29c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/js/main.js?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 12 Jul 2019 21:54:24 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
659
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:43 GMT
appc.js
2ad.ir/ojen_theme/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/appc.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
b9e651f9f87e827ce383bcd1accbd3f6441d160fb5ca56e4b24039e736cd1f18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/js/appc.js?ver=6.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
2ad.ir
referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 25 Dec 2019 01:09:00 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
4144
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 16:01:43 GMT
api.js
www.google.com/recaptcha/ 		918 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=fa&onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
40cab8130cfd46cb93999117fb9129970a356b4071aae500ad9aba4104229792
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
579
x-xss-protection
1; mode=block
expires
Sat, 23 Oct 2021 16:01:43 GMT
logo-white.png
2ad.ir/ojen_theme/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/logo-white.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
ec57324f11c244d438a9d6173ae4654b5f73217deffda8d30e79bda5ed2aa7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/img/logo-white.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
2ad.ir
referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Dec 2018 19:45:00 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
17959
x-xss-protection
1; mode=block
expires
Sun, 23 Oct 2022 16:01:43 GMT
IRANSansWeb.woff2
2ad.ir/ojen_theme/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/fonts/IRANSansWeb.woff2
Requested by
Host: 2ad.ir
URL: https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
13812a30ddb5f43dee6b08795045e14f2463e6a54b0153f94c87d78e0ae2ca11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/fonts/IRANSansWeb.woff2
pragma
no-cache
origin
https://2ad.ir
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
2ad.ir
referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Origin
https://2ad.ir
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Dec 2016 17:24:10 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
vary
User-Agent
content-length
31304
x-xss-protection
1; mode=block
expires
Sat, 30 Oct 2021 16:01:43 GMT
Cookie set 0A76E789C065
mellowads.com/view/ Frame 0761 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mellowads.com/view/0A76E789C065
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11578ccd4821f4e878e6cb86452cc0d0129418b43ea8b8d9593d0f0bf808b4c4

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2ad.ir/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/

Response headers

Date
Sat, 23 Oct 2021 16:01:43 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Fri, 21-Jan-2022 17:01:47 GMT; path=/
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6a2c2f86ded2599b-MXP
Content-Encoding
gzip
show.js
cdn.popcash.net/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popcash.net/show.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
279a15eaae136a15f92085047a7eb7dc6b4f1ccdd22153f17b9f6e367d02eeaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdjWSxnOiIDeo9AR1xQ7GoXgjks7Bl6aBFmzVBdOEOw%2FOe70EJatdsEXcY6zxdy9qlck3p08oq5zNvVv1uRYmCGZ0XuxsGKE6GgfiQ5VkMxQmAOKFdSDJvpis0zb"}],"group":"cf-nel","max_age":604800}
content-length
36555
last-modified
Thu, 26 Aug 2021 20:13:09 GMT
server
cloudflare
etag
W/"6127f5d5-1b187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1635004903.cds126.fr8.hn,1635004903.cds010.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
68979a721b504107-PRG
logo.png
2ad.ir/ojen_theme/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/logo.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
a31d82c522e9f52a1cd187f5905bf9e6a4cb3629174cd75701a003d0e80ac451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ojen_theme/img/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
2ad.ir
referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Dec 2018 19:54:18 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
16518
x-xss-protection
1; mode=block
expires
Sun, 23 Oct 2022 16:01:43 GMT
1754337
4hfchest5kdnfnut.com/get/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4hfchest5kdnfnut.com/get/1754337?zoneid=1754337&jp=_clqww0o7zgvws6kgms0nmp&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=0&sp=0
Requested by
Host: 4hfchest5kdnfnut.com
URL: https://4hfchest5kdnfnut.com/t/9/fret/meow4/1754337/brt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a9cf3abd9923d4d9bd4d5081876d3542ce71980975c2b94ac648d78af8f4f06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:43 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
69
date
Sat, 23 Oct 2021 16:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 18:00:34 GMT
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ 		374 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=fa&onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bd94d1c228cabb3d5cf2a0aa00bcdccb38a80cb318a815e0ca5109ec308e64b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2ad.ir/
Origin
https://2ad.ir
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
140013
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 22 Oct 2022 01:52:58 GMT
znWaa3gu
dcba.popcash.net/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dcba.popcash.net/znWaa3gu
Requested by
Host: cdn.popcash.net
URL: https://cdn.popcash.net/show.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:510:802:a097:1bb0:c193:4b01 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2ad.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 23 Oct 2021 16:01:43 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
collect
www.google-analytics.com/j/ 		2 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=329921479&t=pageview&_s=1&dl=https%3A%2F%2F2ad.ir%2FL1yriiX%3Fid%3DN9Zz7KvYZr%26amp&ul=en-us&de=UTF-8&dt=Error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=389960435&gjid=487094067&cid=85328069.1635004904&tid=UA-90058927-1&_gid=1965355222.1635004904&_r=1&_slc=1&z=1472956012
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2ad.ir/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:01:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2ad.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set /
mellowads.com/view/0A76E789C065/ Frame 0761 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mellowads.com/view/0A76E789C065/?ref=Y8HMP4AU5ubAjKtAIfnHwqdyB8FcjtazbhyDYBccFrp8MmgEquTF8UfQx4CAmwnCktO7DzbEyW43jniGi2aLSNLkEbaeyvRjRI740az22H1J&w=670&h=150
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/0A76E789C065
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68bdbf81e73c6ed1d34118c864e96ccb583569d61af72e32cf0c0ea2aa8dca9

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mellowads.com/view/0A76E789C065
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mellowads.com/view/0A76E789C065

Response headers

Date
Sat, 23 Oct 2021 16:01:44 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=Y8HMP4AU5ubAjKtAIfnHwqdyB8FcjtazbhyDYBccFrp8MmgEquTF8UfQx4CAmwnCktO7DzbEyW43jniGi2aLSNLkEbaeyvRjRI740az22H1J; expires=Fri, 21-Jan-2022 17:01:47 GMT; path=/
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6a2c2f88bb97599b-MXP
Content-Encoding
gzip
size13.css
mellowads.b-cdn.net/css/ Frame 0761 		405 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mellowads.b-cdn.net/css/size13.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/0A76E789C065/?ref=Y8HMP4AU5ubAjKtAIfnHwqdyB8FcjtazbhyDYBccFrp8MmgEquTF8UfQx4CAmwnCktO7DzbEyW43jniGi2aLSNLkEbaeyvRjRI740az22H1J&w=670&h=150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-601.bunnyinfra.net
Software
BunnyCDN-DE1-601 /
Resource Hash
cc8fdb8b8d09767faff8cec309e20c4578b5e4b8ba9e659a9e2c50a2dd988592

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:44 GMT
content-encoding
br
cf-cache-status
HIT
cdn-edgestorageid
755
age
596
cf-polished
origSize=603
cdn-cachedat
2021-07-30 00:15:03
cdn-pullzone
419676
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-bgj
minify
access-control-allow-origin
*
expires
Mon, 30 Aug 2021 00:15:03 GMT
last-modified
Wed, 15 Nov 2017 09:57:32 GMT
server
BunnyCDN-DE1-601
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2678400
cdn-uid
5aae3959-a123-4877-a9c8-a7b3eb94fb05
cdn-requestid
cf5dff83c70d5476645faadaee503189
cf-ray
676a63eded82fadc-DUS
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
minibrand.png
mellowads.b-cdn.net/img/ Frame 0761 		880 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mellowads.b-cdn.net/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/0A76E789C065/?ref=Y8HMP4AU5ubAjKtAIfnHwqdyB8FcjtazbhyDYBccFrp8MmgEquTF8UfQx4CAmwnCktO7DzbEyW43jniGi2aLSNLkEbaeyvRjRI740az22H1J&w=670&h=150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-601.bunnyinfra.net
Software
BunnyCDN-DE1-601 /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:44 GMT
cf-cache-status
HIT
cdn-edgestorageid
756
age
393984
cf-polished
status=not_needed
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
419676
cf-bgj
imgq:100,h2pri
content-length
880
last-modified
Wed, 15 Nov 2017 09:57:38 GMT
server
BunnyCDN-DE1-601
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cdn-cache
HIT
expires
Sun, 12 Sep 2021 11:48:34 GMT
cache-control
public, max-age=2678400
cdn-uid
5aae3959-a123-4877-a9c8-a7b3eb94fb05
cdn-requestid
33716ffe955aeeb6aee92c36021f0949
accept-ranges
bytes
cf-ray
67d979b5bed32187-DUS
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
99B83DB8C062.png
mellowads.b-cdn.net/ads/ Frame 0761 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mellowads.b-cdn.net/ads/99B83DB8C062.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/0A76E789C065/?ref=Y8HMP4AU5ubAjKtAIfnHwqdyB8FcjtazbhyDYBccFrp8MmgEquTF8UfQx4CAmwnCktO7DzbEyW43jniGi2aLSNLkEbaeyvRjRI740az22H1J&w=670&h=150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-601.bunnyinfra.net
Software
BunnyCDN-DE1-601 /
Resource Hash
47d4f79cce29c1766dffbde0afe5d2b007279aae5925aa9cb5e5f72a56148844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:01:44 GMT
cf-cache-status
HIT
cdn-edgestorageid
601
age
126925
cf-polished
origSize=3955
cdn-cachedat
2021-08-03 11:28:46
cdn-pullzone
419676
cf-bgj
imgq:100,h2pri
content-length
2666
last-modified
Wed, 16 Jun 2021 21:27:10 GMT
server
BunnyCDN-DE1-601
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cdn-cache
HIT
expires
Fri, 03 Sep 2021 09:28:46 GMT
cache-control
public, max-age=2678400
cdn-uid
5aae3959-a123-4877-a9c8-a7b3eb94fb05
cdn-requestid
620f7a0a8a9109a2b574f2e1d8582146
accept-ranges
bytes
cf-ray
678e848d0f32fadc-DUS
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| WOW function| $ function| jQuery number| l5pppp function| T677 function| w91 function| e677 undefined| handleException function| R3ff function| _clqww0o7zgvws6kgms0nmp string| uid string| wid string| pop_fback object| pop_tag object| app_vars object| e function| onClickTrigger boolean| zfgloadedpopup function| Popper object| bootstrap function| ClipboardJS function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| copIed function| setTooltip function| setCookie function| cookie_accept string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| popns number| pop_cdn function| b133 object| IOarzRhPlP number| pop_fcap object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha

8 Cookies

Domain/Path Name / Value
4hfchest5kdnfnut.com/ Name: UID
Value: 21102311010038196b342b49b7a4ee01390d
2ad.ir/ Name:
Value: __test
2ad.ir/ Name: __PPU___PPU_SESSION_URL
Value: %2FL1yriiX
.2ad.ir/ Name: __PPU_SESSION_1_1754337
Value: 1635004903517|0|0|0|0
2ad.ir/ Name: ab
Value: 2
.2ad.ir/ Name: _ga
Value: GA1.2.85328069.1635004904
.2ad.ir/ Name: _gid
Value: GA1.2.1965355222.1635004904
.2ad.ir/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://2ad.ir/L1yriiX?id=N9Zz7KvYZr&amp
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ad.ir
4hfchest5kdnfnut.com
cdn.popcash.net
dcba.popcash.net
fonts.googleapis.com
mellowads.b-cdn.net
mellowads.com
www.google-analytics.com
www.google.com
www.gstatic.com
109.206.162.83
151.139.128.10
185.49.85.38
185.59.220.193
2600:1f18:510:802:a097:1bb0:c193:4b01
2606:4700::6810:e633
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2004
11578ccd4821f4e878e6cb86452cc0d0129418b43ea8b8d9593d0f0bf808b4c4
13812a30ddb5f43dee6b08795045e14f2463e6a54b0153f94c87d78e0ae2ca11
1e6f205f077fbc37d28acaa78f301ef8e2a799fe54a8cb36e3849c4f1485c813
279a15eaae136a15f92085047a7eb7dc6b4f1ccdd22153f17b9f6e367d02eeaa
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0
2e1c6438ef38441c988bbfe871db2796fce5d2347461d4a014739578793f4363
3c10ece478ed31db19cc7d2623f28ab86ded7df9d89c49c6964d9ce8da605ece
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
40cab8130cfd46cb93999117fb9129970a356b4071aae500ad9aba4104229792
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
47d4f79cce29c1766dffbde0afe5d2b007279aae5925aa9cb5e5f72a56148844
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
6fe9561f915b249c83f12b28063bdac7f200aec926f1ee9a18c802edaf6f17de
730d0c06653d2515782bfcd5e82a9936beb55dcbb2cbab6148444aabf5da7763
79b18af33d3a5ef74b124a832b71ab46d563957b5ab979e98e540167d2e29c0f
7bd94d1c228cabb3d5cf2a0aa00bcdccb38a80cb318a815e0ca5109ec308e64b
97778b4ffa451edae2d54d345883b6cc937280ca8ee8db6de5085d6a46ad34ef
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a31d82c522e9f52a1cd187f5905bf9e6a4cb3629174cd75701a003d0e80ac451
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4
a9cf3abd9923d4d9bd4d5081876d3542ce71980975c2b94ac648d78af8f4f06f
b088053f143de8fbcfc34a2a1c97a8902baabc09bcebeabaeb5bc559e41e779f
b9e651f9f87e827ce383bcd1accbd3f6441d160fb5ca56e4b24039e736cd1f18
c3c702120dabe28458194b4bcd5f14003b67f03f4d6308bb182fb8bea912edfe
c68bdbf81e73c6ed1d34118c864e96ccb583569d61af72e32cf0c0ea2aa8dca9
c75f80593f1f326e56f74c059c0854f653da882ad076e1db2259947bb7ff3dd6
cc8fdb8b8d09767faff8cec309e20c4578b5e4b8ba9e659a9e2c50a2dd988592
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72153e433cb79df96dac0de4721b3654d530be58ba5758da4d464c8dca93bda
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec57324f11c244d438a9d6173ae4654b5f73217deffda8d30e79bda5ed2aa7cb
f770a1bc3d67a50543fbf55333a835aab065346c3460f92145c9aa2ff1a34984
f90d0b6a571e8d4b9ec683cf79a6d0f7c0775de35ec289edf3a6a794c9b56ba7
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46