URL: https://ardimedya.xyz/
Submission: On June 19 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 47 HTTP transactions. The main IP is 198.251.89.144, located in Luxembourg, Luxembourg and belongs to PONYNET, US. The main domain is ardimedya.xyz.
TLS certificate: Issued by R10 on June 18th 2024. Valid for: 3 months.
This is the only time ardimedya.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 198.251.89.144 53667 (PONYNET)
3 2a04:4e42:600... 54113 (FASTLY)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
5 142.250.185.162 15169 (GOOGLE)
3 2a02:6ea0:c70... 60068 (CDN77 _)
1 162.159.129.233 13335 (CLOUDFLAR...)
11 89.252.190.206 203576 (INTERNETB...)
2 2400:52e0:1e0... 60068 (CDN77 _)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
47 13
Apex Domain
Subdomains
Transfer
11 smmspot.net
cdn.smmspot.net
137 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
216 KB
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1017
69 KB
3 mypanel.link
cdn.mypanel.link — Cisco Umbrella Rank: 387555
432 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
153 KB
3 ardimedya.xyz
ardimedya.xyz
45 KB
2 apanel.link
cdn.apanel.link
20 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2585
36 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
6 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 457
31 KB
0 shortspro.online Failed
shortspro.online Failed
47 12
Domain Requested by
11 cdn.smmspot.net ardimedya.xyz
5 pagead2.googlesyndication.com ardimedya.xyz
pagead2.googlesyndication.com
5 unpkg.com 2 redirects ardimedya.xyz
3 cdn.mypanel.link ardimedya.xyz
3 cdn.jsdelivr.net ardimedya.xyz
cdn.jsdelivr.net
3 ardimedya.xyz ardimedya.xyz
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cdn.apanel.link ardimedya.xyz
1 www.youtube.com ardimedya.xyz
1 cdn.discordapp.com ardimedya.xyz
1 cdnjs.cloudflare.com ardimedya.xyz
1 ajax.googleapis.com ardimedya.xyz
0 shortspro.online Failed ardimedya.xyz
47 13

This site contains no links.

Subject Issuer Validity Valid
www.abyssmm.xyz.muratonline.net
R10
2024-06-18 -
2024-09-16
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
upload.video.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
1293389392.rsc.cdn77.org
E5
2024-06-12 -
2024-09-10
3 months crt.sh
discordapp.com
Cloudflare Inc ECC CA-3
2023-10-20 -
2024-10-19
a year crt.sh
cdn.smmspot.net
R3
2024-04-03 -
2024-07-02
3 months crt.sh
unpkg.com
GTS CA 1P5
2024-05-30 -
2024-08-28
3 months crt.sh
cdn.apanel.link
R3
2024-05-25 -
2024-08-23
3 months crt.sh
*.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh

This page contains 5 frames:

Primary Page: https://ardimedya.xyz/
Frame ID: 164066650D105BB504D288C099609CF9
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/e_pbZxD5Uj4
Frame ID: BB9AB07580E9B9BE3701080B08089AE3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240613/r20110914/zrt_lookup_fy2021.html
Frame ID: 0B7C00DB65F6D8E3CF053318298AEC78
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8829799416950048&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718763223&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fardimedya.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_13~27_14~29_18&aiixl=28_4~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718763223496&bpp=5&bdt=941&idt=299&shv=r20240613&mjsv=m202406130101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=867562282069&frm=20&pv=2&ga_vid=2057094588.1718763224&ga_sid=1718763224&ga_hid=10883056&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44795921%2C95334509%2C95334529%2C95334564%2C95334570%2C95334581%2C95334820%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1633863068527403&tmod=1414002714&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=377
Frame ID: 0DA2D3B1CBDA8F9AE7450F2F6DA8C77C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D0F4C53A59413277C18406971B75F8B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

72 %
HTTPS

58 %
IPv6

12
Domains

13
Subdomains

13
IPs

5
Countries

1110 kB
Transfer

2130 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css
Request Chain 2
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/fsvxaw/op5g4nbqmp8nzepb.css HTTP 302
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
Request Chain 3
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/fsvxaw/33j3i14zsylh56wz.css HTTP 302
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
Request Chain 4
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/libs/bootstrap-datetimepicker/4.17.47/bootstrap-datetimepicker.min.css HTTP 302
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
Request Chain 5
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/css/font-awesome/css/all.min.css HTTP 302
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
Request Chain 6
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/global/c3gyq3shygmabbke.css HTTP 302
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
Request Chain 24
  • https://unpkg.com/swiper@8/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ardimedya.xyz/
74 KB
28 KB
Document
General
Full URL
https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.251.89.144 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
s11.my-control-panel.com
Software
LiteSpeed /
Resource Hash
a804ee9440b16ae2d2639c9f186b4fcd1e1b2d927bebcafa88b96d26228bd8f1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
27971
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 02:13:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
remixicon.css
cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/
108 KB
14 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/remixicon.css
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13e29a29baade86f4e7a88d8e076d6a6f3ac8950757b50a0f8bbea1c33658d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 02:13:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
1640122
x-jsd-version
2.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13745
x-served-by
cache-fra-etou8220067-FRA
x-jsd-version-type
version
etag
W/"1af66-MA7aTWKCoG0FYjklj9PTw0TfSFM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
swiper-bundle.min.css
unpkg.com/swiper@8.4.7/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css
16 KB
6 KB
Stylesheet
General
Full URL
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ardimedya.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 02:13:42 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
641015
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J0410NT9AKT31HARC5GVQMM9-fra
server
cloudflare
etag
"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8960005dd80abbda-FRA

Redirect headers

date
Wed, 19 Jun 2024 02:13:42 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J0Q3V6A4X36M4Z5S3XM0DX4F-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
515
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.7/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
8960005d9fe6bbda-FRA
suspendedpage.cgi
shortspro.online/cgi-sys/
Redirect Chain
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/fsvxaw/op5g4nbqmp8nzepb.css
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
0
0

suspendedpage.cgi
shortspro.online/cgi-sys/
Redirect Chain
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/fsvxaw/33j3i14zsylh56wz.css
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
0
0

suspendedpage.cgi
shortspro.online/cgi-sys/
Redirect Chain
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/libs/bootstrap-datetimepicker/4.17.47/bootstrap-datetimepicker.min.css
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
0
0

suspendedpage.cgi
shortspro.online/cgi-sys/
Redirect Chain
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/css/font-awesome/css/all.min.css
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
0
0

suspendedpage.cgi
shortspro.online/cgi-sys/
Redirect Chain
  • https://shortspro.online/easy-panel/clousty/cdn.mypanel.link/global/c3gyq3shygmabbke.css
  • https://shortspro.online/cgi-sys/suspendedpage.cgi
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 00:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jun 2025 00:47:43 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.6.0/umd/
18 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.6.0/umd/popper.min.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efa894b85e3c9b1d30d13ed6c3ee0f5320af9f1a3d20ec2838467e464c4f5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://ardimedya.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1062656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5775
last-modified
Mon, 14 Dec 2020 20:24:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fd7ca03-4815"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rs6xnXRNQ5nbaM4t35g7VsACBMpfVoMqxPp7j5ZEKUHcYjVAlGQd9tOmCLcT6aeylnRhcWlR3bQqh%2Fk%2FgneGNLnV142uQ22%2BpwkAcVQ1jMfVdcNn%2BuQfIOXV%2Bi1m8iYSqkp1sdFr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8960005d4f3c7188-FRA
expires
Mon, 09 Jun 2025 02:13:42 GMT
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/
59 KB
17 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Origin
https://ardimedya.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 02:13:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
679392
x-jsd-version
4.4.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17008
x-served-by
cache-fra-etou8220021-FRA
x-jsd-version-type
version
etag
W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8829799416950048
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
bfc10420483fc9959dd49a147cd80d0fb647edad69bab64122bd9b681658d987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Origin
https://ardimedya.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53119
x-xss-protection
0
server
cafe
etag
9290571186849045285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 19 Jun 2024 02:13:43 GMT
37a749d808e46495a8da1e5352d03cae.png
ardimedya.xyz/public/images/
18 KB
18 KB
Image
General
Full URL
https://ardimedya.xyz/public/images/37a749d808e46495a8da1e5352d03cae.png
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.251.89.144 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
s11.my-control-panel.com
Software
LiteSpeed /
Resource Hash
aa9f6276fc548bf604bd13ce2d45122ed3b0feabddf28be75423d1e74e580f67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:42 GMT
last-modified
Mon, 05 Feb 2024 04:49:17 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17984
expires
Wed, 26 Jun 2024 02:13:42 GMT
1im3m0u2ontk2uy3.png
cdn.mypanel.link/fsvxaw/
382 KB
383 KB
Image
General
Full URL
https://cdn.mypanel.link/fsvxaw/1im3m0u2ontk2uy3.png
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
121e80c811a183fbbc431b635e0ccadadd90840d8925f394bfd1820a0712a2b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Wed, 19 Jun 2024 02:13:42 GMT
x-amz-request-id
tx00000abca71c1c0bda3d5-0065ae5280-2bc58ec-prg
x-77-cache
HIT
x-cache
MISS
x-amz-storage-class
STANDARD
x-accel-date
1718760984
alt-svc
h3=":443"; ma=86400
content-length
391556
x-77-nzt
A5ySIYs3NzehJRPCNDc3N96+CAAAWbu8plJgKgA
x-accel-expires
@1718765022
x-77-age
2238
last-modified
Tue, 31 Oct 2023 09:30:02 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1644796800/ctime:1644796800/gid:0/gname:root/mode:33188/mtime:1644796800/uid:0/uname:root
etag
"3a7d57184b24c2c1f7ac6d0bb6bb956c"
x-77-nzt-ray
cf878727ea5238dad63e726602e94628
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
timing-allow-origin
*
1e0pljppmaeehpnn.png
cdn.discordapp.com/attachments/975966956383518793/987207759646851092/
36 B
36 B
Image
General
Full URL
https://cdn.discordapp.com/attachments/975966956383518793/987207759646851092/1e0pljppmaeehpnn.png
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTJVCFwRSv5RdIkvGyDRLqUTCrqZ6yNaw2ZTjxep7HoiZIYrb72dGGWS7f0t9PiS5DAUZRmMMMCvUfJaO6jbuclh2U8r9dUMopuGHvG773Utp0BBZsTDPFqibxpen8TEmugURw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
8960005ddc954d95-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
ig.svg
cdn.smmspot.net/cloutsy/assets/img/platforms/
10 KB
10 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/platforms/ig.svg
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e5cafabe301534ac9a445ce6da42b3472b6e252271df195cf63dabebe482c96e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sat, 05 Feb 2022 00:29:17 GMT
server
nginx
etag
"61fdc4dd-2655"
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
9813
expires
Wed, 19 Jun 2024 02:13:44 GMT
sp.svg
cdn.smmspot.net/cloutsy/assets/img/platforms/
6 KB
7 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/platforms/sp.svg
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5637f3e2a98db9038daaf92e36d5a5a6060f16464b2637ce45a67d037efaf30e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sat, 05 Feb 2022 00:29:43 GMT
server
nginx
etag
"61fdc4f7-1950"
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6480
expires
Wed, 19 Jun 2024 02:13:44 GMT
tw.svg
cdn.smmspot.net/cloutsy/assets/img/platforms/
7 KB
7 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/platforms/tw.svg
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
dffd461b8a1186ee15987ccea5322a40513605215c3ba946b310121ac542df35

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sat, 05 Feb 2022 00:30:03 GMT
server
nginx
etag
"61fdc50b-1b47"
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6983
expires
Wed, 19 Jun 2024 02:13:44 GMT
yt.svg
cdn.smmspot.net/cloutsy/assets/img/platforms/
5 KB
5 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/platforms/yt.svg
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3dbba3b71df2c1bd3995991dd3d84c23ba9a84749a7596e09347a21feaa869a0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sat, 05 Feb 2022 00:30:19 GMT
server
nginx
etag
"61fdc51b-14d5"
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5333
expires
Wed, 19 Jun 2024 02:13:44 GMT
ch.svg
cdn.smmspot.net/cloutsy/assets/img/platforms/
6 KB
6 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/platforms/ch.svg
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6fa8e2d7173e678ba1026775b07bb95addb7af32e19020a18c2c5a6f75201443

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sat, 05 Feb 2022 00:30:35 GMT
server
nginx
etag
"61fdc52b-1733"
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5939
expires
Wed, 19 Jun 2024 02:13:44 GMT
avatar-1.png
cdn.smmspot.net/cloutsy/assets/img/home/
3 KB
3 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/home/avatar-1.png
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2882066b6cfd669773b7dfb1ccb5aaae697cd84ed4d67b6a06d1080c097bb929

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sat, 05 Feb 2022 19:59:33 GMT
server
nginx
etag
"61fed725-a77"
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2679
expires
Fri, 19 Jul 2024 02:13:43 GMT
person.png
cdn.smmspot.net/cloutsy/assets/img/home/
66 KB
66 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/home/person.png
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
32d7a0f3a65df6a38df5f97e62257af75705bd73e2b797cd1e536f0740b7d00e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sun, 06 Feb 2022 10:41:52 GMT
server
nginx
etag
"61ffa5f0-10753"
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
67411
expires
Fri, 19 Jul 2024 02:13:43 GMT
last.svg
cdn.smmspot.net/cloutsy/assets/img/home/
5 KB
5 KB
Image
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/img/home/last.svg
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
02a3dd34456aa407cb57a451710516d1de78e1296ea8470c0ca461d2c70faf21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
last-modified
Sun, 06 Feb 2022 11:06:22 GMT
server
nginx
etag
"61ffabae-132e"
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4910
expires
Wed, 19 Jun 2024 02:13:44 GMT
aos.js
unpkg.com/aos@2.3.1/dist/
14 KB
6 KB
Script
General
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:42 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8410416
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HRWFHAF8SKKDG260QG5VXNSB-fra
server
cloudflare
etag
"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8960005f38d2bbda-FRA
bootstrap.bundle.min.js
cdn.smmspot.net/cloutsy/assets/js/
77 KB
21 KB
Script
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/js/bootstrap.bundle.min.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
last-modified
Tue, 22 Jun 2021 18:25:36 GMT
server
nginx
etag
W/"60d22b20-13397"
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 16 Dec 2024 02:13:43 GMT
swiper-bundle.min.js
unpkg.com/swiper@8.4.7/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js
140 KB
57 KB
Script
General
Full URL
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ardimedya.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8415055
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB3RR2P76BKPKH73BCXE1N-fra
server
cloudflare
etag
"2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
896000627abebbda-FRA

Redirect headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J0Q3YGJA6M58TP3WMM8RWJ2E-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
407
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.7/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
896000617a29bbda-FRA
actulus.selectbox.js
cdn.smmspot.net/cloutsy/assets/js/
9 KB
2 KB
Script
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/js/actulus.selectbox.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b3fd320be7a13929be25f7b599db01abe4ef7de11caf1da6ab0ad3a81c8146cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
last-modified
Sun, 13 Feb 2022 00:02:39 GMT
server
nginx
etag
W/"62084a9f-24fc"
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 16 Dec 2024 02:13:43 GMT
jquery.min.js
cdn.mypanel.link/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://cdn.mypanel.link/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
gzip
x-amz-request-id
tx0000018d17339da8257df-0065ae51dd-2730a69-prg
x-accel-date-max
1705923190
x-77-cache
HIT
x-cache
HIT
x-age
950
x-accel-date
1718762273
alt-svc
h3=":443"; ma=86400
x-77-nzt
A5ySIYs3Nzf/tgMAAIrHJcE3Nzf/mQAAAFm7vKYBOccA
x-accel-expires
@1718764046
x-77-age
950
last-modified
Tue, 16 Jan 2024 07:24:24 GMT
server
CDN77-Turbo
etag
W/"4f252523d4af0b478c810c2547a63e19"
x-77-nzt-ray
cf878727ea5238dad73e726648a64111
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
timing-allow-origin
*
aknio8ec1fpphc0p.js
cdn.mypanel.link/global/
0
0

nfos6j9mo1on7ksz.js
cdn.mypanel.link/global/
0
0

aep5leer2lblx6nz.js
cdn.mypanel.link/global/
0
0

6512pd498chdd7xk.js
cdn.mypanel.link/global/
0
0

deemyq6wt6ekgyas.js
cdn.mypanel.link/fsvxaw/
0
0

xoupa5ojpygkpnk5.js
cdn.mypanel.link/fsvxaw/
77 KB
15 KB
Script
General
Full URL
https://cdn.mypanel.link/fsvxaw/xoupa5ojpygkpnk5.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9c505e3482d9fa00b2700678c6cd92788f4174404b392ef995d4898ce25c118b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
gzip
x-amz-request-id
tx0000063d1ac3b25bfa8af-0065ae5222-3f5a3f3-prg
x-77-cache
HIT
x-cache
MISS
x-accel-date
1718760984
alt-svc
h3=":443"; ma=86400
x-77-nzt
A5ySIYs3NzehJRPCNDc3N96/CAAAWbu8pi3PtAA
x-accel-expires
@1718765023
x-77-age
2239
last-modified
Tue, 16 Jan 2024 07:18:14 GMT
server
CDN77-Turbo
etag
W/"0a3b29cf46217000fb7ade2cfcd6eca2"
x-77-nzt-ray
cf878727ea5238dad73e726672486311
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
timing-allow-origin
*
application.v21.26.12.js
cdn.apanel.link/
23 KB
6 KB
Script
General
Full URL
https://cdn.apanel.link/application.v21.26.12.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
c12f3805fa88ec06c3e5e1ddc5578b386df54553fd629427a153ecad4f164c86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
cdn-edgestorageid
1079
cdn-storageserver
NY-430
cdn-cachedat
03/26/2024 21:25:11
cdn-pullzone
65929
last-modified
Sun, 26 Dec 2021 22:02:06 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
262
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"61c8e65e-5cd0"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
15d3dd1d-8301-40a9-8e06-d956e6e2932a
cache-control
public, max-age=604800
cdn-requestid
f6dc7589aa889fd1bae5fa461e172ef6
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ny2893848_3.js
cdn.apanel.link/
45 KB
13 KB
Script
General
Full URL
https://cdn.apanel.link/ny2893848_3.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
4aa6b779e24c2aaa7d53daef8249d06e87d964e35fc0ab718d827998b1f35c5f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
cdn-edgestorageid
1079
cdn-storageserver
NY-430
cdn-cachedat
03/26/2024 21:05:51
cdn-pullzone
65929
last-modified
Wed, 22 Dec 2021 14:49:42 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
265
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"61c33b06-b21c"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
15d3dd1d-8301-40a9-8e06-d956e6e2932a
cache-control
public, max-age=604800
cdn-requestid
a5b5a32ae7f015e5352ecb0a4dde44ee
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
main.js
cdn.smmspot.net/cloutsy/assets/js/
21 KB
5 KB
Script
General
Full URL
https://cdn.smmspot.net/cloutsy/assets/js/main.js
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.252.190.206 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
36e74d52f326d349035b03d3afcae356f39acd66244d18714b06f4a148e5fd13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 21:06:40 GMT
server
nginx
etag
W/"6217f360-5388"
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 16 Dec 2024 02:13:43 GMT
e_pbZxD5Uj4
www.youtube.com/embed/ Frame BB9A
0
0
Document
General
Full URL
https://www.youtube.com/embed/e_pbZxD5Uj4
Requested by
Host: ardimedya.xyz
URL: https://ardimedya.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ardimedya.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 02:13:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
remixicon.woff2
cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/
122 KB
123 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/remixicon.woff2?t=1590207869815
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/remixicon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e61f0d10c8cac8cd0ecb36790d6cce883380c0b185ff3c9bf849ed336ba8285c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/remixicon.css
Origin
https://ardimedya.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 02:13:43 GMT
x-content-type-options
nosniff
age
691214
x-jsd-version
2.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
125268
x-served-by
cache-fra-etou8220021-FRA
x-jsd-version-type
version
etag
W/"1e954-TTdav0PtGKpUJkwbWXFLClnFk6Q"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/
428 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8829799416950048&plah=ardimedya.xyz&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8829799416950048
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e24ff23bea2b05efb44d944dc8dc526da5a17e60701f0a40d095a3f63d791c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148116
x-xss-protection
0
server
cafe
etag
7766872684736961064
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jun 2024 02:13:43 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad1b91e30963591de127cf395d6190da2d0ac65684b355775bea059c34176ac1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
445fde7c3ffbfef447e2fecb013a8a379b6c2340d72c3ca02b721430a955fe7d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d01a8d2fbb8bc56c4766bde18fc25a9ab33dd1fc25b79fa8049b71cf0d91ac30

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
250ef326cb5cd533b48e3be7252b05f80fd34f5025acea4301ee0e7396c5541e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4d949185de526a0baad2a8db101fdf970034d828a6abd344c6ae7e9f15008be

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240613/r20110914/ Frame 0B7C
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240613/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8829799416950048&plah=ardimedya.xyz&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ardimedya.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
28042
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jun 2024 18:26:21 GMT
etag
16861080603521627538
expires
Tue, 02 Jul 2024 18:26:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 0DA2
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8829799416950048&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718763223&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fardimedya.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_13~27_14~29_18&aiixl=28_4~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718763223496&bpp=5&bdt=941&idt=299&shv=r20240613&mjsv=m202406130101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=867562282069&frm=20&pv=2&ga_vid=2057094588.1718763224&ga_sid=1718763224&ga_hid=10883056&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44795921%2C95334509%2C95334529%2C95334564%2C95334570%2C95334581%2C95334820%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1633863068527403&tmod=1414002714&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=377
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8829799416950048&plah=ardimedya.xyz&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ardimedya.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 02:13:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240613&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8829799416950048&plah=ardimedya.xyz&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7baefd52c23d1c691f1b1a32362a54a6c697bd7307d5e43d46cc0c572e489c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12563
x-xss-protection
0
0b5e7f0138ad72cf4f28d2ee0b0364e1071af9be.png
ardimedya.xyz/public/images/
0
98 B
Other
General
Full URL
https://ardimedya.xyz/public/images/0b5e7f0138ad72cf4f28d2ee0b0364e1071af9be.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.251.89.144 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
s11.my-control-panel.com
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:44 GMT
last-modified
Mon, 05 Feb 2024 04:49:33 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
0
expires
Wed, 26 Jun 2024 02:13:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8829799416950048&plah=ardimedya.xyz&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ardimedya.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 02:13:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D0F
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ardimedya.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
18592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jun 2024 21:03:52 GMT
expires
Wed, 18 Jun 2025 21:03:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
shortspro.online
URL
https://shortspro.online/cgi-sys/suspendedpage.cgi
Domain
shortspro.online
URL
https://shortspro.online/cgi-sys/suspendedpage.cgi
Domain
shortspro.online
URL
https://shortspro.online/cgi-sys/suspendedpage.cgi
Domain
shortspro.online
URL
https://shortspro.online/cgi-sys/suspendedpage.cgi
Domain
shortspro.online
URL
https://shortspro.online/cgi-sys/suspendedpage.cgi
Domain
cdn.mypanel.link
URL
https://cdn.mypanel.link/global/aknio8ec1fpphc0p.js
Domain
cdn.mypanel.link
URL
https://cdn.mypanel.link/global/nfos6j9mo1on7ksz.js
Domain
cdn.mypanel.link
URL
https://cdn.mypanel.link/global/aep5leer2lblx6nz.js
Domain
cdn.mypanel.link
URL
https://cdn.mypanel.link/global/6512pd498chdd7xk.js
Domain
cdn.mypanel.link
URL
https://cdn.mypanel.link/fsvxaw/deemyq6wt6ekgyas.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240613&jk=1633863068527403&bg=!n5ylnNPNAAb64txl2uI7ADQBe5WfOHk4v8AjZXBEfwMtnDpb2s1rASP270ZuFgj7JwBMrI0kxHO9suTgW4su9y6stam3AgAAAYZSAAAABmgBB34ANU6UWuDGBE2u7X2-hT2K5iztUbsSuefBNQWQpXT9agSmbmECH964zYhGzNzEE5pxgwMawI1gmQKLXa61Ks6Ezuhhhoh02-Pk20BhlRfk4eumEYbtedxhqtu6D8HgCX388ccJ79rONC2jJwwOwtXyAq2pIVSgycsXxRaleRjjlSZtnaMierwWvqdZuMSe_bhr_bV_TKo9SfBzSmr1JKDm_A395Ni-I5Ajsc48cJFTrxXPt_UMGBXRSkt1UUHt0Q28EPrQ17NLELW7ki5E9EYmd9LMpY7tXfpChDubrtvE1mG5inzPwDqd-Y4eLWu9khwE-ROGFWqNX0j50JxxXW6Qyf9AHKWEIPvmp3hzjfhtvHRwrNX4nfrGpEucx3Z0pekcSovSOhtqexYX2SFKPwLTsBip1-CtLUaH9I-F1mrca17xwNwkbImFv1DJQcN9dvQF55paudiuM5gRYuK9vN8e_rQ0ritccWkHpuNP-BnNQaxg56LonPeonbo0bvmqY2cDrUQETbnNY1knUBikzGEvs-UtWzpQNSWByxMrVjNaTMNrlTYtxw1UjANa8x4EdSOU_yBIDCjawbbXRRalHLNhp3HA8UuHxk-MbPo4314OxLP_V-TjYff7HH8MfJFgNGnWkcCaCiw97Bi-1xyV2H1pjSoLE0ouh24Te4kbb7iKbD3cgDAUQA5PMSMIBSUm9Jzb8nd7pVqseBp3xUfqYA3QHQdzkH9XedlXwn3NTNy5irapIHtTjYuj3NZIbb7TFTId_vj52JTR1WRUD_zaCE3MblZ5frMPm94d89RYbjsc2ROnprMjjWKByyMjGC15O8EYFCcWUltoTWIgNScJY-296QbKl_YU-grpEM4eJySUf25TH_Y0fR9EYYcEagNVpxzcLafJIP6ohtimc9iSU0bHbMACSsHpSy0GW1w4WlzS1EByu6lk

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| Popper object| bootstrap object| AOS number| uidEvent object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| Swiper string| google_user_agent_client_hint object| jQuery112408940323847007465 function| _0x3392e8 function| remove_date function| drip_feed_css function| addon_details function| service_fields function| ajax_service_fields function| change_cat function| ajax_change_category function| send_cancel function| send_refill function| change_payment_method function| _0x3f71 function| send_subscription_status function| copy_to_clipboard function| _0x42d6 function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS function| Snowflakes function| Fireworks function| NewYearEvent undefined| sChatBody object| tooltipTriggerList object| tooltipList function| filterService function| removeEmptyCategory object| _0x272c function| _0x1ad4 undefined| realData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
ardimedya.xyz/ Name: PHPSESSID
Value: 08ff9c8fcbaf0187c6855d51ea74d234
.discordapp.com/ Name: __cf_bm
Value: Bo2seWNxn1RTf.R_DjWVlPeYZ5sxkjxoVR860uiDEJs-1718763222-1.0.1.1-2Y_lXZBGED8N77A4i8UNPsYpoQXb.Fgj2MZR7ePB3StZnif5RdoVZbqo9aPxbRJlmgAB1L5x5MssvoLxG42.Zg
.discordapp.com/ Name: _cfuvid
Value: hv.uf57rr3jPF7QE2IqxHeAqJsz3V99LeDpclnVuUgU-1718763222708-0.0.1.1-604800000
.youtube.com/ Name: YSC
Value: qTz8JBsPptc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: SnwEGQuw5bg
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgDw%3D%3D

4 Console Messages

Source Level URL
Text
network error URL: https://cdn.discordapp.com/attachments/975966956383518793/987207759646851092/1e0pljppmaeehpnn.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://ardimedya.xyz/(Line 410)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://cdn.apanel.link/ny2893848_3.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
recommendation verbose URL: https://ardimedya.xyz/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ardimedya.xyz
cdn.apanel.link
cdn.discordapp.com
cdn.jsdelivr.net
cdn.mypanel.link
cdn.smmspot.net
cdnjs.cloudflare.com
pagead2.googlesyndication.com
shortspro.online
tpc.googlesyndication.com
unpkg.com
www.youtube.com
cdn.mypanel.link
pagead2.googlesyndication.com
shortspro.online
104.17.24.14
142.250.185.162
162.159.129.233
198.251.89.144
2400:52e0:1e00::1081:1
2606:4700::6811:f8cb
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:811::200e
2a02:6ea0:c700::18
2a04:4e42:600::485
89.252.190.206
02a3dd34456aa407cb57a451710516d1de78e1296ea8470c0ca461d2c70faf21
121e80c811a183fbbc431b635e0ccadadd90840d8925f394bfd1820a0712a2b2
13e29a29baade86f4e7a88d8e076d6a6f3ac8950757b50a0f8bbea1c33658d5c
250ef326cb5cd533b48e3be7252b05f80fd34f5025acea4301ee0e7396c5541e
2882066b6cfd669773b7dfb1ccb5aaae697cd84ed4d67b6a06d1080c097bb929
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
32d7a0f3a65df6a38df5f97e62257af75705bd73e2b797cd1e536f0740b7d00e
36e74d52f326d349035b03d3afcae356f39acd66244d18714b06f4a148e5fd13
3dbba3b71df2c1bd3995991dd3d84c23ba9a84749a7596e09347a21feaa869a0
445fde7c3ffbfef447e2fecb013a8a379b6c2340d72c3ca02b721430a955fe7d
4aa6b779e24c2aaa7d53daef8249d06e87d964e35fc0ab718d827998b1f35c5f
4efa894b85e3c9b1d30d13ed6c3ee0f5320af9f1a3d20ec2838467e464c4f5a7
5637f3e2a98db9038daaf92e36d5a5a6060f16464b2637ce45a67d037efaf30e
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6fa8e2d7173e678ba1026775b07bb95addb7af32e19020a18c2c5a6f75201443
7baefd52c23d1c691f1b1a32362a54a6c697bd7307d5e43d46cc0c572e489c93
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
9c505e3482d9fa00b2700678c6cd92788f4174404b392ef995d4898ce25c118b
a804ee9440b16ae2d2639c9f186b4fcd1e1b2d927bebcafa88b96d26228bd8f1
aa9f6276fc548bf604bd13ce2d45122ed3b0feabddf28be75423d1e74e580f67
ad1b91e30963591de127cf395d6190da2d0ac65684b355775bea059c34176ac1
b3fd320be7a13929be25f7b599db01abe4ef7de11caf1da6ab0ad3a81c8146cf
bfc10420483fc9959dd49a147cd80d0fb647edad69bab64122bd9b681658d987
c12f3805fa88ec06c3e5e1ddc5578b386df54553fd629427a153ecad4f164c86
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
d01a8d2fbb8bc56c4766bde18fc25a9ab33dd1fc25b79fa8049b71cf0d91ac30
dffd461b8a1186ee15987ccea5322a40513605215c3ba946b310121ac542df35
e24ff23bea2b05efb44d944dc8dc526da5a17e60701f0a40d095a3f63d791c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cafabe301534ac9a445ce6da42b3472b6e252271df195cf63dabebe482c96e
e61f0d10c8cac8cd0ecb36790d6cce883380c0b185ff3c9bf849ed336ba8285c
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f4d949185de526a0baad2a8db101fdf970034d828a6abd344c6ae7e9f15008be
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e