urlscan.io logo urlscan.io
SecurityTrails logo

2ad.ir Open in urlscan Pro
185.49.85.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mysp.ac/4kf8L?google.com?21
Effective URL: https://2ad.ir/RtAuf?google.com%3F21=
Submission: On December 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 36 HTTP transactions. The main IP is 185.49.85.38, located in Iran, Islamic Republic Of and belongs to ASIATECH, IR. The main domain is 2ad.ir.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 26th 2020. Valid for: 3 months.
This is the only time 2ad.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.135.90.71 33739 (MYSPACE)
22 185.49.85.38 43754 (ASIATECH)
1 2a00:1450:400... 15169 (GOOGLE)
1 109.206.162.83 50245 (SERVEREL-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 185.166.104.3 202319 (CAFEBAZAAR)
1 151.139.128.11 20446 (HIGHWINDS3)
1 2600:1f18:510... 14618 (AMAZON-AES)
3 104.31.76.193 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 11
1    63.135.90.71 (United States)

ASN33739 (MYSPACE, US)
mysp.ac
22    185.49.85.38 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
2ad.ir
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
rukoval.com
1    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:e633 (United States)

ASN13335 (CLOUDFLARENET, US)
mellowads.com
2    185.166.104.3 (Iran, Islamic Republic Of)

ASN202319 (CAFEBAZAAR, IR)
cdn.yektanet.com
1    151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
cdn.popcash.net
1    2600:1f18:510:800:47d:b712:3f09:ebd2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dcba.popcash.net
3    104.31.76.193 (United States)

ASN13335 (CLOUDFLARENET, US)
nfetch.yektanet.com
ua.yektanet.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
22 2ad.ir 2ad.ir
2 ua.yektanet.com cdn.yektanet.com
2ad.ir
2 www.google-analytics.com 2ad.ir
www.google-analytics.com
2 cdn.yektanet.com 2ad.ir
cdn.yektanet.com
1 www.gstatic.com www.google.com
1 nfetch.yektanet.com cdn.yektanet.com
1 dcba.popcash.net cdn.popcash.net
1 cdn.popcash.net 2ad.ir
1 mellowads.com 2ad.ir
1 www.google.com 2ad.ir
1 rukoval.com 2ad.ir
1 fonts.googleapis.com 2ad.ir
1 mysp.ac 1 redirects
36 13

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
*.2ad.ir
Let's Encrypt Authority X3		 2020-10-26 -
2021-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
rukoval.com
R3		 2020-12-03 -
2021-03-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-14 -
2021-08-14		 a year crt.sh
cdn.yektanet.com
Let's Encrypt Authority X3		 2020-11-26 -
2021-02-24		 3 months crt.sh
cdn.popcash.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-16 -
2021-02-14		 3 months crt.sh
*.popcash.net
AlphaSSL CA - SHA256 - G2		 2020-04-21 -
2021-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://2ad.ir/RtAuf?google.com%3F21=
Frame ID: 3B255FABDC8922532ABAD5B3B48ED48C
Requests: 34 HTTP requests in this frame

Frame: https://mellowads.com/view/0A76E789C065
Frame ID: 012D29530A1625BFC15A6AFCB02E945E
Requests: 1 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: 6FBAAC859A54554ED7E49056E5A7B757
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mysp.ac/4kf8L?google.com?21 HTTP 302
    https://2ad.ir/RtAuf?google.com%3F21= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

428 kB
Transfer

1263 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mysp.ac/4kf8L?google.com?21 HTTP 302
    https://2ad.ir/RtAuf?google.com%3F21= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request RtAuf
2ad.ir/
Redirect Chain
  • https://mysp.ac/4kf8L?google.com?21
  • https://2ad.ir/RtAuf?google.com%3F21=
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
ef38f651b0cc8b1a4232fcb58c427a4347ee9dc89d949393bb1e9453b9f7b04c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
2ad.ir
:scheme
https
:path
/RtAuf?google.com%3F21=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Fri, 25 Dec 2020 15:06:44 GMT
server
LiteSpeed
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

Vary
Accept-Encoding
Set-Cookie
persistent_id=pid%3D5b439ae9-2a2c-4a54-939a-8e3df137d029%26llid%3D%26lprid%3D%26lltime%3D; domain=.mysp.ac; path=/; expires=Thu, 20 Dec 2040 15:06:34 GMT; httpOnly visit_id=96f268db-a6c3-4c73-b6ac-9b3f1e044dbc; domain=.mysp.ac; path=/; expires=Fri, 25 Dec 2020 15:36:34 GMT; httpOnly beacons_enabled=true; domain=.mysp.ac; path=/; expires=Fri, 25 Dec 2020 15:36:34 GMT
X-TrackingId
aa980334-915f-40c8-9481-fe9cecb3c8ee
Cache-Control
no-cache
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html
Location
https://2ad.ir/RtAuf?google.com%3F21=
X-Response-Time
34ms
Content-Encoding
gzip
Date
Fri, 25 Dec 2020 15:06:34 GMT
Connection
keep-alive
Transfer-Encoding
chunked
icon
fonts.googleapis.com/ 		574 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Dec 2020 15:06:34 GMT
server
ESF
date
Fri, 25 Dec 2020 15:06:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Dec 2020 15:06:34 GMT
icon-font.min.css
2ad.ir/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/css/icon-font.min.css
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
f90d0b6a571e8d4b9ec683cf79a6d0f7c0775de35ec289edf3a6a794c9b56ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 May 2020 09:16:17 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
1499
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
wow.min.js
2ad.ir/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/wow.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
2524
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
owl.carousel.min.css
2ad.ir/vendor/owl/ 		3 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/owl/owl.carousel.min.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
915
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
owl.theme.default.css
2ad.ir/vendor/owl/ 		1 KB
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/owl/owl.theme.default.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
464
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
bootstrap.min.css
2ad.ir/ojen_theme/css/ 		141 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/bootstrap.min.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
2e1c6438ef38441c988bbfe871db2796fce5d2347461d4a014739578793f4363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sat, 03 Nov 2018 12:03:42 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
18618
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
animate.css
2ad.ir/ojen_theme/css/ 		57 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/animate.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sun, 28 Oct 2018 12:57:30 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
3838
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
style.css
2ad.ir/ojen_theme/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
1e6f205f077fbc37d28acaa78f301ef8e2a799fe54a8cb36e3849c4f1485c813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 15:06:29 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
5275
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
anime.css
2ad.ir/ojen_theme/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/anime.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
c75f80593f1f326e56f74c059c0854f653da882ad076e1db2259947bb7ff3dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sun, 28 Oct 2018 12:57:42 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
1573
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
responsive.css
2ad.ir/ojen_theme/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/css/responsive.css?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
97778b4ffa451edae2d54d345883b6cc937280ca8ee8db6de5085d6a46ad34ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 12 Jul 2019 20:30:26 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
1301
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
jquery.min.js
2ad.ir/vendor/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/jquery.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
29166
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
brt.js
rukoval.com/t/9/fret/meow4/1754337/ 		63 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rukoval.com/t/9/fret/meow4/1754337/brt.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9c5319300565ab132fa52f25af6cb3213ba65e8d53536d4945daccedb1b2944e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Dec 2020 15:06:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Nov 2020 13:08:05 GMT
Server
nginx
ETag
W/"5fa004b5-fd47"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
shetab.png
2ad.ir/ojen_theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/shetab.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
e72153e433cb79df96dac0de4721b3654d530be58ba5758da4d464c8dca93bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Nov 2018 14:11:54 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
4108
x-xss-protection
1; mode=block
expires
Sat, 25 Dec 2021 15:06:45 GMT
zarinpal.png
2ad.ir/ojen_theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/zarinpal.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
f770a1bc3d67a50543fbf55333a835aab065346c3460f92145c9aa2ff1a34984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Nov 2018 21:25:24 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
3985
x-xss-protection
1; mode=block
expires
Sat, 25 Dec 2021 15:06:45 GMT
ads.js
2ad.ir/ojen_theme/js/ 		106 B
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/ads.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 11 Feb 2018 06:31:22 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
User-Agent
content-length
106
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
popper.min.js
2ad.ir/ojen_theme/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/popper.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 29 Oct 2018 09:55:52 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
6644
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
bootstrap.min.js
2ad.ir/ojen_theme/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/bootstrap.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 29 Oct 2018 09:55:42 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
12542
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
clipboard.min.js
2ad.ir/vendor/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/vendor/clipboard.min.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 00:12:58 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
3194
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
main.js
2ad.ir/ojen_theme/js/ 		2 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/main.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
79b18af33d3a5ef74b124a832b71ab46d563957b5ab979e98e540167d2e29c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 12 Jul 2019 21:54:24 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
659
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
appc.js
2ad.ir/ojen_theme/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/js/appc.js?ver=6.0.4
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
b9e651f9f87e827ce383bcd1accbd3f6441d160fb5ca56e4b24039e736cd1f18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 25 Dec 2019 01:09:00 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
4144
x-xss-protection
1; mode=block
expires
Sun, 24 Jan 2021 15:06:45 GMT
api.js
www.google.com/recaptcha/ 		918 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=fa&onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
02a62d14da490d9ec3abe10cbcf9dd90715da1041ed9bb80828bb961b57e1ef4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581
x-xss-protection
1; mode=block
expires
Fri, 25 Dec 2020 15:06:35 GMT
Cookie set 0A76E789C065
mellowads.com/view/ Frame 012D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mellowads.com/view/0A76E789C065
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2ad.ir/RtAuf?google.com%3F21=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://2ad.ir/RtAuf?google.com%3F21=

Response headers

Date
Fri, 25 Dec 2020 15:06:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=def09ec9058f622590001f409a4ff42f81608908795; expires=Sun, 24-Jan-21 15:06:35 GMT; path=/; domain=.mellowads.com; HttpOnly; SameSite=Lax user=referrer=; expires=Thu, 25-Mar-2021 14:06:27 GMT; path=/
Cache-Control
private
X-AspNet-Version
4.0.30319
CF-Cache-Status
DYNAMIC
cf-request-id
073c09064a0000fa744f0c8000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
60737783a97cfa74-AMS
Content-Encoding
gzip
logo-white.png
2ad.ir/ojen_theme/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/logo-white.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
ec57324f11c244d438a9d6173ae4654b5f73217deffda8d30e79bda5ed2aa7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Dec 2018 19:45:00 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
17959
x-xss-protection
1; mode=block
expires
Sat, 25 Dec 2021 15:06:45 GMT
IRANSansWeb.woff2
2ad.ir/ojen_theme/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2ad.ir/ojen_theme/fonts/IRANSansWeb.woff2
Requested by
Host: 2ad.ir
URL: https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
13812a30ddb5f43dee6b08795045e14f2463e6a54b0153f94c87d78e0ae2ca11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://2ad.ir
Referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Dec 2016 17:24:10 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
vary
User-Agent
content-length
31304
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 2021 15:06:45 GMT
native-2ad.ir.js
cdn.yektanet.com/js/2ad.ir/ 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/js/2ad.ir/native-2ad.ir.js?v=2020011025016
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Zeerak /
Resource Hash
9893eac2f595d5f1bcb143573ef00b4d7c2f180c607db259aaae3a8521e9ffc5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:35 GMT
content-encoding
br
x-zrk-cs
REVALIDATED
last-modified
Thu, 24 Dec 2020 16:40:11 GMT
server
Zeerak
x-amz-request-id
tx0000000000000032819f2-005fe5db80-128e8e0e-default
etag
W/"886e93603e0dbd05074215a9638c2c69"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=300
x-rgw-object-type
Normal
x-zrk-us
206
strict-transport-security
max-age=0
x-zrk-sn
frankfurt1
show.js
cdn.popcash.net/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popcash.net/show.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b37c68ea8d69f58c1eabce67ed611af0420a18ed352cec281c81d8997e426e4

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FbMj4fvcUP6yJzEF2JjzWk2VdzslPVFAfvAl5WNfHNnkhcnm8kR%2Bfccjp3vGjGtnlSIFmXTTRU%2Bw3OD5fsLqHlc6Bk2nle9gFoCc1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length
34905
cf-request-id
06a1e95037000034dedd18d000000001
last-modified
Wed, 25 Nov 2020 16:30:27 GMT
server
cloudflare
etag
W/"5fbe86a3-19fff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1608908795.cds098.lo4.hn,1608908795.cds053.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
5f7cde605ae434de-DUB
logo.png
2ad.ir/ojen_theme/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ad.ir/ojen_theme/img/logo.png
Requested by
Host: 2ad.ir
URL: https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.85.38 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
a31d82c522e9f52a1cd187f5905bf9e6a4cb3629174cd75701a003d0e80ac451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ad.ir/ojen_theme/css/style.css?ver=6.0.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Dec 2018 19:54:18 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
16518
x-xss-protection
1; mode=block
expires
Sat, 25 Dec 2021 15:06:45 GMT
znWaa3gu
dcba.popcash.net/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dcba.popcash.net/znWaa3gu
Requested by
Host: cdn.popcash.net
URL: https://cdn.popcash.net/show.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:510:800:47d:b712:3f09:ebd2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 25 Dec 2020 15:06:35 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
publisher.js
cdn.yektanet.com/rg_woebegone/scripts_v3/Gx4wxUPc/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v3/Gx4wxUPc/publisher.js?v=2020011025016
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/js/2ad.ir/native-2ad.ir.js?v=2020011025016
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Zeerak /
Resource Hash
0337d3f5b2086e3fdd6ca3c21dfe31edb6a6dbaba1712ed8fd79d8b20f860be1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:35 GMT
content-encoding
br
x-zrk-cs
REVALIDATED
last-modified
Sun, 13 Dec 2020 10:58:05 GMT
server
Zeerak
x-amz-request-id
tx000000000000003280fb7-005fe5db81-1286bb6f-default
etag
W/"7c416635f77f47c31c13611abc1a9675"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=300
x-rgw-object-type
Normal
x-zrk-us
206
strict-transport-security
max-age=0
x-zrk-sn
frankfurt1
/
nfetch.yektanet.com/api/v2/load/ 		83 B
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nfetch.yektanet.com/api/v2/load/?format=json&ids=5757,4675&counts=1,3&image_types=1,1&w=1600&h=1200&is-mobile=0&android=0&ios=0&page_title=Error&page_url=https://2ad.ir/RtAuf&ref=
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/js/2ad.ir/native-2ad.ir.js?v=2020011025016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.76.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cfdceccefdf4e74cc021ae65f86507c1e529b50310d5623a03e96570263697f7

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
cf-request-id
073c0907d800003325640a7000000001
last-modified
Friday, 25-Dec-2020 15:06:35 GMT
server
cloudflare
etag
W/"53-Il5H9qmk9kBirmLqwu8y6FHchlA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eCFno7wNpFA%2B6w6viraBchARMQwhOjsU96pQudv%2BIvnlBLgmJoYy6qG7QL9Q%2FVcqqRv5NZw5b2OJQwPeOFtlqylqyumPX00xlM%2BTMnXLcj5A1b08"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://2ad.ir
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
607377862c2e3325-CDG
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
988
date
Fri, 25 Dec 2020 14:50:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 25 Dec 2020 16:50:07 GMT
/
ua.yektanet.com/cookie/iframe/ Frame 6FBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/cookie/iframe/
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/Gx4wxUPc/publisher.js?v=2020011025016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.76.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ua.yektanet.com
:scheme
https
:path
/cookie/iframe/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2ad.ir/RtAuf?google.com%3F21=
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=2f0b430925daaa4248125daf3ebf742077cd798d-1608908795-1800-ATNapzo1Rg/RR6lfyg4CNtcjdy79wQrxxTY9QmD+HbDd17snf06z3oJOvPtBQ6X+O+z4niIrufhZfgp08xofh0I=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://2ad.ir/RtAuf?google.com%3F21=

Response headers

date
Fri, 25 Dec 2020 15:06:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d2bae17261add2b803c4d33e5398ff4221608908796; expires=Sun, 24-Jan-21 15:06:36 GMT; path=/; domain=.yektanet.com; HttpOnly; SameSite=Lax
last-modified
Friday, 25-Dec-2020 15:06:36 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-request-id
073c090aa80000332516171000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ivo%2FNuRdIVjiQjPdQy4Z1hHZmm3qkdtf3eEAXIvmQsAsd%2BAT5vrIYztk%2B8JJTzy9PGj4XW0ONkfA%2FwZxvzghMAKA%2FtmXveqXh86eYeNRY6M%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6073778aadef3325-CDG
content-encoding
br
__fake.gif
ua.yektanet.com/ 		3 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=9274fc96-e217-4851-a4d4-957d15d07d9a&abj=1&ac=https%3A%2F%2F2ad.ir%2FRtAuf%3Fgoogle.com%253F21%3D&ae=%7B%22google.com%253F21%22%3A%22%22%7D&ad=2ad.ir&as=Error&aea=24263&aeb=yektanet&aec=25084&aed=pub&aaa=direct&aab=null&ai=c64768a1-d922-7d5f-92c9-dcc6fab575d7&abw=1600&abb=882&aby=1600&abz=1200&al=1600&am=1200&abk=
Requested by
Host: 2ad.ir
URL: https://2ad.ir/RtAuf?google.com%3F21=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.76.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:06:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Friday, 25-Dec-2020 15:06:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w53pbM5EJNfBSDQsf9Dd4zZVq1wL0mL9S7c2Y1qMGyYDqx4t5Ta%2FxSEtKXUKlmoUmB5BxcqzLXwdK9DH5vvUoSXM9JbHIcVqvx7ZfpQPlbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
max-age=2678400, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60737786dda13325-CDG
cf-request-id
073c09084700003325738a2000000001
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 		364 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=fa&onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
679a1667967551b4b438dbf4dc8b5d71760f63d927e10aaf430a1a7a8966d330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2ad.ir
Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 08:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23910
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137344
x-xss-protection
0
last-modified
Sun, 06 Dec 2020 23:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Dec 2021 08:28:05 GMT
collect
www.google-analytics.com/j/ 		2 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=428355476&t=pageview&_s=1&dl=https%3A%2F%2F2ad.ir%2FRtAuf%3Fgoogle.com%253F21%3D&ul=en-us&de=UTF-8&dt=Error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2113798099&gjid=1780497180&cid=1462892177.1608908797&tid=UA-90058927-1&_gid=75609085.1608908797&_r=1&_slc=1&z=354226395
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2ad.ir/RtAuf?google.com%3F21=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Dec 2020 15:06:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2ad.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| WOW function| $ function| jQuery function| K5aa function| J0II function| r0ii function| I5aa undefined| handleException function| h0kk function| _cl7y5t34110ayuira56do8 string| uid string| wid string| pop_fback object| pop_tag object| app_vars string| popns number| pop_cdn boolean| N3 object| IOarzRhPlP number| pop_fcap object| __core-js_shared__ object| core boolean| yektanet_2ad.ir_native-2ad.ir_is_loaded object| ynWebpackJsonp object| e function| Popper object| bootstrap function| ClipboardJS function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| copIed function| setTooltip function| setCookie function| cookie_accept string| GoogleAnalyticsObject function| ga boolean| yektanet_ua-script-24263_is_loaded function| yektanet object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha

10 Cookies

Domain/Path Name / Value
.yektanet.com/ Name: __cf_bm
Value: 2f0b430925daaa4248125daf3ebf742077cd798d-1608908795-1800-ATNapzo1Rg/RR6lfyg4CNtcjdy79wQrxxTY9QmD+HbDd17snf06z3oJOvPtBQ6X+O+z4niIrufhZfgp08xofh0I=
.2ad.ir/ Name: _ga
Value: GA1.2.1462892177.1608908797
2ad.ir/ Name: ab
Value: 2
2ad.ir/ Name: yektanet_session_last_activity
Value: 12/25/2020
2ad.ir/ Name: _yngt_iframe
Value: 1
2ad.ir/ Name: analytics_session_token
Value: c64768a1-d922-7d5f-92c9-dcc6fab575d7
2ad.ir/ Name: analytics_token
Value: 57966793-398e-84a7-963e-c3c1b034c8fe
.2ad.ir/ Name: _gat
Value: 1
.2ad.ir/ Name: _gid
Value: GA1.2.75609085.1608908797
2ad.ir/ Name: analytics_campaign
Value: {%22source%22:%22direct%22%2C%22medium%22:null}

7 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.popcash.net/show.js(Line 5)
Message:
Popunder Script @ popunderjs.com
console-api log URL: https://cdn.popcash.net/show.js(Line 5)
Message:
Author: Phan Thanh Cong <contact@ptcong.com>
console-api log URL: https://cdn.popcash.net/show.js(Line 5)
Message:
Version: 2.11.15
console-api log URL: https://cdn.popcash.net/show.js(Line 5)
Message:
Release: 2020/1/2
console-api log URL: https://cdn.popcash.net/show.js(Line 5)
Message:
111
console-api log URL: https://cdn.popcash.net/show.js(Line 5)
Message:
[License] Domains: popcash.net,@network,.local,localhost,127.0.0.1
console-api log URL: https://cdn.popcash.net/show.js(Line 5)
Message:
[License] Expires: 2021/2/15

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ad.ir
cdn.popcash.net
cdn.yektanet.com
dcba.popcash.net
fonts.googleapis.com
mellowads.com
mysp.ac
nfetch.yektanet.com
rukoval.com
ua.yektanet.com
www.google-analytics.com
www.google.com
www.gstatic.com
104.31.76.193
109.206.162.83
151.139.128.11
185.166.104.3
185.49.85.38
2600:1f18:510:800:47d:b712:3f09:ebd2
2606:4700::6810:e633
2a00:1450:4001:802::200a
2a00:1450:4001:809::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2004
63.135.90.71
02a62d14da490d9ec3abe10cbcf9dd90715da1041ed9bb80828bb961b57e1ef4
0337d3f5b2086e3fdd6ca3c21dfe31edb6a6dbaba1712ed8fd79d8b20f860be1
13812a30ddb5f43dee6b08795045e14f2463e6a54b0153f94c87d78e0ae2ca11
1e6f205f077fbc37d28acaa78f301ef8e2a799fe54a8cb36e3849c4f1485c813
2e1c6438ef38441c988bbfe871db2796fce5d2347461d4a014739578793f4363
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
679a1667967551b4b438dbf4dc8b5d71760f63d927e10aaf430a1a7a8966d330
79b18af33d3a5ef74b124a832b71ab46d563957b5ab979e98e540167d2e29c0f
97778b4ffa451edae2d54d345883b6cc937280ca8ee8db6de5085d6a46ad34ef
9893eac2f595d5f1bcb143573ef00b4d7c2f180c607db259aaae3a8521e9ffc5
9b37c68ea8d69f58c1eabce67ed611af0420a18ed352cec281c81d8997e426e4
9c5319300565ab132fa52f25af6cb3213ba65e8d53536d4945daccedb1b2944e
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a31d82c522e9f52a1cd187f5905bf9e6a4cb3629174cd75701a003d0e80ac451
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4
b9e651f9f87e827ce383bcd1accbd3f6441d160fb5ca56e4b24039e736cd1f18
c75f80593f1f326e56f74c059c0854f653da882ad076e1db2259947bb7ff3dd6
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
cfdceccefdf4e74cc021ae65f86507c1e529b50310d5623a03e96570263697f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e72153e433cb79df96dac0de4721b3654d530be58ba5758da4d464c8dca93bda
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec57324f11c244d438a9d6173ae4654b5f73217deffda8d30e79bda5ed2aa7cb
ef38f651b0cc8b1a4232fcb58c427a4347ee9dc89d949393bb1e9453b9f7b04c
f770a1bc3d67a50543fbf55333a835aab065346c3460f92145c9aa2ff1a34984
f90d0b6a571e8d4b9ec683cf79a6d0f7c0775de35ec289edf3a6a794c9b56ba7
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46